diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 2e5002d89..55e7a7236 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,148 +1,124 @@
# Contribute to developer.sailpoint.com
-The SailPoint Developer Relations Team is always actively working to improve https://developer.sailpoint.com to make the site as useful as possible to the SailPoint Developer Community.
-This means adding and maintaining new resources for the community, like new tools and educational content, along with accurate, complete, and current guides and information.
-The most valuable resource of all, however, is the community itself!
-We greatly appreciate any input, feedback, and direct contributions you can provide to the community, big or small.
-And we want to make the process of contributing to this project as easy and transparent as possible.
+The SailPoint Developer Relations Team is always actively working to improve https://developer.sailpoint.com to make the site as useful as possible to the SailPoint Developer Community. This means adding and maintaining new resources for the community, like new tools and educational content, along with accurate, complete, and current guides and information. The most valuable resource of all, however, is the community itself! We greatly appreciate any input, feedback, and direct contributions you can provide to the community, big or small. And we want to make the process of contributing to this project as easy and transparent as possible.
-This document will detail the different ways that you can contribute to the community.
+This document will detail the different ways that you can contribute to the community.
+
+These are the main ways that you can contribute:
-These are the main ways that you can contribute:
- [Report issues](#report-issues)
- [Request new features](#request-new-features)
- [Submit a fix](#submit-a-fix)
- [Submit a new feature](#submit-a-new-feature)
-## How we use GitHub
+## How we use GitHub
-We use GitHub to host code, track issues and feature requests, and manage contributions with pull requests.
+We use GitHub to host code, track issues and feature requests, and manage contributions with pull requests.
-This project is open source, which means that it's publicly accessible, allowing anyone who comes across it to view, share, and improve its source code.
+This project is open source, which means that it's publicly accessible, allowing anyone who comes across it to view, share, and improve its source code.
-## GitHub flow and pull requests
+## GitHub flow and pull requests
-The best way to propose changes to the codebase is to use pull requests, and [Github Flow](https://docs.github.com/en/get-started/quickstart/github-flow) is our preferred method of accepting pull requests.
+The best way to propose changes to the codebase is to use pull requests, and [Github Flow](https://docs.github.com/en/get-started/quickstart/github-flow) is our preferred method of accepting pull requests.
-This is the basic GitHub flow we use for direct contributions to the codebase:
+This is the basic GitHub flow we use for direct contributions to the codebase:
1. Fork the repository and create your own branch from `main`.
2. Make your changes in your `main` branch.
3. Push the changes to the repository's `main` branch.
-4. Create your pull request!
-5. SailPoint Developer Relations team members will review your pull request and merge it in!
+4. Create your pull request!
+5. SailPoint Developer Relations team members will review your pull request and merge it in!
## GitHub Issues
-We use [GitHub Issues](https://docs.github.com/en/issues/tracking-your-work-with-issues/about-issues) to publicly track bugs and feature requests.
+We use [GitHub Issues](https://docs.github.com/en/issues/tracking-your-work-with-issues/about-issues) to publicly track bugs and feature requests.
-## Report issues
+## Report issues
-You may encounter bugs and incorrect or outdated information when you explore the site.
-We appreciate your help in identifying bugs of all sizes, from broken links or typos to major issues preventing you from using a resource.
+You may encounter bugs and incorrect or outdated information when you explore the site. We appreciate your help in identifying bugs of all sizes, from broken links or typos to major issues preventing you from using a resource.
-We use GitHub issues to track bugs publicly. If you see an issue with the site, please [report it here](https://github.com/sailpoint-oss/developer.sailpoint.com/issues/new?assignees=&labels=&template=bug-report.md&title=%5BBug%5D+Your+Bug+Report+Here).
+We use GitHub issues to track bugs publicly. If you see an issue with the site, please [report it here](https://github.com/sailpoint-oss/developer.sailpoint.com/issues/new?assignees=&labels=&template=bug-report.md&title=%5BBug%5D+Your+Bug+Report+Here).
-We love thorough bug reports.
-The more details you include, the faster we can troubleshoot and fix the issue.
-Great bug reports include these details:
+We love thorough bug reports. The more details you include, the faster we can troubleshoot and fix the issue. Great bug reports include these details:
-1. A summary of the issue
-2. The steps we can take to reproduce the issue
- - Be as specific as you can when you describe these steps.
- - Give us sample code if you can.
+1. A summary of the issue
+2. The steps we can take to reproduce the issue
+ - Be as specific as you can when you describe these steps.
+ - Give us sample code if you can.
3. What you expect to happen
-4. What actually happens
+4. What actually happens
5. Screenshots
-6. The operating system you were using when you encountered the issue
-7. The browser you were using when you encountered the issue
-8. Notes
- - If you have an idea, tell us why you think the issue may be occurring, or what you think we should do to resolve it.
- - Whatever you tried that didn't work.
- - Anything else you think might be useful to us.
+6. The operating system you were using when you encountered the issue
+7. The browser you were using when you encountered the issue
+8. Notes
+ - If you have an idea, tell us why you think the issue may be occurring, or what you think we should do to resolve it.
+ - Whatever you tried that didn't work.
+ - Anything else you think might be useful to us.
## Request new features
-Many of our most valuable resources originate in ideas suggested by the community!
-You may have an idea that will improve the site.
-We would love to hear it and possibly implement it!
+Many of our most valuable resources originate in ideas suggested by the community! You may have an idea that will improve the site. We would love to hear it and possibly implement it!
We use GitHub issues to track feature requests. Please use [this template](https://github.com/sailpoint-oss/developer.sailpoint.com/issues/new?assignees=&labels=&template=feature-request.md&title=%5BFeature%5D+Your+Feature+Request+Here) when you request a new feature.
-We love thorough feature requests.
-The more details you include, the faster we can implement your request.
-Great feature requests include these details:
+We love thorough feature requests. The more details you include, the faster we can implement your request. Great feature requests include these details:
-1. Tell us whether this feature is related to a problem.
- - If it is, describe the problem.
-2. Describe your desired solution.
-3. Describe alternative solutions you may use yourself or other solutions you may have considered.
-4. Notes
- - If possible, include how you think this solution would benefit others.
- - Anything else you think might be useful to us.
+1. Tell us whether this feature is related to a problem.
+ - If it is, describe the problem.
+2. Describe your desired solution.
+3. Describe alternative solutions you may use yourself or other solutions you may have considered.
+4. Notes
+ - If possible, include how you think this solution would benefit others.
+ - Anything else you think might be useful to us.
## Submit a fix
-One of the main benefits of making our project open source is that it makes it possible for the community to contribute directly.
-We will always respond as quickly as we can to any issues you report, but if you know how to fix an issue, the fastest way to get it fixed is to submit a pull request and make the fix yourself!
-If you can do this, it's tremendously helpful to us in our efforts to improve the community, and, if you're interested, you will receive ambassador points for your fix.
-Check out the [ambassador program](https://developer.sailpoint.com/discuss/t/getting-started-as-a-developer-community-ambassador/11665) to learn more.
+One of the main benefits of making our project open source is that it makes it possible for the community to contribute directly. We will always respond as quickly as we can to any issues you report, but if you know how to fix an issue, the fastest way to get it fixed is to submit a pull request and make the fix yourself! If you can do this, it's tremendously helpful to us in our efforts to improve the community, and, if you're interested, you will receive ambassador points for your fix. Check out the [ambassador program](https://developer.sailpoint.com/discuss/t/getting-started-as-a-developer-community-ambassador/11665) to learn more.
-To submit a fix, follow these steps:
-1. Fork the repository and copy the `main` branch.
-2. Pull the latest code and ensure that it's running properly.
-3. Create a new branch from main.
- - Follow this naming convention for your branch: `fix/your-fix-name`
-4. Create a pull request from your branch to our origin repository's `main` branch!
+To submit a fix, follow these steps:
-Once you create the pull request, the SailPoint Developer Relations Team will be tagged.
-Someone will then review the pull request and merge it in!
+1. Fork the repository and copy the `main` branch.
+2. Pull the latest code and ensure that it's running properly.
+3. Create a new branch from main.
+ - Follow this naming convention for your branch: `fix/your-fix-name`
+4. Create a pull request from your branch to our origin repository's `main` branch!
+
+Once you create the pull request, the SailPoint Developer Relations Team will be tagged. Someone will then review the pull request and merge it in!
:::note
-You cannot directly make changes to the API specifications. These files are regularly pulled from a private repository and auto-generated.
+You cannot directly make changes to the API specifications. These files are regularly pulled from a private repository and auto-generated.
:::
## Submit a new feature
-We will always respond to your feature requests and implement them as soon as we can.
-However, if you have an idea for a new feature and know how to implement it yourself, the fastest way to add the feature is to submit a pull request and add the feature yourself!
-If you can do this, we greatly appreciate it, and other community members will benefit from your contribution!
-And if you're interested, you will receive ambassador points for your feature contribution.
-Check out the [ambassador program](https://developer.sailpoint.com/discuss/t/getting-started-as-a-developer-community-ambassador/11665) to learn more.
+We will always respond to your feature requests and implement them as soon as we can. However, if you have an idea for a new feature and know how to implement it yourself, the fastest way to add the feature is to submit a pull request and add the feature yourself! If you can do this, we greatly appreciate it, and other community members will benefit from your contribution! And if you're interested, you will receive ambassador points for your feature contribution. Check out the [ambassador program](https://developer.sailpoint.com/discuss/t/getting-started-as-a-developer-community-ambassador/11665) to learn more.
-To submit a new feature, follow these steps:
-1. Fork the repository and copy the `main` branch.
-2. Pull the latest code and ensure that it's running properly.
-3. Create a new branch from main.
- - Follow this naming convention for your branch: `feature/your-feature-name`
-4. Create a pull request from your branch to our origin repository's `main` branch!
+To submit a new feature, follow these steps:
-Once you create the pull request, the SailPoint Developer Relations Team will be tagged.
-Someone will then review the pull request and merge it in!
+1. Fork the repository and copy the `main` branch.
+2. Pull the latest code and ensure that it's running properly.
+3. Create a new branch from main.
+ - Follow this naming convention for your branch: `feature/your-feature-name`
+4. Create a pull request from your branch to our origin repository's `main` branch!
+
+Once you create the pull request, the SailPoint Developer Relations Team will be tagged. Someone will then review the pull request and merge it in!
:::note
-You cannot directly make changes to the API specifications. These files are regularly pulled from a private repository and auto-generated.
+You cannot directly make changes to the API specifications. These files are regularly pulled from a private repository and auto-generated.
:::
-## Report general issues
+## Report general issues
-It's possible that none of the options listed here will properly address your issue.
-If you have a general issue, you can submit a general issue by using GitHub's [issues](https://github.com/sailpoint-oss/developer.sailpoint.com/issues).
-Add as much detail as you can to your issue, and we will address it as quickly as we can.
+It's possible that none of the options listed here will properly address your issue. If you have a general issue, you can submit a general issue by using GitHub's [issues](https://github.com/sailpoint-oss/developer.sailpoint.com/issues). Add as much detail as you can to your issue, and we will address it as quickly as we can.
## Discuss on the forum
-What makes the SailPoint Developer Community great is its brilliant, knowledgeable members!
-If you have a question, problem, or idea, one of the best ways to get answers or resolutions is to go to the [Developer Community Forum](https://developer.sailpoint.com/discuss) to discuss them directly with the community on the forum.
-The SailPoint Developer Relations Team, the community ambassadors, and other members will be there to discuss them with you.
-And once you're there, you can help others on the forum too!
-If you're interested, you will receive ambassador points for the issues you help others resolve on the forum.Check out the [ambassador program](https://developer.sailpoint.com/discuss/t/getting-started-as-a-developer-community-ambassador/11665) to learn more.
+What makes the SailPoint Developer Community great is its brilliant, knowledgeable members! If you have a question, problem, or idea, one of the best ways to get answers or resolutions is to go to the [Developer Community Forum](https://developer.sailpoint.com/discuss) to discuss them directly with the community on the forum. The SailPoint Developer Relations Team, the community ambassadors, and other members will be there to discuss them with you. And once you're there, you can help others on the forum too! If you're interested, you will receive ambassador points for the issues you help others resolve on the forum.Check out the [ambassador program](https://developer.sailpoint.com/discuss/t/getting-started-as-a-developer-community-ambassador/11665) to learn more.
## MIT Software License
-This project uses the [MIT License](http://choosealicense.com/licenses/mit/).
-Whenever you submit code changes, your submissions are held under the same MIT license that covers the project.
+This project uses the [MIT License](http://choosealicense.com/licenses/mit/). Whenever you submit code changes, your submissions are held under the same MIT license that covers the project.
diff --git a/algolia/config.json b/algolia/config.json
index 07610a43e..616471f85 100644
--- a/algolia/config.json
+++ b/algolia/config.json
@@ -184,11 +184,7 @@
"hierarchy.lvl0",
"hierarchy.lvl1"
],
- "searchableAttributes": [
- "tags",
- "hierarchy.lvl0",
- "hierarchy.lvl1"
- ]
+ "searchableAttributes": ["tags", "hierarchy.lvl0", "hierarchy.lvl1"]
},
"conversation_id": ["1090805758"],
"nb_hits": 8687
diff --git a/archive/StreamService.js b/archive/StreamService.js
index b8f6b0af1..4805797c5 100644
--- a/archive/StreamService.js
+++ b/archive/StreamService.js
@@ -2,7 +2,6 @@ import md5 from 'crypto-js/md5';
export const URL = 'https://developerdays.sailpoint.com';
-
export async function getFAQ() {
try {
const response = await fetch(URL + '/faq');
diff --git a/archive/agenda/styles.module.css b/archive/agenda/styles.module.css
index 53f8b231f..0d26690a8 100644
--- a/archive/agenda/styles.module.css
+++ b/archive/agenda/styles.module.css
@@ -149,7 +149,8 @@
.stageButton:disabled {
background: #ffffff;
- box-shadow: inset -5.0934px -5.0934px 15.2802px rgba(255, 255, 255, 0.5),
+ box-shadow:
+ inset -5.0934px -5.0934px 15.2802px rgba(255, 255, 255, 0.5),
inset 5.0934px 5.0934px 15.2802px rgba(136, 160, 183, 0.25);
border-radius: 20.3736px;
}
diff --git a/archive/conference/Hero/index.js b/archive/conference/Hero/index.js
index cde54f41f..653f5f487 100644
--- a/archive/conference/Hero/index.js
+++ b/archive/conference/Hero/index.js
@@ -11,7 +11,7 @@ export default function ConferenceHero() {
- );
+ return ;
}
diff --git a/backend/package.json b/backend/package.json
index 9a689ccd6..7443b52d9 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -1,30 +1,29 @@
{
- "name": "delete-test-01",
- "description": "delete-test-01-description",
- "version": "0.0.1",
- "private": true,
- "dependencies": {
- "@aws-sdk/client-dynamodb": "^3.188.0",
- "@aws-sdk/lib-dynamodb": "^3.188.0"
- },
- "devDependencies": {
- "aws-sdk-client-mock": "^2.0.0",
- "jest": "^29.2.1"
- },
- "scripts": {
- "test": "node --experimental-vm-modules ./node_modules/jest/bin/jest.js"
- },
- "jest": {
- "testMatch": [
- "**/__tests__/**/*.[jt]s?(x)",
- "**/?(*.)+(spec|test).[jt]s?(x)",
- "**/__tests__/**/*.mjs?(x)",
- "**/?(*.)+(spec|test).mjs?(x)"
- ],
- "moduleFileExtensions": [
- "mjs",
- "js"
- ]
- }
+ "name": "delete-test-01",
+ "description": "delete-test-01-description",
+ "version": "0.0.1",
+ "private": true,
+ "dependencies": {
+ "@aws-sdk/client-dynamodb": "^3.188.0",
+ "@aws-sdk/lib-dynamodb": "^3.188.0"
+ },
+ "devDependencies": {
+ "aws-sdk-client-mock": "^2.0.0",
+ "jest": "^29.2.1"
+ },
+ "scripts": {
+ "test": "node --experimental-vm-modules ./node_modules/jest/bin/jest.js"
+ },
+ "jest": {
+ "testMatch": [
+ "**/__tests__/**/*.[jt]s?(x)",
+ "**/?(*.)+(spec|test).[jt]s?(x)",
+ "**/__tests__/**/*.mjs?(x)",
+ "**/?(*.)+(spec|test).mjs?(x)"
+ ],
+ "moduleFileExtensions": [
+ "mjs",
+ "js"
+ ]
+ }
}
-
diff --git a/backend/src/auth/index.js b/backend/src/auth/index.js
index 4fd93c40a..33b01a854 100644
--- a/backend/src/auth/index.js
+++ b/backend/src/auth/index.js
@@ -1,46 +1,47 @@
exports.authHandler = async (event) => {
- const token = event.headers.authorization;
+ const token = event.headers.authorization;
- const expectedUsername = process.env.AUTH_USERNAME;
- const expectedPassword = process.env.AUTH_PASSWORD;
+ const expectedUsername = process.env.AUTH_USERNAME;
+ const expectedPassword = process.env.AUTH_PASSWORD;
- try {
- const { username, password } = decodeAuthToken(token);
- if (username === expectedUsername && password === expectedPassword) {
- return generatePolicy('user', 'Allow', event.routeArn);
- } else {
- throw new Error('Unauthorized');
- }
- } catch (err) {
- console.log(err.message);
- return generatePolicy('user', 'Deny', event.routeArn);
+ try {
+ const {username, password} = decodeAuthToken(token);
+ if (username === expectedUsername && password === expectedPassword) {
+ return generatePolicy('user', 'Allow', event.routeArn);
+ } else {
+ throw new Error('Unauthorized');
}
+ } catch (err) {
+ console.log(err.message);
+ return generatePolicy('user', 'Deny', event.routeArn);
+ }
};
function decodeAuthToken(token) {
- if (!token || !token.startsWith('Basic ')) {
- throw new Error('Missing or invalid Authorization header');
- }
+ if (!token || !token.startsWith('Basic ')) {
+ throw new Error('Missing or invalid Authorization header');
+ }
- const base64Credentials = token.split(' ')[1];
- const credentials = Buffer.from(base64Credentials, 'base64').toString('ascii');
- const [username, password] = credentials.split(':');
- return { username, password };
+ const base64Credentials = token.split(' ')[1];
+ const credentials = Buffer.from(base64Credentials, 'base64').toString(
+ 'ascii',
+ );
+ const [username, password] = credentials.split(':');
+ return {username, password};
}
function generatePolicy(principalId, effect, resource) {
- return {
- principalId,
- policyDocument: {
- Version: '2012-10-17',
- Statement: [
- {
- Action: 'execute-api:Invoke',
- Effect: effect,
- Resource: resource
- }
- ]
- }
- };
+ return {
+ principalId,
+ policyDocument: {
+ Version: '2012-10-17',
+ Statement: [
+ {
+ Action: 'execute-api:Invoke',
+ Effect: effect,
+ Resource: resource,
+ },
+ ],
+ },
+ };
}
-
diff --git a/docs/api/api-specifications.md b/docs/api/api-specifications.md
index 83318704a..1a14f0b76 100644
--- a/docs/api/api-specifications.md
+++ b/docs/api/api-specifications.md
@@ -11,11 +11,11 @@ slug: /api/api-specifications
tags: ['API Specifications']
---
-## Overview
+## Overview
-The Identity Security Cloud (ISC) APIs provide developers with a way to interact with the ISC platform and extend it. Developers can leverage these APIs to customize their platform experiences and build new solutions and integrations that meet their needs.
+The Identity Security Cloud (ISC) APIs provide developers with a way to interact with the ISC platform and extend it. Developers can leverage these APIs to customize their platform experiences and build new solutions and integrations that meet their needs.
-The API specifications contain detailed information of how to send requests to each API endpoint, as well as example requests and responses. They also include essential information about how to use the APIs and guides you can follow to get started.
+The API specifications contain detailed information of how to send requests to each API endpoint, as well as example requests and responses. They also include essential information about how to use the APIs and guides you can follow to get started.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
@@ -24,8 +24,8 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
-## Discuss
+## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the ISC APIs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/tags/c/isc/6/apis).
+To learn more about the ISC APIs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/tags/c/isc/6/apis).
diff --git a/docs/api/authentication.md b/docs/api/authentication.md
index 6dd6aa905..96c0b074d 100644
--- a/docs/api/authentication.md
+++ b/docs/api/authentication.md
@@ -15,20 +15,13 @@ import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
## Overview
-With SailPoint's Identity Security Cloud (ISC) APIs, you can extend your ISC platform far beyond its current capabilities.
-
-To be able to do so, you must first authenticate to the ISC APIs.
-Authentication is the act of validating a user's identity, generally by passing some kind of credentials.
-A fast, simple way to authenticate to the APIs is to generate a [personal access token](#generate-a-personal-access-token) and pass that token.
+With SailPoint's Identity Security Cloud (ISC) APIs, you can extend your ISC platform far beyond its current capabilities. To be able to do so, you must first authenticate to the ISC APIs. Authentication is the act of validating a user's identity, generally by passing some kind of credentials. A fast, simple way to authenticate to the APIs is to generate a [personal access token](#generate-a-personal-access-token) and pass that token.
-If the PAT is valid, the API responds with a JSON Web Token (JWT) `access_token` that you can provide to authorize your API requests.
-Authorization is the act of validating the user's permission to access a given resource.
-A successful API request must include the `access_token` in the `Authorization` request header.
+If the PAT is valid, the API responds with a JSON Web Token (JWT) `access_token` that you can provide to authorize your API requests. Authorization is the act of validating the user's permission to access a given resource. A successful API request must include the `access_token` in the `Authorization` request header.
-This JWT `access_token` grants access matching that of the user who generated the PAT.
-For example, if the user who generated the PAT is an admin, the returned JWT `access_token` would grant admin access to the APIs.
+This JWT `access_token` grants access matching that of the user who generated the PAT. For example, if the user who generated the PAT is an admin, the returned JWT `access_token` would grant admin access to the APIs.
-This diagram shows the flow of this authentication/authorization process:
+This diagram shows the flow of this authentication/authorization process:
@@ -49,23 +42,23 @@ sequenceDiagram
-The flow involves these four key steps:
-1. **Access Token Request**: The HTTP client (a script, application, Postman, cURL, etc.) makes a request to ISC to get a JWT `access_token`.
-2. **Access Token Response**: If the request is valid, ISC responds to the HTTP client with a JWT `access_token`.
-3. **API Request**: The HTTP client makes a request to an ISC endpoint with the header, `Authorization: Bearer {access_token}`.
-4. **API Response**: If both the request itself and the JWT `access_token` in its header are valid, ISC responds to the client.
-If you encounter unexpected errors, refer to the [Troubleshooting](#troubleshooting) section of this document.
+The flow involves these four key steps:
-The idea is that once you have authenticated to the ISC APIs and you have received an `access_token`, you can use that `access_token` to provide authorization for your API requests.
+1. **Access Token Request**: The HTTP client (a script, application, Postman, cURL, etc.) makes a request to ISC to get a JWT `access_token`.
+2. **Access Token Response**: If the request is valid, ISC responds to the HTTP client with a JWT `access_token`.
+3. **API Request**: The HTTP client makes a request to an ISC endpoint with the header, `Authorization: Bearer {access_token}`.
+4. **API Response**: If both the request itself and the JWT `access_token` in its header are valid, ISC responds to the client. If you encounter unexpected errors, refer to the [Troubleshooting](#troubleshooting) section of this document.
-This document includes all the information you need to know to engage in this authentication/authorization process, as well as a guide on how to get started.
+The idea is that once you have authenticated to the ISC APIs and you have received an `access_token`, you can use that `access_token` to provide authorization for your API requests.
+
+This document includes all the information you need to know to engage in this authentication/authorization process, as well as a guide on how to get started.
## Get started
-Read this guide to learn how to authenticate to SailPoint's ISC APIs.
+Read this guide to learn how to authenticate to SailPoint's ISC APIs.
+
+To authenticate to the ISC APIs, you must be able to connect to your tenant to send the access token request. To do so, you need to do the following:
-To authenticate to the ISC APIs, you must be able to connect to your tenant to send the access token request.
-To do so, you need to do the following:
1. [Find your tenant's OAuth details](#find-your-tenant's-oauth-details)
2. [Generate personal access token](#generate-personal-access-token)
3. [Choose authorization grant flow](#choose-authorization-grant-flow)
@@ -73,21 +66,19 @@ To do so, you need to do the following:
### Find your tenant's OAuth details
-Your tenant's OAuth details refer to the details you need to know to connect it to the APIs.
-You need to know your tenant's name, its `authorizeEndpoint` URL, and its `tokenEndpoint` URL.
+Your tenant's OAuth details refer to the details you need to know to connect it to the APIs. You need to know your tenant's name, its `authorizeEndpoint` URL, and its `tokenEndpoint` URL.
-Your ISC instance is likely using the domain name supplied by SailPoint (`{tenant}.api.identitynow.com`), in which case, the tenant name is in the URL.
-This is assumed to be the case in this guide.
-However, if your ISC instance is using a vanity URL, you must enter this URL into your browser to get your OAuth info:
-`https://{tenant}.api.identitynow.com/oauth/info`
+Your ISC instance is likely using the domain name supplied by SailPoint (`{tenant}.api.identitynow.com`), in which case, the tenant name is in the URL. This is assumed to be the case in this guide.
+However, if your ISC instance is using a vanity URL, you must enter this URL into your browser to get your OAuth info: `https://{tenant}.api.identitynow.com/oauth/info`
+
+If you have admin access but don't know your tenant name, you can learn it by following these steps:
-If you have admin access but don't know your tenant name, you can learn it by following these steps:
1. Log into your ISC instance.
-2. Select the 'Dashboard' dropdown.
-3. Select 'Overview'.
-4. Find the tenant name ('Org Name') in the dashboard's `Org Details` section.
+2. Select the 'Dashboard' dropdown.
+3. Select 'Overview'.
+4. Find the tenant name ('Org Name') in the dashboard's `Org Details` section.
-This is an example of the OAuth details of the tenant, "iga-acme-sb":
+This is an example of the OAuth details of the tenant, "iga-acme-sb":
```json
{
@@ -101,25 +92,21 @@ This is an example of the OAuth details of the tenant, "iga-acme-sb":
}
```
-You can use the `authorizeEndpoint` and `tokenEndpoint` URLs from this example to test out the different authentication methods listed in this guide.
+You can use the `authorizeEndpoint` and `tokenEndpoint` URLs from this example to test out the different authentication methods listed in this guide.
-### Generate a personal access token
+### Generate a personal access token
-A personal access token (PAT) is a method of authenticating to an API as a user without providing a username and password.
-PATs are primarily used in scripts or programs that lack an easy way to implement an OAuth2 flow but need to call API endpoints that require user context.
-PATs are also convenient for use in tools like [Postman](https://www.postman.com/) when you are exploring and testing the APIs.
+A personal access token (PAT) is a method of authenticating to an API as a user without providing a username and password. PATs are primarily used in scripts or programs that lack an easy way to implement an OAuth2 flow but need to call API endpoints that require user context. PATs are also convenient for use in tools like [Postman](https://www.postman.com/) when you are exploring and testing the APIs.
-Any ISC user can generate a PAT.
-To do so, follow these steps:
-1. Select **Preferences** from the drop-down menu under your username, then **Personal Access Tokens** on the left.
-You can also go directly to the page by using this URL (replace `{tenant}` with your Identity Security Cloud tenant): `https://{tenant}.identitynow.com/ui/d/user-preferences/personal-access-tokens`
+Any ISC user can generate a PAT. To do so, follow these steps:
+
+1. Select **Preferences** from the drop-down menu under your username, then **Personal Access Tokens** on the left. You can also go directly to the page by using this URL (replace `{tenant}` with your Identity Security Cloud tenant): `https://{tenant}.identitynow.com/ui/d/user-preferences/personal-access-tokens`
2. Click **New Token** and enter a meaningful description to help differentiate the token from others.
:::caution
-The **New Token** button will be disabled when you reach the limit of 10 personal access tokens per user.
-To avoid reaching this limit, it is recommended that you delete any tokens that are no longer necessary.
+The **New Token** button will be disabled when you reach the limit of 10 personal access tokens per user. To avoid reaching this limit, it is recommended that you delete any tokens that are no longer necessary.
:::
@@ -135,29 +122,25 @@ After you create the token, the value of the `Client ID` will be visible in the
To generate a personal access token from the API, use the [create personal access token endpoint](/docs/api/beta/create-personal-access-token).
-Once you have created the PAT and you know its `Client ID` and `Client Secret`, you have everything you need to follow the [Client Credentials Grant Flow](#request-access-token-with-client-credentials-grant-flow) and use the PAT to generate an `access_token`.
-You will need this `access_token` to authenticate your requests to the APIs.
+Once you have created the PAT and you know its `Client ID` and `Client Secret`, you have everything you need to follow the [Client Credentials Grant Flow](#request-access-token-with-client-credentials-grant-flow) and use the PAT to generate an `access_token`. You will need this `access_token` to authenticate your requests to the APIs.
### Choose authorization grant flow
-There are several different authorization flows that OAuth 2.0 supports, and each has a grant-type defining its different use cases.
-You must choose the one that best serves your purposes.
-This document covers these three common flows:
+There are several different authorization flows that OAuth 2.0 supports, and each has a grant-type defining its different use cases. You must choose the one that best serves your purposes. This document covers these three common flows:
1. [**Client Credentials**](https://oauth.net/2/grant-types/client-credentials/) - Clients use this grant type to obtain a JWT `access_token` without user involvement such as scripts, programs or system to system integration.
2. [**Authorization Code**](https://oauth.net/2/grant-types/authorization-code/) - Clients use this grant type to exchange an authorization code for an `access_token`. Authorization codes are mainly used by web applications because there is a login into ISC with a subsequent redirect back to the web application/client.
3. [**Refresh Token**](https://oauth.net/2/grant-types/refresh-token/) - Clients use this grant type to exchange a refresh token for a new `access_token` when the existing `access_token` has expired. This allows clients to continue using the APIs without having to re-authenticate as frequently. This grant type is commonly used together with `Authorization Code` to prevent a user from having to log in several times per day.
-One way to determine which authorization flow you need to use is to look at the specification for the endpoint you want to use.
-The endpoint will have the supported OAuth flows listed under the 'Authorization' dropdown, like the [List Access Profiles endpoint](https://developer.sailpoint.com/docs/api/beta/list-access-profiles):
+One way to determine which authorization flow you need to use is to look at the specification for the endpoint you want to use. The endpoint will have the supported OAuth flows listed under the 'Authorization' dropdown, like the [List Access Profiles endpoint](https://developer.sailpoint.com/docs/api/beta/list-access-profiles):
For more information about how to choose the best grant flow for your use case, refer to [Grant Flow Use Cases](#grant-flow-use-cases)
-The guide will detail the three different authorization grant flows you can use to request the access token you need to authenticate your requests.
+The guide will detail the three different authorization grant flows you can use to request the access token you need to authenticate your requests.
-### Request access token with client credentials grant flow
+### Request access token with client credentials grant flow
Clients use the 'Client Credentials' grant type to obtain access tokens without user involvement. This is the simplest authentication flow.
@@ -185,25 +168,25 @@ An OAuth 2.0 client using the client credentials grant flow must have `CLIENT_CR
This is the overall authorization flow:
1. The client first submits an OAuth 2.0 token request to ISC in this form:
-
+
```text
POST https://{tenant}.api.identitynow.com/oauth/token
```
-
-The request includes the client credential information passed in the request body, as shown in this example using [Postman](https://www.getpostman.com):
+
+The request includes the client credential information passed in the request body, as shown in this example using [Postman](https://www.getpostman.com):
-This example shows how to pass the information with form-data in the request body. You can also use these options to pass in the information:
+This example shows how to pass the information with form-data in the request body. You can also use these options to pass in the information:
-- Use x-www-form-urlencoded data to pass in the client credential information in the request body.
-- Use query parameters to pass the information in the request URL. The request URL will look like this:
+- Use x-www-form-urlencoded data to pass in the client credential information in the request body.
+- Use query parameters to pass the information in the request URL. The request URL will look like this:
```text
https://{tenant}.api.identitynow.com/oauth/token?grant_type=client_credentials&client_id={{clientId}}&client_secret={{clientSecret}}
```
- If you are using Postman, you can use the 'Authorization' tab to pass in the client credentials. If you use this option, you must also specify the access token URL: https://{tenant}.api.identitynow.com/oauth/token
-The OAuth 2.0 token request must include this information:
+The OAuth 2.0 token request must include this information:
| Key | Description |
| --- | --- |
@@ -221,23 +204,19 @@ curl --location 'https://{tenant}.api.identitynow.com/oauth/token' \
--form 'client_secret="{clientSecret}"'
```
-2. ISC validates the token request and responds.
-If the request is successful, the response contains a JWT access token.
-For more information about the JWT access token in the response, refer to [#OAuth-token-response](#oauth-token-response).
+2. ISC validates the token request and responds. If the request is successful, the response contains a JWT access token. For more information about the JWT access token in the response, refer to [#OAuth-token-response](#oauth-token-response).
-Once you have the JWT access token, you can pass the token as a basic "Authorization" header in your requests using the OAuth endpoints.
+Once you have the JWT access token, you can pass the token as a basic "Authorization" header in your requests using the OAuth endpoints.
-To learn more about the OAuth client credentials grant flow, refer [here](https://oauth.net/2/grant-types/client-credentials/).
+To learn more about the OAuth client credentials grant flow, refer [here](https://oauth.net/2/grant-types/client-credentials/).
-### Request access token with authorization code grant flow
+### Request access token with authorization code grant flow
Further Reading: [https://oauth.net/2/grant-types/authorization-code/](https://oauth.net/2/grant-types/authorization-code/)
-Clients use this grant type to exchange an authorization code for an `access_token`.
-This is mainly used for web apps because there is a login into ISC with a subsequent redirect back to the web app/client.
+Clients use this grant type to exchange an authorization code for an `access_token`. This is mainly used for web apps because there is a login into ISC with a subsequent redirect back to the web app/client.
-The OAuth 2.0 client you are using must have `AUTHORIZATION_CODE` as one of its grant types.
-The redirect URLs must also match the list in the client as well:
+The OAuth 2.0 client you are using must have `AUTHORIZATION_CODE` as one of its grant types. The redirect URLs must also match the list in the client as well:
```json
{
@@ -258,9 +237,9 @@ The redirect URLs must also match the list in the client as well:
-The authorization code grant flow looks a little different because it involves the exchange of the access token and authorization code.
+The authorization code grant flow looks a little different because it involves the exchange of the access token and authorization code.
-This diagram shows the authorization code grant flow:
+This diagram shows the authorization code grant flow:
@@ -310,8 +289,7 @@ The token endpoint URL is `{tenant}.api.identitynow.com`, and the authorize URL
:::
-7. ISC validates the token request and submits a response. If the request is successful, the response contains a JWT `access_token`.
-For more information about the JWT access token in the response, refer to [#OAuth-token-response](#oauth-token-response).
+7. ISC validates the token request and submits a response. If the request is successful, the response contains a JWT `access_token`. For more information about the JWT access token in the response, refer to [#OAuth-token-response](#oauth-token-response).
These are the query parameters in the OAuth 2.0 token request for the authorization code grant:
@@ -328,14 +306,14 @@ Here is an example OAuth 2.0 token request for the authorization code grant type
curl -X POST \
'https://example.api.identitynow.com/oauth/token?grant_type=authorization_code&client_id=b61429f5-203d-494c-94c3-04f54e17bc5c&code=6688LQJB0y652z6ZjFmkCKuBUjv2sTIqKS2JthWrZ7qlPgI9TClJ6FnpweEhO6w7&redirect_uri=https://myappdomain.com/oauth/redirect' \
-H 'cache-control: no-cache'
-
+
```
-Once you have the JWT access token, you can pass the token as a basic "Authorization" header in your requests using the OAuth endpoints.
+Once you have the JWT access token, you can pass the token as a basic "Authorization" header in your requests using the OAuth endpoints.
For more information about the OAuth authorization code grant flow, refer [here](https://oauth.net/2/grant-types/authorization-code/).
-### Request access token with refresh token grant flow
+### Request access token with refresh token grant flow
Clients use this grant type in order to exchange a refresh token for a new `access_token` once the existing `access_token` has expired. This allows clients to continue to have a valid `access_token` without the need for the user to login as frequently.
@@ -386,9 +364,9 @@ curl -X POST \
-H 'cache-control: no-cache'
```
-Once you have the `refresh_token`, you can pass the `refresh_token` as a basic "Authorization" header in your requests using the OAuth endpoints, allowing your requests to continue to succeed without being affected by the expired `access_token`.
+Once you have the `refresh_token`, you can pass the `refresh_token` as a basic "Authorization" header in your requests using the OAuth endpoints, allowing your requests to continue to succeed without being affected by the expired `access_token`.
-For more information about the OAuth refresh token grant flow, refer [here](https://oauth.net/2/grant-types/refresh-token/).
+For more information about the OAuth refresh token grant flow, refer [here](https://oauth.net/2/grant-types/refresh-token/).
### OAuth token response
@@ -415,9 +393,7 @@ A successful request using any of the grant flows to `https://{tenant}.api.ident
}
```
-You can use the JWT `access_token` to authorize REST API calls through the ISC API gateway.
-To use the `access_token`, simply include it in the `Authorization` header as a `Bearer` token.
-This is an example V3 API request that has the access token in the header:
+You can use the JWT `access_token` to authorize REST API calls through the ISC API gateway. To use the `access_token`, simply include it in the `Authorization` header as a `Bearer` token. This is an example V3 API request that has the access token in the header:
```bash
curl -X GET \
@@ -426,34 +402,27 @@ curl -X GET \
-H 'cache-control: no-cache'
```
-Some of the other values can also be useful to know:
-- The `expires_in` value describes the lifetime, in seconds, of the `access_token`.
-For example, the value 749 means that the `access_token` will expire 12.5 minutes from the time the response was generated.
-The exact expiration date is also contained within the `access_token`.
-You can view this expiration time by decoding the JWT `access_token` using a tool like [jwt.io](https://jwt.io/).
+Some of the other values can also be useful to know:
-- The `refresh token` exists for use in the refresh token grant flow to replace the `access_token` when it expires.
-However, the `refresh_token` will only be present if the API client has the `REFRESH_TOKEN` grant flow.
+- The `expires_in` value describes the lifetime, in seconds, of the `access_token`. For example, the value 749 means that the `access_token` will expire 12.5 minutes from the time the response was generated. The exact expiration date is also contained within the `access_token`. You can view this expiration time by decoding the JWT `access_token` using a tool like [jwt.io](https://jwt.io/).
-- The `user_id` and `identity_id` define the identity context of the person who authenticated.
-However, these values aren't set for the client credentials grant type because it doesn't have a user context.
+- The `refresh token` exists for use in the refresh token grant flow to replace the `access_token` when it expires. However, the `refresh_token` will only be present if the API client has the `REFRESH_TOKEN` grant flow.
-With the JWT `access_token`, you can now successfully send authenticated ISC API requests. To learn more about authorization and the scopes you can apply to further control access to the APIs, refer to [Authorization](/docs/api/authorization).
+- The `user_id` and `identity_id` define the identity context of the person who authenticated. However, these values aren't set for the client credentials grant type because it doesn't have a user context.
+
+With the JWT `access_token`, you can now successfully send authenticated ISC API requests. To learn more about authorization and the scopes you can apply to further control access to the APIs, refer to [Authorization](/docs/api/authorization).
## More Information
-This section of the document includes additional information about the authentication/authorization process, including some different use cases for the different authorization grant flows.
+This section of the document includes additional information about the authentication/authorization process, including some different use cases for the different authorization grant flows.
-### OAuth 2.0
-The SailPoint authentication/authorization model is fully [OAuth 2.0](https://oauth.net/2/) compliant.
-[OAuth 2.0](https://oauth.net/2/) is an industry-standard protocol for authorization.
-It provides a variety of authorization flows for web applications, desktop applications, mobile phones, and devices.
-This specification and its extensions are developed within the [IETF OAuth Working Group](https://www.ietf.org/mailman/listinfo/oauth).
+### OAuth 2.0
+
+The SailPoint authentication/authorization model is fully [OAuth 2.0](https://oauth.net/2/) compliant. [OAuth 2.0](https://oauth.net/2/) is an industry-standard protocol for authorization. It provides a variety of authorization flows for web applications, desktop applications, mobile phones, and devices. This specification and its extensions are developed within the [IETF OAuth Working Group](https://www.ietf.org/mailman/listinfo/oauth).
### JSON Web Token
-The issued JWT `access_token` leverages the [JSON Web Token (JWT)](https://jwt.io/) standard.
-JWT is an industry-standard protocol for creating access tokens which assert various claims about the resource who has authenticated.
-The tokens have a specific structure consisting of a header, payload, and signature.
+
+The issued JWT `access_token` leverages the [JSON Web Token (JWT)](https://jwt.io/) standard. JWT is an industry-standard protocol for creating access tokens which assert various claims about the resource who has authenticated. The tokens have a specific structure consisting of a header, payload, and signature.
A raw JWT might look like this:
@@ -513,43 +482,43 @@ You can check the JWT access token data online at [jwt.io](https://jwt.io).
### Grant flow use cases
-This section describes some different use cases and which grant flow you would want to use for the different cases.
+This section describes some different use cases and which grant flow you would want to use for the different cases.
#### Daily work or quick actions
For daily work or short, quick administrative actions, you can just use a PAT. This makes the process easier because you don't really need to worry about grant types - you can easily generate a PAT in the user interface (UI).
-Follow these steps to do so:
+Follow these steps to do so:
+
1. Log in to ISC.
-2. Go to 'Preferences', then 'Personal Access Tokens', and [generate a PAT](#generate-a-personal-access-token).
-3. The PAT's `client_id` and `client_secret` provide the necessary authentication to send API requests, without any grant flow.
+2. Go to 'Preferences', then 'Personal Access Tokens', and [generate a PAT](#generate-a-personal-access-token).
+3. The PAT's `client_id` and `client_secret` provide the necessary authentication to send API requests, without any grant flow.
#### Postman
+
[Postman](https://www.postman.com/) is a popular HTTP client you can use to design, build, test, and iterate your APIs. Postman users and teams can create public workspaces they can use to make it easy to access their API collections and environments and get started. SailPoint maintains a [public workspace for the Identity Security Cloud API collections](https://www.postman.com/sailpoint/workspace/identitynow). You can use this workspace to access all the ISC API collections and stay up to date.
-If you're using Postman, you have some different ways to set up your authorization.
-You can just leverage the accessToken as mentioned above, or you can configure Postman to use OAuth 2.0 directly.
-For more information about how to do so, refer [here](https://learning.postman.com/docs/sending-requests/authorization/).
+If you're using Postman, you have some different ways to set up your authorization. You can just leverage the accessToken as mentioned above, or you can configure Postman to use OAuth 2.0 directly. For more information about how to do so, refer [here](https://learning.postman.com/docs/sending-requests/authorization/).
+
+#### Web applications
-#### Web applications
If you are making a web application, the best grant flow to use is the [Authorization Code grant flow](#request-access-token-with-authorization-grant-flow). This will allow users to be directed to ISC to login and then redirected back to the web application through a URL redirect. This also works well with Single Sign-on (SSO), strong authentication, and pass-through authentication mechanisms.
-SailPoint doesn't recommend using a password grant flow for web applications because doing so would involve entering ISC credentials in the web application.
-This flow also doesn't allow you to work with SSO, strong authentication, or pass-through authentication.
+SailPoint doesn't recommend using a password grant flow for web applications because doing so would involve entering ISC credentials in the web application. This flow also doesn't allow you to work with SSO, strong authentication, or pass-through authentication.
#### Scripts, programs or system to system integration
-If you are writing scripts, programs or system integrations that leverage the ISC APIs, the OAuth 2.0 grant you should use typically depends on what you're doing and the user context you need to operate under.
+
+If you are writing scripts, programs or system integrations that leverage the ISC APIs, the OAuth 2.0 grant you should use typically depends on what you're doing and the user context you need to operate under.
Because scripts, code, and programs lack an interactive web-interface, it is difficult, but not impossible, to implement a working authorization code grant flow. System to system integrations may require an elevated level of access and utilize a service account to make API calls beyond the privileges of the authenticated user.
-Most scripts, programs, and many integrations use the [Client Credentials grant flow](#request-access-token-with-client-credentials-grant-flow).
-Using a PAT allows your API calls to work within a user context making client credentials ideal.
+Most scripts, programs, and many integrations use the [Client Credentials grant flow](#request-access-token-with-client-credentials-grant-flow). Using a PAT allows your API calls to work within a user context making client credentials ideal.
## Troubleshooting
-Having issues? Follow these steps:
+Having issues? Follow these steps:
-### Verify API endpoint calls
+### Verify API endpoint calls
1. Verify the structure of the API call:
2. Verify that the API calls are going through the API gateway: `https://{tenant}.api.identitynow.com`
@@ -566,16 +535,15 @@ Having issues? Follow these steps:
:::info
-You can also get a **403 Forbidden** response error when you call an API that expects a user, but your authorization grant type lacks a user context. Calling most admin APIs with a `CLIENT_CREDENTIAL` grant often produces this result.
+You can also get a **403 Forbidden** response error when you call an API that expects a user, but your authorization grant type lacks a user context. Calling most admin APIs with a `CLIENT_CREDENTIAL` grant often produces this result.
:::
-### Verify OAuth client
+### Verify OAuth client
-1. Verify that the OAuth 2.0 client is not a legacy OAuth client. Legacy OAuth clients will not work. This can become very apparent when you look at the client ID - OAuth 2.0 client IDs have dashes.
-Here are two examples that illustrate the difference:
+1. Verify that the OAuth 2.0 client is not a legacy OAuth client. Legacy OAuth clients will not work. This can become very apparent when you look at the client ID - OAuth 2.0 client IDs have dashes. Here are two examples that illustrate the difference:
-Legacy Client ID: `G6xLlBBOKIcOAQuK`
+Legacy Client ID: `G6xLlBBOKIcOAQuK`
OAuth 2.0 Client ID: `b61429f5-203d-494c-94c3-04f54e17bc5c`
@@ -611,10 +579,8 @@ You can also view all of the active clients in the UI by going to `https://{tena
}
```
-4. If you're using an [Authorization Code](#authorization-code-grant-flow) grant flow, verify that the redirect URL(s) for your application match the `redirectUris` value in the client.
-You can check this by calling the [List OAuth Clients endpoint](/docs/api/beta/list-oauth-clients).
+4. If you're using an [Authorization Code](#authorization-code-grant-flow) grant flow, verify that the redirect URL(s) for your application match the `redirectUris` value in the client. You can check this by calling the [List OAuth Clients endpoint](/docs/api/beta/list-oauth-clients).
### Verify OAuth calls
-Verify that the OAuth call flow is going to the right URLs, with the correct query parameters and data values.
-A common source of errors is using the wrong host for authorization and token API calls.
-The token endpoint URL is `{tenant}.api.identitynow.com`, while the authorize URL is `{tenant}.identitynow.com`.
+
+Verify that the OAuth call flow is going to the right URLs, with the correct query parameters and data values. A common source of errors is using the wrong host for authorization and token API calls. The token endpoint URL is `{tenant}.api.identitynow.com`, while the authorize URL is `{tenant}.identitynow.com`.
diff --git a/docs/api/authorization.md b/docs/api/authorization.md
index 8fdbaf80c..1bb04108b 100644
--- a/docs/api/authorization.md
+++ b/docs/api/authorization.md
@@ -5,10 +5,10 @@ pagination_label: Authorization
sidebar_label: Authorization
sidebar_position: 3
sidebar_class_name: authorization
-keywords: ['authorization','scope','permission']
+keywords: ['authorization', 'scope', 'permission']
description: Authorize your ISC API requests.
slug: /api/authorization
-tags: ['Authorization','Scopes','Permissions']
+tags: ['Authorization', 'Scopes', 'Permissions']
---
import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
@@ -41,7 +41,7 @@ sequenceDiagram
## User Level Permissions
-When managing a user's access to the API, you must first assign the target user an appropriate [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html). It is important to choose the correct user level as it will place a boundary on which APIs a user can call, which also affects the areas and functions of the UI they have access to. For example, if a user is in charge of creating reports for auditing requirements, consider granting them the "Report Admin" user level.
+When managing a user's access to the API, you must first assign the target user an appropriate [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html). It is important to choose the correct user level as it will place a boundary on which APIs a user can call, which also affects the areas and functions of the UI they have access to. For example, if a user is in charge of creating reports for auditing requirements, consider granting them the "Report Admin" user level.
User levels are typically granted through the UI, [following the procedures from this document](https://documentation.sailpoint.com/saas/help/common/users/grant_remove_user_levels.html).
@@ -51,26 +51,26 @@ There is an [API that can set an identity's user level](https://developer.sailpo
:::
-User levels act as the first line of defense by applying a rigid boundary around the APIs that a user can call. The next section introduces scopes, which allow users to apply granular controls on the APIs an access token can call.
+User levels act as the first line of defense by applying a rigid boundary around the APIs that a user can call. The next section introduces scopes, which allow users to apply granular controls on the APIs an access token can call.
## Scopes
-Scopes are granular permissions you can add to personal access tokens (PATs) to create tokens with the least privilege necessary to fulfill their functions. User levels place a broad border around the APIs a token has access to, while scopes can further limit the set of endpoints a token can call. Scopes allow an API user to have multiple tokens with different privileges that support unique use cases and software applications. Using scopes is beneficial to security - if a bad actor compromises any one of the tokens, the bad actor can only perform the limited set of operations defined by the token's scopes, significantly reducing the potential damage that can be done. Therefore, it is recommended that all users apply scopes to each PAT they create in order to reduce the impact of stolen credentials.
+Scopes are granular permissions you can add to personal access tokens (PATs) to create tokens with the least privilege necessary to fulfill their functions. User levels place a broad border around the APIs a token has access to, while scopes can further limit the set of endpoints a token can call. Scopes allow an API user to have multiple tokens with different privileges that support unique use cases and software applications. Using scopes is beneficial to security - if a bad actor compromises any one of the tokens, the bad actor can only perform the limited set of operations defined by the token's scopes, significantly reducing the potential damage that can be done. Therefore, it is recommended that all users apply scopes to each PAT they create in order to reduce the impact of stolen credentials.
-Scopes contain one or more rights, which are low level permissions that grant access to individual endpoints. This means that a single scope, like `idn:access-request:manage`, can grant access to multiple API endpoints. To determine which scopes a PAT needs, you must first identify which endpoints the PAT needs to invoke. Each endpoint's API specification indicates which scope is necessary to call the endpoint. You can use this approach to curate a list of scopes that must be applied to the credential to call the necessary endpoints. [Learn more about how to find an API's required scopes here](#identifying-necessary-authorization-for-an-endpoint).
+Scopes contain one or more rights, which are low level permissions that grant access to individual endpoints. This means that a single scope, like `idn:access-request:manage`, can grant access to multiple API endpoints. To determine which scopes a PAT needs, you must first identify which endpoints the PAT needs to invoke. Each endpoint's API specification indicates which scope is necessary to call the endpoint. You can use this approach to curate a list of scopes that must be applied to the credential to call the necessary endpoints. [Learn more about how to find an API's required scopes here](#identifying-necessary-authorization-for-an-endpoint).
By default, each PAT has the scope `sp:scopes:default`, which is the least privileged scope. It only grants access to endpoints that require no authorization at all, such as [List Public Identities](https://developer.sailpoint.com/idn/api/v3/get-public-identities). Access to the endpoint may still be determined by the user's [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html).
Alternatively, `sp:scopes:all` grants access to all the rights appropriate for the [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html). For example, a user with the **Admin** user level has access to all APIs, so `sp:scopes:all` grants **Admin** users access to all APIs. A user with the **Cert Admin** user level, however, has access to only a subset of APIs necessary to perform their role, most notably the certification APIs, so `sp:scopes:all` grants **Cert Admin** users access to only that subset of APIs.
-Scopes are additive, which means the final right set is the intersection of all the rights granted by the scopes assigned to a PAT, excluding any rights that fall outside of the user level. Each scope added to an PAT builds up the credential's permission set, incrementally increasing access to the API. If a PAT has `sp:scopes:all` granted, then any additional scope is ignored because `sp:scopes:all` already contains the complete set of rights available to the user level.
+Scopes are additive, which means the final right set is the intersection of all the rights granted by the scopes assigned to a PAT, excluding any rights that fall outside of the user level. Each scope added to an PAT builds up the credential's permission set, incrementally increasing access to the API. If a PAT has `sp:scopes:all` granted, then any additional scope is ignored because `sp:scopes:all` already contains the complete set of rights available to the user level.
:::tip
If the API requirements for the personal access token exceed the scopes allowed by the user's assigned user level, then the following options may be considered.
-- Re-evaluate the user's responsibilities compared to their user level. It is possible that their user level is no longer appropriate for the functions they need to perform, and a more permissive user level may be necessary.
-- If the required access is a one-off need for a specific use case, then consider generating a PAT with the required scopes from a different user and sharing the credentials. This could be a dedicated service account designated for one-off applications. The downside of this approach is that it becomes more difficult to attribute an API call to a specific user, as the user now has a PAT that is not tied to their user account.
+- Re-evaluate the user's responsibilities compared to their user level. It is possible that their user level is no longer appropriate for the functions they need to perform, and a more permissive user level may be necessary.
+- If the required access is a one-off need for a specific use case, then consider generating a PAT with the required scopes from a different user and sharing the credentials. This could be a dedicated service account designated for one-off applications. The downside of this approach is that it becomes more difficult to attribute an API call to a specific user, as the user now has a PAT that is not tied to their user account.
:::
@@ -84,7 +84,7 @@ Each endpoint document specifies how to authorize with the endpoint in the **Aut
- **flow**: One or more OAuth flows supported by the endpoint. A token only needs to be generated by one flow to be valid. Refer to [Authentication Details](./authentication.md#authentication-details) for more information about the available flows.
- **scopes**: A list of scopes necessary to access the endpoint. A token only needs one of the scopes to authorize with the endpoint. When possible, choose the least privileged scope. Scopes ending in `read` can only retrieve data. Scopes ending in `manage` can retrieve, modify, and delete data.
-You may also notice that many API descriptions will indicate the user level(s) required to call the API endpoint. In the screenshot above, the list access profiles endpoint requires the user to have one of the following user levels: ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN. This means the PAT must have one of those user level **in addition to** the `sp:scopes:all` or `idn:access-profile:read` scope in order to call the endpoint.
+You may also notice that many API descriptions will indicate the user level(s) required to call the API endpoint. In the screenshot above, the list access profiles endpoint requires the user to have one of the following user levels: ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN. This means the PAT must have one of those user level **in addition to** the `sp:scopes:all` or `idn:access-profile:read` scope in order to call the endpoint.
:::info
@@ -106,11 +106,8 @@ Request Body
```json
{
- "name": "Access Request and NELM Management",
- "scope": [
- "idn:access-request:manage",
- "idn:nelm:manage"
- ]
+ "name": "Access Request and NELM Management",
+ "scope": ["idn:access-request:manage", "idn:nelm:manage"]
}
```
@@ -118,24 +115,21 @@ This request produces the following response, indicating that the scopes were su
```json
{
- "id": "86286c0c456e4b03a8ccb1f892dd456d",
- "name": "Access Request and NELM Management",
- "secret": "********",
- "scope": [
- "idn:access-request:manage",
- "idn:nelm:manage"
- ],
- "created": "2023-01-04T18:58:17.486584Z",
- "owner": {
- "name": "jane.doe",
- "id": "2c9180ab7624cbd7017642d8c8c81a73",
- "type": "IDENTITY"
- }
+ "id": "86286c0c456e4b03a8ccb1f892dd456d",
+ "name": "Access Request and NELM Management",
+ "secret": "********",
+ "scope": ["idn:access-request:manage", "idn:nelm:manage"],
+ "created": "2023-01-04T18:58:17.486584Z",
+ "owner": {
+ "name": "jane.doe",
+ "id": "2c9180ab7624cbd7017642d8c8c81a73",
+ "type": "IDENTITY"
+ }
}
```
:::caution
-If you attempt to add a scope that is outside the permissions of the [target user's level](#user-level-permissions), the request will still succeed and include the invalid scope in the credentials. However, any token generated with these credentials will **not** include the rights of the invalid scope. This is not an issue when you apply scopes with the UI - the UI only shows scopes available to the current user.
+If you attempt to add a scope that is outside the permissions of the [target user's level](#user-level-permissions), the request will still succeed and include the invalid scope in the credentials. However, any token generated with these credentials will **not** include the rights of the invalid scope. This is not an issue when you apply scopes with the UI - the UI only shows scopes available to the current user.
:::
diff --git a/docs/api/getting-started.md b/docs/api/getting-started.md
index 49e79258c..b9bfc81ad 100644
--- a/docs/api/getting-started.md
+++ b/docs/api/getting-started.md
@@ -6,14 +6,14 @@ sidebar_label: Getting Started
sidebar_position: 1
sidebar_class_name: gettingStarted
keywords: ['getting started']
-description: Start using the ISC APIs.
+description: Start using the ISC APIs.
slug: /api/getting-started
tags: ['Getting Started']
---
## Overview
-This guide is intended to help you quickly make your first API call to SailPoint Identity Security Cloud and assumes an intermediate level of understanding of APIs. For beginners to APIs, we recommend you watch this presentation that covers the fundamentals of APIs with visual demonstrations of how to make an API call in SailPoint.
+This guide is intended to help you quickly make your first API call to SailPoint Identity Security Cloud and assumes an intermediate level of understanding of APIs. For beginners to APIs, we recommend you watch this presentation that covers the fundamentals of APIs with visual demonstrations of how to make an API call in SailPoint.
diff --git a/docs/api/identity-security-cloud.md b/docs/api/identity-security-cloud.md
index b74855807..bc7dd1ea1 100644
--- a/docs/api/identity-security-cloud.md
+++ b/docs/api/identity-security-cloud.md
@@ -6,14 +6,14 @@ sidebar_label: Identity Security Cloud API Specifications
sidebar_position: 1
sidebar_class_name: iscSpecifications
keywords: ['api', 'specifications']
-description: ISC API specifications.
+description: ISC API specifications.
slug: /api
tags: ['API Specifications']
---
-## Overview
+## Overview
-The Identity Security Cloud (ISC) APIs provide developers with a way to interact with the ISC platform and extend it. Developers can leverage these APIs to customize their platform experiences and build new solutions and integrations that meet their needs.
+The Identity Security Cloud (ISC) APIs provide developers with a way to interact with the ISC platform and extend it. Developers can leverage these APIs to customize their platform experiences and build new solutions and integrations that meet their needs.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
@@ -22,8 +22,8 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
-## Discuss
+## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the ISC APIs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/tags/c/isc/6/apis).
\ No newline at end of file
+To learn more about the ISC APIs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/tags/c/isc/6/apis).
diff --git a/docs/api/nerm/authentication.md b/docs/api/nerm/authentication.md
index 7fc2ef893..a32a58b17 100644
--- a/docs/api/nerm/authentication.md
+++ b/docs/api/nerm/authentication.md
@@ -11,8 +11,6 @@ slug: /api/nerm/authentication
tags: ['Authentication']
---
-
-
## Overview
NERM uses bearer tokens to allow customers to authenticate to NERM API endpoints. These tokens can be generated by following the instructions [here](https://documentation.sailpoint.com/ne-admin/help/setup/api.html).
@@ -20,5 +18,3 @@ NERM uses bearer tokens to allow customers to authenticate to NERM API endpoints
## Example
To use your bearer token simply provide it in the header with the request like so: `Authorization: Bearer `
-
-
diff --git a/docs/api/nerm/pagination-metadata-filtering.md b/docs/api/nerm/pagination-metadata-filtering.md
index 0c302394b..d2fc8673d 100644
--- a/docs/api/nerm/pagination-metadata-filtering.md
+++ b/docs/api/nerm/pagination-metadata-filtering.md
@@ -25,7 +25,7 @@ Use the following optional query parameters to achieve pagination:
| --- | --- | --- | --- |
| `limit` | Integer specifying the maximum number of records to return in a single API call. If it is not specified, a default limit is used. | `100` | Maxiumum of 500 for `api/profiles` |
| `offset` | Integer specifying the offset of the first result from the beginning of the collection. The **offset** value is record-based, not page-based, and the index starts at 0. For example, **offset=0** and **limit=20** returns records 0-19, but **offset=1** and **limit=20** returns records 1-20. | `0` | Between 0 and the last record index. |
-| `order` | String specifying the ascending order in which the results should be returned, for example, **order=login** would return the users results in an ascending alphanumeric order| - | Limited to specific parameters |
+| `order` | String specifying the ascending order in which the results should be returned, for example, **order=login** would return the users results in an ascending alphanumeric order | - | Limited to specific parameters |
Examples:
@@ -39,11 +39,12 @@ Metadata can be added to a result to allow for progromatic approaches to fetchin
| Name | Description | Default |
| --- | --- | --- |
-| `metadata` | Boolean that specifies wether or not to return a **_metadata** key with pagination information | false |
+| `metadata` | Boolean that specifies wether or not to return a **\_metadata** key with pagination information | false |
Example:
- GET `/api/users?metadata=true`
+
```
{
...
@@ -61,6 +62,7 @@ Example:
Resource attributes can be added to parameters to perform a basic match filter. Refer to each documented endpoints **Query Parameters** to identify what can be used.
Example:
+
- GET `/api/users?email=jim@acmeco.com`
## Advanced Profile Filtering
@@ -115,12 +117,12 @@ There are 3 types of **condition_rules_attributes**
This rule searches for profiles based on the status.
| Key | Type | Description |
-|----------|------|-----------------------|
+| --- | --- | --- |
| id | string | If you are updating an existing rule, include the ID of that rule, if you do not include an ID it will create a new condition rule |
| type | string **required** | The value must be 'ProfileStatusRule' |
| comparison_operator | string **required** | This is how the comparison is made for the attribute values. Available basic operators:
== (equals)
!= (not equal)
|
| value | string **required** | This is the value used for comparison.0 Available Values:
Active
Inactive
Leave of absence
Terminated
|
-| _destroy | boolean | Supplying this option with "true" will cause the condition to be destroyed |
+| \_destroy | boolean | Supplying this option with "true" will cause the condition to be destroyed |
Example:
@@ -143,12 +145,12 @@ Example:
This rule searches for profiles based on the id of the profile type.
| Key | Type | Description |
-|----------|------|-----------------------|
+| --- | --- | --- |
| id | string | If you are updating an existing rule, include the ID of that rule, if you do not include an ID it will create a new condition rule |
| type | string **required** | The value must be 'ProfileTypeRule' |
| comparison_operator | string **required** | This is how the comparison is made for the attribute values. Available basic operators:
== (equals)
!= (not equal)
|
| value | string **required** | This is the value used for comparison. This should be the ID of the profile type |
-| _destroy | boolean | Supplying this option with "true" will cause the condition to be destroyed |
+| \_destroy | boolean | Supplying this option with "true" will cause the condition to be destroyed |
Example:
@@ -171,14 +173,14 @@ Example:
This rule searches for profiles based on an attribute that profile has.
| Key | Type | Description |
-|----------|------|-----------------------|
+| --- | --- | --- |
| id | string | If you are updating an existing rule, include the ID of that rule, if you do not include an ID it will create a new condition rule |
| type | string **required** | The value must be 'ProfileAttributeRule' |
| object_type | string **required** | The values must equal 'NeAttribute' |
| condition_object_id | string **required** | this is the id of the attribute you are searching against |
| comparison_operator | string **required** | This is how the comparison is made for the attribute values. Available basic operators:
== (equals)
!= (not equal)
> (greater than)
< (less than)
start_with? (starts with)
end_with? (ends with)
include? (includes)
Available date operators:
before (before specific date)
after (after specific date)
> (more than X days before/after today)
< (less than X days before/after today)
== (equal to X days before/after today)
|
| value | string **required** | This is the value used for comparison. Value formatting:
profile select attribute: ID of profile
profile search attribute: ID of profile
user select attribute: ID of user
user search attribute: ID of user
date attribute (before, after): correct date format for attribute
date attribute (>, <, ==): "X before" or "X after" where X is the number of days
|
-| _destroy | boolean | Supplying this option with "true" will cause the condition to be destroyed |
+| \_destroy | boolean | Supplying this option with "true" will cause the condition to be destroyed |
Example:
@@ -196,4 +198,4 @@ Example:
]
}
}
-```
\ No newline at end of file
+```
diff --git a/docs/api/non-employee.md b/docs/api/non-employee.md
index 307bda5bd..a5d9cff97 100644
--- a/docs/api/non-employee.md
+++ b/docs/api/non-employee.md
@@ -6,16 +6,16 @@ sidebar_label: NERM API Specifications
sidebar_position: 1
sidebar_class_name: nermApiSpecifications
keywords: ['api', 'specifications']
-description: NERM API specifications.
+description: NERM API specifications.
slug: /api/nerm
tags: ['API Specifications']
---
-## Overview
+## Overview
-[Non-Employee Risk Management (NERM)](https://documentation.sailpoint.com/ne-admin/help/) is an add-on to Identity Security Cloud (ISC) that helps organizations track non-employees such as contractors, partners, and vendors, and their lifecycles within the organization.
+[Non-Employee Risk Management (NERM)](https://documentation.sailpoint.com/ne-admin/help/) is an add-on to Identity Security Cloud (ISC) that helps organizations track non-employees such as contractors, partners, and vendors, and their lifecycles within the organization.
-The Non-Employee Risk Management (NERM) APIs provide developers with a way to interact with the NERM add-on and extend it. Developers can leverage these APIs to customize their platform experiences and build new solutions and integrations that meet their needs.
+The Non-Employee Risk Management (NERM) APIs provide developers with a way to interact with the NERM add-on and extend it. Developers can leverage these APIs to customize their platform experiences and build new solutions and integrations that meet their needs.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
@@ -24,8 +24,8 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
-## Discuss
+## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the NERM APIs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/tag/nerm).
\ No newline at end of file
+To learn more about the NERM APIs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/tag/nerm).
diff --git a/docs/api/patch-requests.md b/docs/api/patch-requests.md
index 8a2c4c9e0..b7f180630 100644
--- a/docs/api/patch-requests.md
+++ b/docs/api/patch-requests.md
@@ -10,159 +10,145 @@ description: Send PATCH ISC API requests.
tags: ['patch', 'guide']
---
-## PATCH requests
+## PATCH requests
-You can use the Identity Security Cloud APIs to update existing resources. Many of the APIs offer multiple ways to do so:
+You can use the Identity Security Cloud APIs to update existing resources. Many of the APIs offer multiple ways to do so:
-- You can send a **PUT** request to replace the existing resource with a new one. For example, if you wanted to update one of John Doe's source accounts, you could use the [Put Account](https://developer.sailpoint.com/docs/api/v3/put-account) endpoint to replace John Doe's existing source account with a new one. This is a viable way to update a resource, but it requires you to update the entire resource each time.
+- You can send a **PUT** request to replace the existing resource with a new one. For example, if you wanted to update one of John Doe's source accounts, you could use the [Put Account](https://developer.sailpoint.com/docs/api/v3/put-account) endpoint to replace John Doe's existing source account with a new one. This is a viable way to update a resource, but it requires you to update the entire resource each time.
-- You can send a **PATCH** request to make a specific change to the resource. For example, if you wanted to update John Doe's account's associated `identityId` attribute, you could use the [Patch Account](https://developer.sailpoint.com/docs/api/v3/update-account) endpoint to replace his existing `identityId` with a new one, all without affecting any of the other source account details. This can be very helpful when you want to make specific updates to resources, but it requires some knowledge of the types of changes, or "operations", that are possible, the specific paths of the fields you want to update, and some understanding of the basic data types.
+- You can send a **PATCH** request to make a specific change to the resource. For example, if you wanted to update John Doe's account's associated `identityId` attribute, you could use the [Patch Account](https://developer.sailpoint.com/docs/api/v3/update-account) endpoint to replace his existing `identityId` with a new one, all without affecting any of the other source account details. This can be very helpful when you want to make specific updates to resources, but it requires some knowledge of the types of changes, or "operations", that are possible, the specific paths of the fields you want to update, and some understanding of the basic data types.
-This guide will focus on the partial update method, PATCH requests. Read this guide to learn how to start sending PATCH requests.
+This guide will focus on the partial update method, PATCH requests. Read this guide to learn how to start sending PATCH requests.
## Get the resource ID
-To use PATCH to update a resource, you first need to know the resource ID.
+To use PATCH to update a resource, you first need to know the resource ID.
-Not all resource IDs are available in the Identity Security Cloud UI, so you may need to use the API to find the ID for the resource you want to update.
+Not all resource IDs are available in the Identity Security Cloud UI, so you may need to use the API to find the ID for the resource you want to update.
-For example, account IDs aren't avilable in the Identity Security Cloud UI. If you want to use the [Patch Account](https://developer.sailpoint.com/docs/api/v3/update-account) endpoint to make a change to a specific account, you first need to find out the account's ID.
+For example, account IDs aren't avilable in the Identity Security Cloud UI. If you want to use the [Patch Account](https://developer.sailpoint.com/docs/api/v3/update-account) endpoint to make a change to a specific account, you first need to find out the account's ID.
-You can use the [List Accounts](https://developer.sailpoint.com/docs/api/v3/list-accounts) endpoint to view all the accounts in your tenant, along with their details, such as their identities. You can find your account and its ID in this list.
+You can use the [List Accounts](https://developer.sailpoint.com/docs/api/v3/list-accounts) endpoint to view all the accounts in your tenant, along with their details, such as their identities. You can find your account and its ID in this list.
-## Get the resource details
+## Get the resource details
-Once you know the resource ID, you can use a GET request to get that resource's details. To successfully use a PATCH request to make changes to a resource, you need to know which paths you can update, what values they have, and the structure of those paths.
+Once you know the resource ID, you can use a GET request to get that resource's details. To successfully use a PATCH request to make changes to a resource, you need to know which paths you can update, what values they have, and the structure of those paths.
-For example, once you know the ID for the source you want to update with a PATCH request, you can use the [Get Source by ID](https://developer.sailpoint.com/docs/api/v3/get-source) endpoint to view only that source and its details.
+For example, once you know the ID for the source you want to update with a PATCH request, you can use the [Get Source by ID](https://developer.sailpoint.com/docs/api/v3/get-source) endpoint to view only that source and its details.
-In this example, the API returns a source, "ubuntu", along with all its details. This JSON response shows the resource's structure and its different paths:
+In this example, the API returns a source, "ubuntu", along with all its details. This JSON response shows the resource's structure and its different paths:
Example Source Details
```json
-
{
- "description": "ubuntu",
- "owner": {
- "type": "IDENTITY",
- "id": "2c91808475b4334b0175e1e005006401",
- "name": "SailPoint Services"
+ "description": "ubuntu",
+ "owner": {
+ "type": "IDENTITY",
+ "id": "2c91808475b4334b0175e1e005006401",
+ "name": "SailPoint Services"
+ },
+ "cluster": null,
+ "accountCorrelationConfig": null,
+ "accountCorrelationRule": null,
+ "managerCorrelationMapping": null,
+ "managerCorrelationRule": null,
+ "beforeProvisioningRule": null,
+ "schemas": [
+ {
+ "type": "CONNECTOR_SCHEMA",
+ "id": "2c91808c771b686101772a91dbd877ab",
+ "name": "account"
},
- "cluster": null,
- "accountCorrelationConfig": null,
- "accountCorrelationRule": null,
- "managerCorrelationMapping": null,
- "managerCorrelationRule": null,
- "beforeProvisioningRule": null,
- "schemas": [
- {
- "type": "CONNECTOR_SCHEMA",
- "id": "2c91808c771b686101772a91dbd877ab",
- "name": "account"
- },
- {
- "type": "CONNECTOR_SCHEMA",
- "id": "2c91808c771b686101772a91dbd877ac",
- "name": "group"
- }
- ],
- "passwordPolicies": null,
- "features": [
- "NO_RANDOM_ACCESS",
- "DISCOVER_SCHEMA",
- "DIRECT_PERMISSIONS"
- ],
- "type": "DelimitedFile",
- "connector": "delimited-file-angularsc",
- "connectorClass": "sailpoint.connector.DelimitedFileConnector",
- "connectorAttributes": {
- "mergeColumns": [
- "groups"
- ],
- "group.mergeRows": true,
- "group.delimiter": ",",
- "mergeRows": true,
- "group.filetransport": "local",
- "partitionMode": "disabled",
- "connectionType": "file",
- "group.host": "local",
- "group.indexColumn": "id",
- "file": "/tmp/source-account-2c91808c771b686101772a91dbd877aa3299228430527475607.csv",
- "delimiter": ",",
- "deltaAggregation": null,
- "host": "local",
- "cloudExternalId": "23012",
- "group.indexColumns": [
- "id"
- ],
- "cloudIdentityProfileName": null,
- "group.mergeColumns": [
- "entitlements",
- "groups",
- "permissions"
- ],
- "hasHeader": true,
- "filterEmptyRecords": true,
- "oauth_body_attrs_to_exclude": "client_secret,client_id",
- "filetransport": "local",
- "idnPreviousCorrelationConfig": null,
- "deleteThresholdPercentage": 10,
- "group.filterEmptyRecords": true,
- "group.hasHeader": true,
- "group.partitionMode": "disabled",
- "cloudAuthoritativeSourcePrecedence": null,
- "formPath": null,
- "group.columnNames": [
- "id",
- "name",
- "displayName",
- "created",
- "description",
- "modified",
- "entitlements",
- "groups",
- "permissions"
- ],
- "templateApplication": "DelimitedFile Template",
- "group.file": "/var/lib/identityiq_workspace/27c92c24-8681-4574-9453-5c56370b3fc9-groups.csv",
- "indexColumn": "id",
- "healthy": false,
- "cloudDisplayName": "Ubuntu",
- "connectorName": "Delimited File",
- "beforeProvisioningRule": null,
- "cloudOriginalApplicationType": "Delimited File",
- "since": "2021-01-22T14:48:58.072Z",
- "status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT"
- },
- "deleteThreshold": 10,
- "authoritative": false,
- "healthy": false,
- "status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT",
- "since": "2021-01-22T14:48:58.072Z",
- "connectorId": "delimited-file",
- "connectorName": "Delimited File",
+ {
+ "type": "CONNECTOR_SCHEMA",
+ "id": "2c91808c771b686101772a91dbd877ac",
+ "name": "group"
+ }
+ ],
+ "passwordPolicies": null,
+ "features": ["NO_RANDOM_ACCESS", "DISCOVER_SCHEMA", "DIRECT_PERMISSIONS"],
+ "type": "DelimitedFile",
+ "connector": "delimited-file-angularsc",
+ "connectorClass": "sailpoint.connector.DelimitedFileConnector",
+ "connectorAttributes": {
+ "mergeColumns": ["groups"],
+ "group.mergeRows": true,
+ "group.delimiter": ",",
+ "mergeRows": true,
+ "group.filetransport": "local",
+ "partitionMode": "disabled",
"connectionType": "file",
- "connectorImplementationId": "delimited-file",
- "managementWorkgroup": null,
- "id": "2c91808c771b686101772a91dbd877aa",
- "name": "Ubuntu",
- "created": "2021-01-22T14:48:58.072Z",
- "modified": "2023-06-30T13:39:07.456Z"
+ "group.host": "local",
+ "group.indexColumn": "id",
+ "file": "/tmp/source-account-2c91808c771b686101772a91dbd877aa3299228430527475607.csv",
+ "delimiter": ",",
+ "deltaAggregation": null,
+ "host": "local",
+ "cloudExternalId": "23012",
+ "group.indexColumns": ["id"],
+ "cloudIdentityProfileName": null,
+ "group.mergeColumns": ["entitlements", "groups", "permissions"],
+ "hasHeader": true,
+ "filterEmptyRecords": true,
+ "oauth_body_attrs_to_exclude": "client_secret,client_id",
+ "filetransport": "local",
+ "idnPreviousCorrelationConfig": null,
+ "deleteThresholdPercentage": 10,
+ "group.filterEmptyRecords": true,
+ "group.hasHeader": true,
+ "group.partitionMode": "disabled",
+ "cloudAuthoritativeSourcePrecedence": null,
+ "formPath": null,
+ "group.columnNames": [
+ "id",
+ "name",
+ "displayName",
+ "created",
+ "description",
+ "modified",
+ "entitlements",
+ "groups",
+ "permissions"
+ ],
+ "templateApplication": "DelimitedFile Template",
+ "group.file": "/var/lib/identityiq_workspace/27c92c24-8681-4574-9453-5c56370b3fc9-groups.csv",
+ "indexColumn": "id",
+ "healthy": false,
+ "cloudDisplayName": "Ubuntu",
+ "connectorName": "Delimited File",
+ "beforeProvisioningRule": null,
+ "cloudOriginalApplicationType": "Delimited File",
+ "since": "2021-01-22T14:48:58.072Z",
+ "status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT"
+ },
+ "deleteThreshold": 10,
+ "authoritative": false,
+ "healthy": false,
+ "status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT",
+ "since": "2021-01-22T14:48:58.072Z",
+ "connectorId": "delimited-file",
+ "connectorName": "Delimited File",
+ "connectionType": "file",
+ "connectorImplementationId": "delimited-file",
+ "managementWorkgroup": null,
+ "id": "2c91808c771b686101772a91dbd877aa",
+ "name": "Ubuntu",
+ "created": "2021-01-22T14:48:58.072Z",
+ "modified": "2023-06-30T13:39:07.456Z"
}
-
```
-## PATCH request structure
+## PATCH request structure
-A PATCH request involves sending a JSON PATCH document that represents an array of objects. Each object represents a single operation to be applied to the target resource.
+A PATCH request involves sending a JSON PATCH document that represents an array of objects. Each object represents a single operation to be applied to the target resource.
-PATCH requests all share the same essential structure. A PATCH request must include an object that specifies exactly one operation to apply to update the resource, as well as exactly one path that represents the target location where the operation is applied.
+PATCH requests all share the same essential structure. A PATCH request must include an object that specifies exactly one operation to apply to update the resource, as well as exactly one path that represents the target location where the operation is applied.
-This example request has the basic PATCH structure:
+This example request has the basic PATCH structure:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
@@ -176,31 +162,29 @@ PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
"value": "new description"
}
]
-
```
-This example request uses a "replace" operation to replace the source's existing description with a new value, "new description". This example shows the parts involved in sending a PATCH request. You must specify an operation to apply to the target resource, a path to apply the operation to, and the change you want to make, often in the form of a value or a "from" location for "copy" and "move" operations.
+This example request uses a "replace" operation to replace the source's existing description with a new value, "new description". This example shows the parts involved in sending a PATCH request. You must specify an operation to apply to the target resource, a path to apply the operation to, and the change you want to make, often in the form of a value or a "from" location for "copy" and "move" operations.
-You can find this example in the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) specification. The API specifications have examples on the right side of the page that you can copy and use to get started. You can tab between the different examples to see a variety of pre-built requests you can use.
+You can find this example in the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) specification. The API specifications have examples on the right side of the page that you can copy and use to get started. You can tab between the different examples to see a variety of pre-built requests you can use.
-A PATCH request can be more complex as well - the values can be simple or vast and detailed. You can use a PATCH request to apply multiple operations, with a path for each, or you can apply the same type of operation to multiple paths. The PATCH request will always have the same essential structure though.
+A PATCH request can be more complex as well - the values can be simple or vast and detailed. You can use a PATCH request to apply multiple operations, with a path for each, or you can apply the same type of operation to multiple paths. The PATCH request will always have the same essential structure though.
:::note
-The ordering of members in JSON objects doesn't affect the response. These examples all specify the operation first, but you would get the same response if you specified the members in any other order.
+The ordering of members in JSON objects doesn't affect the response. These examples all specify the operation first, but you would get the same response if you specified the members in any other order.
:::
-You can specify a single operation, or you can specify multiple. If you are using multiple operations in one PATCH request, each operation must include its own path.
+You can specify a single operation, or you can specify multiple. If you are using multiple operations in one PATCH request, each operation must include its own path.
-This example request applies "replace" and "add" ops to different paths:
+This example request applies "replace" and "add" ops to different paths:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
-
[
{
"op": "replace",
@@ -213,116 +197,108 @@ PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
"value": "!( id.contains( \"m\" ) ) || !( id.contains( \"d\" ) )"
}
]
-
```
-This example request uses a "replace" to update the source's description and an "add" to add a filter string to the source's connector.
+This example request uses a "replace" to update the source's description and an "add" to add a filter string to the source's connector.
-## Specify an operation
+## Specify an operation
-Once you know the ID of the resource you want to update and you have the resource's details, you can start writing your PATCH request.
+Once you know the ID of the resource you want to update and you have the resource's details, you can start writing your PATCH request.
-The first step is to specify an operation to apply to the target resource.
+The first step is to specify an operation to apply to the target resource.
-Operation objects must have exactly one "op" member, whose value indicates the operation to perform.
+Operation objects must have exactly one "op" member, whose value indicates the operation to perform.
-These are the available PATCH operations:
+These are the available PATCH operations:
- [Add](#add)
- [Remove](#remove)
- [Replace](#replace)
- [Move](#move)
-- [Copy](#copy)
+- [Copy](#copy)
- [Test](#test)
-### Add
+### Add
-The "add" operation adds a value to the target location. For more information about the "add" operation and how it behaves in different scenarios, refer to the [JSON PATCH documentation](https://datatracker.ietf.org/doc/html/rfc6902).
+The "add" operation adds a value to the target location. For more information about the "add" operation and how it behaves in different scenarios, refer to the [JSON PATCH documentation](https://datatracker.ietf.org/doc/html/rfc6902).
This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to add a new "office" attribute to the end of a source schema's array of attributes:
```json
[
{
- "op": "add",
- "path": "/attributes/-",
- "value":
- {
- "name": "office",
- "type": "STRING",
- "schema": null,
- "description": "Office Location",
- "isMulti": false,
- "isEntitlement": false,
+ "op": "add",
+ "path": "/attributes/-",
+ "value": {
+ "name": "office",
+ "type": "STRING",
+ "schema": null,
+ "description": "Office Location",
+ "isMulti": false,
+ "isEntitlement": false,
"isGroup": false
}
}
]
```
-If you are adding a new value to an array of values, you can specify the position within the array where you want to add the new value. In this example, using the "-" expression at the end of the path specifies that the new attribute will be added to the end of the array of attributes.
+If you are adding a new value to an array of values, you can specify the position within the array where you want to add the new value. In this example, using the "-" expression at the end of the path specifies that the new attribute will be added to the end of the array of attributes.
-You can use "0" to add a value to the beginning of the array. You can use "1" to add a value to the second positon, and so on. Using "-" adds the value to the end of the array.
+You can use "0" to add a value to the beginning of the array. You can use "1" to add a value to the second positon, and so on. Using "-" adds the value to the end of the array.
-### Remove
+### Remove
-The "remove" operation removes a value from the target location. The target location must exist for the operation to be successful.
+The "remove" operation removes a value from the target location. The target location must exist for the operation to be successful.
This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to remove an existing filter string from a source's connector:
```json
- [
+[
{
- "op": "remove",
- "path": "/connectorAttributes/filterString"
+ "op": "remove",
+ "path": "/connectorAttributes/filterString"
}
- ]
- ```
+]
+```
- In this example, the PATCH request is removing a connector's string filter. If there is no string filter to remove, the request will fail and you will receive an error.
+In this example, the PATCH request is removing a connector's string filter. If there is no string filter to remove, the request will fail and you will receive an error.
- Because there is only one value for the path, the request removes that value.
+Because there is only one value for the path, the request removes that value.
- If there is an array of values, you must specify the position within the array to remove that value.
+If there is an array of values, you must specify the position within the array to remove that value.
-This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to remove the first feature from a source's list of features.
+This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to remove the first feature from a source's list of features.
-The source has three features, "ENABLE", "PROVISIONING", AND "UNLOCK".
+The source has three features, "ENABLE", "PROVISIONING", AND "UNLOCK".
-This request will remove the the first value from the list, "ENABLE".
+This request will remove the the first value from the list, "ENABLE".
```json
[
{
- "op": "remove",
+ "op": "remove",
"path": "/features/0"
}
-]
+]
```
-### Replace
+### Replace
-The "replace" operation replaces the value at the target location with a new value. The operation object must contain a "value" member whose content specifies the replacement value, and the target location must exist for the operation to be successful. This operation is the equivalent of a "remove" followed by an "add".
+The "replace" operation replaces the value at the target location with a new value. The operation object must contain a "value" member whose content specifies the replacement value, and the target location must exist for the operation to be successful. This operation is the equivalent of a "remove" followed by an "add".
-This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to replace a source's existing features with new ones:
+This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to replace a source's existing features with new ones:
```json
[
{
- "op": "replace",
- "path": "/features",
- "value":
- [
- "PASSWORD",
- "PROVISIONING",
- "ENABLE",
- "AUTHENTICATE"
- ]
+ "op": "replace",
+ "path": "/features",
+ "value": ["PASSWORD", "PROVISIONING", "ENABLE", "AUTHENTICATE"]
}
-]
+]
```
-You can also replace a value within an array. This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to replace the first value in the array with the specified value:
+You can also replace a value within an array. This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to replace the first value in the array with the specified value:
```json
[
@@ -334,71 +310,65 @@ You can also replace a value within an array. This example uses the [Patch Sourc
]
```
-This request removes the first feature ("PASSWORD") in the list and adds the "CURRENT_PASSWORD" value in its place.
+This request removes the first feature ("PASSWORD") in the list and adds the "CURRENT_PASSWORD" value in its place.
### Move
-The "move" operation removes the operation from a specified location and adds it to the target location. This operation object must contain a "from" member whose content specifies the location to remove the value from, and the "from" location must exist for the operation to be successful.
+The "move" operation removes the operation from a specified location and adds it to the target location. This operation object must contain a "from" member whose content specifies the location to remove the value from, and the "from" location must exist for the operation to be successful.
-This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to move an attribute from the beginning to the end of the schema's array of attributes:
+This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to move an attribute from the beginning to the end of the schema's array of attributes:
-```json
+```json
[
{
- "op": "move",
- "from": "/attributes/0",
+ "op": "move",
+ "from": "/attributes/0",
"path": "/attributes/-"
}
-]
-```
-
-### Copy
-
-The "copy" operation copies the value from a specified location to the target location. The operation object must contain a "from" member whose content specifies the location to copy the value from, and the "from" location must exist for the operation to be successful.
-
-This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to copies an attribute from the beginning and duplicates it at the end of the schema's array of attributes:
-
-```json
-[
- {
- "op": "copy",
- "from": "/attributes/0",
- "path": "/attributes/-"
- }
-]
-```
-
-### Test
-
-The "test" operation is unique in that it does not apply changes to the resource. The "test" operation tests that a value at the target location is equal to a specified value. The operation object must contain a "value" member whose content specifies the value to be compared to the target location's value, and the values must be equal for the operation to be successful. For more information about what "equal" means for different JSON types, refer [here](https://datatracker.ietf.org/doc/html/rfc6902#section-4.6).
-
-The "test" operation allows you to check that a resource has the values you expect it to have, and then you can make changes to those values from there with another PATCH request.
-
-This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to test a source's existing features to make sure they match the specified values.:
-
-```json
-[
- {
- "op": "test",
- "path": "/features",
- "value":
- [
- "PASSWORD",
- "PROVISIONING",
- "ENABLE",
- "AUTHENTICATE"
- ]
- }
]
```
-## Specify a path
+### Copy
-Once you have specified the operation you want to apply to the target resource, you must specify the path, the JSON Pointer for the target location that you want to apply the operation to.
+The "copy" operation copies the value from a specified location to the target location. The operation object must contain a "from" member whose content specifies the location to copy the value from, and the "from" location must exist for the operation to be successful.
-To send a PATCH request, you must know the path where you want to make the change. This is why it's important to get the resource's details so that you can see all the resource's available paths where you can make changes.
+This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to copies an attribute from the beginning and duplicates it at the end of the schema's array of attributes:
-For example, this snippet from the beginning of the earlier source details example lists many of the source's top-level paths:
+```json
+[
+ {
+ "op": "copy",
+ "from": "/attributes/0",
+ "path": "/attributes/-"
+ }
+]
+```
+
+### Test
+
+The "test" operation is unique in that it does not apply changes to the resource. The "test" operation tests that a value at the target location is equal to a specified value. The operation object must contain a "value" member whose content specifies the value to be compared to the target location's value, and the values must be equal for the operation to be successful. For more information about what "equal" means for different JSON types, refer [here](https://datatracker.ietf.org/doc/html/rfc6902#section-4.6).
+
+The "test" operation allows you to check that a resource has the values you expect it to have, and then you can make changes to those values from there with another PATCH request.
+
+This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to test a source's existing features to make sure they match the specified values.:
+
+```json
+[
+ {
+ "op": "test",
+ "path": "/features",
+ "value": ["PASSWORD", "PROVISIONING", "ENABLE", "AUTHENTICATE"]
+ }
+]
+```
+
+## Specify a path
+
+Once you have specified the operation you want to apply to the target resource, you must specify the path, the JSON Pointer for the target location that you want to apply the operation to.
+
+To send a PATCH request, you must know the path where you want to make the change. This is why it's important to get the resource's details so that you can see all the resource's available paths where you can make changes.
+
+For example, this snippet from the beginning of the earlier source details example lists many of the source's top-level paths:
Example Source Paths
@@ -439,7 +409,7 @@ For example, this snippet from the beginning of the earlier source details examp
-You can send PATCH requests to make changes to some of these paths, like editing the source's description with this PATCH request from earlier:
+You can send PATCH requests to make changes to some of these paths, like editing the source's description with this PATCH request from earlier:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
@@ -455,9 +425,9 @@ PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
]
```
-However, you cannot make changes to all paths. Use the API specifications for the PATCH endpoint you want to use to find out which paths you can make changes to. The API specifications will list the paths, or fields, that are immutable, if there are any. For example, the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) specification lists paths like `id` and `type` as being immutable. Trying to use modify these paths results in a 400 error.
+However, you cannot make changes to all paths. Use the API specifications for the PATCH endpoint you want to use to find out which paths you can make changes to. The API specifications will list the paths, or fields, that are immutable, if there are any. For example, the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) specification lists paths like `id` and `type` as being immutable. Trying to use modify these paths results in a 400 error.
-The paths are often nested within other paths, like within the "connectorAttributes" path from the earlier example source's details:
+The paths are often nested within other paths, like within the "connectorAttributes" path from the earlier example source's details:
Example Source Connector Attributes
@@ -527,7 +497,7 @@ The paths are often nested within other paths, like within the "connectorAttribu
-You can send a PATCH request to make changes to paths within the "connectorAttributes" path itself. This example request removes the "filterString" path and its value.
+You can send a PATCH request to make changes to paths within the "connectorAttributes" path itself. This example request removes the "filterString" path and its value.
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
@@ -543,19 +513,19 @@ PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
]
```
-This request specifies the top-level path, "connectorAttributes", following it with the path where the value is going to be removed from, "filterString".
+This request specifies the top-level path, "connectorAttributes", following it with the path where the value is going to be removed from, "filterString".
-The request will only remove a filter string matching the one specified, so any other filter strings or connector attributes will be unaffected.
+The request will only remove a filter string matching the one specified, so any other filter strings or connector attributes will be unaffected.
-If there is no value matching the filter string specified by the PATCH request, the request will fail and you will receive an error.
+If there is no value matching the filter string specified by the PATCH request, the request will fail and you will receive an error.
-## Specify a value
+## Specify a value
-For many of the operations, once you have specified the operation you want to apply and the path you want to apply it to, you need to specify the value you want to send with the request. The value you specify must fit the path's data type.
+For many of the operations, once you have specified the operation you want to apply and the path you want to apply it to, you need to specify the value you want to send with the request. The value you specify must fit the path's data type.
-The operations that don't require a value are the "copy" and "move" operations. Those operations instead use a "from" to represent the location they are copying or moving the data from. Refer to the [Specify a From](#specify-a-from) section for more information about how to use "from" with your "copy" and "move" operations.
+The operations that don't require a value are the "copy" and "move" operations. Those operations instead use a "from" to represent the location they are copying or moving the data from. Refer to the [Specify a From](#specify-a-from) section for more information about how to use "from" with your "copy" and "move" operations.
-You can specify a single simple value for an operation. In this example from earlier, the PATCH request replaces the source's description:
+You can specify a single simple value for an operation. In this example from earlier, the PATCH request replaces the source's description:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
@@ -571,7 +541,7 @@ PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
]
```
-You can also specify multiple values for an operation to be applied to, as long as they all affect the same path. For example, this PATCH request replaces the source's current features with a number of new ones:
+You can also specify multiple values for an operation to be applied to, as long as they all affect the same path. For example, this PATCH request replaces the source's current features with a number of new ones:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
@@ -582,17 +552,12 @@ PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
{
"op": "replace",
"path": "/features",
- "value": [
- "PASSWORD",
- "PROVISIONING",
- "ENABLE",
- "AUTHENTICATE"
- ]
+ "value": ["PASSWORD", "PROVISIONING", "ENABLE", "AUTHENTICATE"]
}
]
```
-A value can also be an object that contains other values within it. For example, this PATCH request adds a new "location" attribute to the end of the source schema's array of attributes:
+A value can also be an object that contains other values within it. For example, this PATCH request adds a new "location" attribute to the end of the source schema's array of attributes:
```text
PATCH https://{tenant}.api.identitynow.com//v3/sources/:sourceId/schemas/:schemaId
@@ -616,50 +581,48 @@ PATCH https://{tenant}.api.identitynow.com//v3/sources/:sourceId/schemas/:schema
]
```
-This request uses the [PATCH Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to add a new attribute, along with its details, to the end of the array of a source's schema's attributes.
+This request uses the [PATCH Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to add a new attribute, along with its details, to the end of the array of a source's schema's attributes.
-This example uses the "-" after the path to indicate that the value will be added to the end of the array. When you are adding a new value to an array of values, you can specify the position within the array where you want to add the new value. In this example, using the "-" expression at the end of the path specifies that the new attribute will be added to the end of the array of attributes.
+This example uses the "-" after the path to indicate that the value will be added to the end of the array. When you are adding a new value to an array of values, you can specify the position within the array where you want to add the new value. In this example, using the "-" expression at the end of the path specifies that the new attribute will be added to the end of the array of attributes.
-You can use "0" to add a value to the beginning of the array. You can use "1" to add a value to the second positon, and so on. Using "-" adds the value to the end of the array.
+You can use "0" to add a value to the beginning of the array. You can use "1" to add a value to the second positon, and so on. Using "-" adds the value to the end of the array.
-## Specify a from
+## Specify a from
-The "move" and "copy" operations allow you to remove or copy information from one path and add it to another path without your needing to specify the value, which could be an extensive array of information. To use the "move" and "copy" operations, you must specify a "from", a JSON Pointer representing the location you are moving or copying the value from.
+The "move" and "copy" operations allow you to remove or copy information from one path and add it to another path without your needing to specify the value, which could be an extensive array of information. To use the "move" and "copy" operations, you must specify a "from", a JSON Pointer representing the location you are moving or copying the value from.
-This example request uses the [PATCH Source schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to move an attribute, along with its details, from the beginning to the end of a source schema's array of attributes:
+This example request uses the [PATCH Source schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to move an attribute, along with its details, from the beginning to the end of a source schema's array of attributes:
```text
PATCH https://{tenant}.api.identitynow.com//v3/sources/:sourceId/schemas/:schemaId
```
```json
-
- [
+[
{
- "op": "move",
- "from": "/attributes/0",
+ "op": "move",
+ "from": "/attributes/0",
"path": "/attributes/-"
- }
- ]
+ }
+]
+```
- ```
-
- Instead of having to specify the value yourself, which could be an extensive array of information, you can use the "move" operation to move everything from one path to another.
+Instead of having to specify the value yourself, which could be an extensive array of information, you can use the "move" operation to move everything from one path to another.
## Apply the PATCH request header
-With an operation, a path, and a change to make, a PATCH request is almost ready.
+With an operation, a path, and a change to make, a PATCH request is almost ready.
To send the request as a PATCH, you must apply this special PATCH content type header: `Content-Type: application/json-patch+json`
-## Send your PATCH request
+## Send your PATCH request
-Once you have specified the operation you want to apply, the path you want to change, the change you want to make, and you have applied the PATCH content type header, you can send your PATCH request.
+Once you have specified the operation you want to apply, the path you want to change, the change you want to make, and you have applied the PATCH content type header, you can send your PATCH request.
-When the request is successful, the API will return the updated resource.
+When the request is successful, the API will return the updated resource.
-## Get started
+## Get started
-Now you can use PATCH requests partially update resources. For more information about PATCH requests, refer to this [documentation](https://datatracker.ietf.org/doc/html/rfc6902). For more information about the Identity Security Cloud PATCH endpoints and which paths can be changed for each one, refer to their API specifications.
+Now you can use PATCH requests partially update resources. For more information about PATCH requests, refer to this [documentation](https://datatracker.ietf.org/doc/html/rfc6902). For more information about the Identity Security Cloud PATCH endpoints and which paths can be changed for each one, refer to their API specifications.
-Use this guide to get started, and if you have questions, don't hesitate to reach out on the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss!
\ No newline at end of file
+Use this guide to get started, and if you have questions, don't hesitate to reach out on the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss!
diff --git a/docs/api/postman-collections.md b/docs/api/postman-collections.md
index 1e22d2efb..4e51e4f3c 100644
--- a/docs/api/postman-collections.md
+++ b/docs/api/postman-collections.md
@@ -6,11 +6,10 @@ sidebar_label: Postman Collections
sidebar_position: 7
sidebar_class_name: postmanCollections
keywords: ['postman']
-description: Run ISC APIs in Postman.
+description: Run ISC APIs in Postman.
tags: ['postman']
---
-
import GitHubPublicFileComponent from '@site/src/components/GitHubLink';
[Postman](https://www.postman.com/) is a platform you can use to design, build, test, and iterate your APIs. Postman users and teams can create public workspaces they can use to make it easy to access their API collections and environments and get started. SailPoint maintains a [public workspace for the Identity Security Cloud API collections](https://www.postman.com/sailpoint/workspace/identitynow). You can use this workspace to access all the ISC API collections and stay up to date.
@@ -19,10 +18,8 @@ import GitHubPublicFileComponent from '@site/src/components/GitHubLink';
Each ISC API version is broken out into a separate collection within the workspace. The following table lists the available ISC API collections. To import a collection into your workspace, select the 'Run in Postman' button for your desired version. Doing so forks the collection into your workspace.
-
-
| API | Postman Collection |
-|------|----------------------------|
+| --- | --- |
| V3 API | [](https://god.gw.postman.com/run-collection/23226990-3721beea-5615-44b4-9459-e858a0ca7aed?action=collection%2Ffork&collection-url=entityId%3D23226990-3721beea-5615-44b4-9459-e858a0ca7aed%26entityType%3Dcollection%26workspaceId%3D80af54be-a333-4712-af5e-41aa9eccbdd0) |
| Beta API | [](https://god.gw.postman.com/run-collection/23226990-3b87172a-cd55-40a2-9ace-1560a1158a4e?action=collection%2Ffork&collection-url=entityId%3D23226990-3b87172a-cd55-40a2-9ace-1560a1158a4e%26entityType%3Dcollection%26workspaceId%3D80af54be-a333-4712-af5e-41aa9eccbdd0) |
| NERM API | [](https://god.gw.postman.com/run-collection/23226990-20d718e3-b9b3-43ad-850c-637b00864ae2?action=collection%2Ffork&collection-url=entityId%3D23226990-20d718e3-b9b3-43ad-850c-637b00864ae2%26entityType%3Dcollection%26workspaceId%3D80af54be-a333-4712-af5e-41aa9eccbdd0) |
@@ -41,12 +38,12 @@ SailPoint is often making improvements to the ISC API collections. To keep your
The SailPoint workspace provides an environment, a set of variables you can use in your requests, that you can fork and pull changes from to stay up to date the same way you can with collections. To import the environment into your workspace, select 'Run in Postman'.
| Environment | [](https://www.postman.com/sailpoint/workspace/identitynow/environment/23226990-ed571d4f-37a3-4a2c-9105-5d8d8cce1d20/fork) |
-|------|----------------------------|
+| --- | --- |
To send API requests in Postman, you must authenticate to the APIs. To authenticate to the APIs, you must specify these variables in your Postman environment:
| Environment Variable | Required | Description |
-| ----------- | ----------- | ----------- |
+| --- | --- | --- |
| tenant | Yes | Your ISC tenant, typically your company's name |
| clientId | Yes | The client ID for the API client or personal access token |
| clientSecret | Yes | The client secret for the API client or personal access token |
diff --git a/docs/api/rate-limit.md b/docs/api/rate-limit.md
index 3070c8a73..327d50989 100644
--- a/docs/api/rate-limit.md
+++ b/docs/api/rate-limit.md
@@ -6,7 +6,7 @@ sidebar_label: Rate Limiting
sidebar_position: 6
sidebar_class_name: rateLimit
keywords: ['rate limit']
-description: ISC API rate limits.
+description: ISC API rate limits.
tags: ['Rate Limit']
---
diff --git a/docs/api/standard-collection-parameters.md b/docs/api/standard-collection-parameters.md
index 6c809e2f7..20eb3b267 100644
--- a/docs/api/standard-collection-parameters.md
+++ b/docs/api/standard-collection-parameters.md
@@ -6,7 +6,7 @@ sidebar_label: Standard Collection Parameters
sidebar_position: 5
sidebar_class_name: standardCollectionParameters
keywords: ['standard collection parameters']
-description: ISC API pagination, filtering, and sorting.
+description: ISC API pagination, filtering, and sorting.
tags: ['Standard Collection Parameters']
---
@@ -40,11 +40,11 @@ The `searchAfter` capability provides the ability to page on sorted field values
**Required Properties for Paginating Search Results**
-|**Property**|Description|
+| **Property** | Description |
| --- | --- |
-|**query**|The Query JSON object. Refer to the following Query JSON Object table for details.|
-|**sort**|The array list of the fields to sort by. This is required if you are using the `searchAfter` approach. You can use `-fieldName` for descending searches (optional).|
-|**searchAfter**|You can use this instead of offset to get past the 10,000 paging result record limit, passing the last value(s) of your sort fields from the previous result set into the next result set until you get the total number of results or the end of results (optional).|
+| **query** | The Query JSON object. Refer to the following Query JSON Object table for details. |
+| **sort** | The array list of the fields to sort by. This is required if you are using the `searchAfter` approach. You can use `-fieldName` for descending searches (optional). |
+| **searchAfter** | You can use this instead of offset to get past the 10,000 paging result record limit, passing the last value(s) of your sort fields from the previous result set into the next result set until you get the total number of results or the end of results (optional). |
### Example of Paginating Search Results
@@ -54,15 +54,11 @@ Here is an example of a search API call with `searchAfter` paging. The first que
```json
{
- "indices": [
- "identities"
- ],
- "query": {
- "query": "*"
- },
- "sort": [
- "id"
- ]
+ "indices": ["identities"],
+ "query": {
+ "query": "*"
+ },
+ "sort": ["id"]
}
```
@@ -72,16 +68,12 @@ This query will return 100 records. To get the next 100 records, find the last r
```json
{
- "indices": [
- "identities"
- ],
- "query": {
- "query": "*"
- },
- "sort": [
- "id"
- ],
- "searchAfter": ["2c9180835d38ca0c015d606b50851b1e"]
+ "indices": ["identities"],
+ "query": {
+ "query": "*"
+ },
+ "sort": ["id"],
+ "searchAfter": ["2c9180835d38ca0c015d606b50851b1e"]
}
```
diff --git a/docs/connectivity.md b/docs/connectivity.md
index e9f97beb6..0c1fdc37f 100644
--- a/docs/connectivity.md
+++ b/docs/connectivity.md
@@ -6,7 +6,7 @@ sidebar_label: Connectivity
sidebar_position: 1
sidebar_class_name: connectivity
keywords: ['connectivity']
-description: Build and expand ISC connectivity.
+description: Build and expand ISC connectivity.
slug: /connectivity
tags: ['connectivity']
---
@@ -24,6 +24,6 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about ISC connectivity and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
+To learn more about ISC connectivity and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/connectivity/saas-connectivity/common-cli-commands.md b/docs/connectivity/saas-connectivity/common-cli-commands.md
index 0b8e6f2b4..5da773ed7 100644
--- a/docs/connectivity/saas-connectivity/common-cli-commands.md
+++ b/docs/connectivity/saas-connectivity/common-cli-commands.md
@@ -37,4 +37,3 @@ Below is a list of commands and their usages:
- Delete a connector: `sail conn delete -c [connectorID | connectorAlias]`
- **Linking**
- Link a customizer to your source instance: `sail conn customizers link -i [sourceInstanceID] -c [customizerID]`
-
diff --git a/docs/connectivity/saas-connectivity/connector-commands/account-enable.md b/docs/connectivity/saas-connectivity/connector-commands/account-enable.md
index 1158ac2b0..2f5c9e7a6 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/account-enable.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/account-enable.md
@@ -9,10 +9,10 @@ slug: /connectivity/saas-connectivity/commands/account-enable
tags: ['Connectivity', 'Connector Command']
---
-| Input/Output | Data Type |
-| :-------------- | :---------------------: |
-| Input - Enable | StdAccountEnableInput |
-| Output - Enable | StdAccountEnableOutput |
+| Input/Output | Data Type |
+| :-------------- | :--------------------: |
+| Input - Enable | StdAccountEnableInput |
+| Output - Enable | StdAccountEnableOutput |
### Example StdAccountEnableInput
diff --git a/docs/connectivity/saas-connectivity/connector-commands/account-list.md b/docs/connectivity/saas-connectivity/connector-commands/account-list.md
index 05c110a32..9362a721d 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/account-list.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/account-list.md
@@ -79,7 +79,7 @@ ISC will throw a connection timeout error if your connector doesn't respond with
:::caution Important
-ISC supports [delta aggregation](#delta-aggregation-state). If your source has a large number of accounts that will be syncronized with ISC, then it is highly recommended to utilize [delta aggregation](#delta-aggregation-state) for the source.
+ISC supports [delta aggregation](#delta-aggregation-state). If your source has a large number of accounts that will be syncronized with ISC, then it is highly recommended to utilize [delta aggregation](#delta-aggregation-state) for the source.
:::
@@ -180,7 +180,7 @@ The result of the account list command is not an array of objects but several in
If your source can keep track of changes to the data in some way, then delta aggregation can be performed on a source. In order to implement, there are a few things that need to be configured
-1. In your connector-spec.json file, the feature needs to be enabled by adding the following key: ```"supportsStatefulCommands": true,``` and in the sourceConfig section, a checkbox needs to be added to enable state with the key ```spConnEnableStatefulCommands```:
+1. In your connector-spec.json file, the feature needs to be enabled by adding the following key: `"supportsStatefulCommands": true,` and in the sourceConfig section, a checkbox needs to be added to enable state with the key `spConnEnableStatefulCommands`:
```javascript
"supportsStatefulCommands": true,
@@ -193,7 +193,7 @@ If your source can keep track of changes to the data in some way, then delta agg
}
```
-2. In the ```stdAccountList``` command, when you are done sending accounts, you need to also send the state to ISC so it knows where to start the next time it sends a list request:
+2. In the `stdAccountList` command, when you are done sending accounts, you need to also send the state to ISC so it knows where to start the next time it sends a list request:
```javascript
const state = {"data": Date.now().toString()}
@@ -205,11 +205,11 @@ In the above example, I am capturing the date, but you can use any value you wan
:::caution Important
-The state that you send using the ```saveState``` command MUST be a json object, and it is recommend to only save strings to ensure proper serialization/deserialization of the data. You cannot send a simple string or number or it will not properly save the state.
+The state that you send using the `saveState` command MUST be a json object, and it is recommend to only save strings to ensure proper serialization/deserialization of the data. You cannot send a simple string or number or it will not properly save the state.
:::
-3. In the ```stdAccountList``` command, you need to properly handle the state object. Something like below checks the stateful boolean as well as the state object and fetches accounts accordingly:
+3. In the `stdAccountList` command, you need to properly handle the state object. Something like below checks the stateful boolean as well as the state object and fetches accounts accordingly:
```javascript
.stdAccountList(async (context: Context, input: StdAccountListInput, res: Response) => {
@@ -231,4 +231,4 @@ The state that you send using the ```saveState``` command MUST be a json object,
}
res.saveState(state)
})
-```
\ No newline at end of file
+```
diff --git a/docs/connectivity/saas-connectivity/connector-commands/account-update.md b/docs/connectivity/saas-connectivity/connector-commands/account-update.md
index e062a213a..5c9f8dfd5 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/account-update.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/account-update.md
@@ -105,4 +105,4 @@ Note: Testing the account update command for removing entitlements using this me
## Handling an account that is not found
-If an account can't be found in the source system, ISC can recreate the account by using the ```ConnectorErrorType.NotFound``` error type. For details and implementation, refer to [Error Handling](../in-depth/error-handling.md#not-found-error-type).
\ No newline at end of file
+If an account can't be found in the source system, ISC can recreate the account by using the `ConnectorErrorType.NotFound` error type. For details and implementation, refer to [Error Handling](../in-depth/error-handling.md#not-found-error-type).
diff --git a/docs/connectivity/saas-connectivity/connector-commands/change-password.md b/docs/connectivity/saas-connectivity/connector-commands/change-password.md
index a352b77be..36028109a 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/change-password.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/change-password.md
@@ -9,8 +9,8 @@ slug: /connectivity/saas-connectivity/commands/change-password
tags: ['Connectivity', 'Connector Command']
---
-| Input/Output | Data Type |
-| :----------- | :--------------------: |
+| Input/Output | Data Type |
+| :----------- | :---------------------: |
| Input | StdChangePasswordInput |
| Output | StdChangePasswordOutput |
@@ -29,12 +29,13 @@ tags: ['Connectivity', 'Connector Command']
### Example StdChangePasswordOutput
```javascript
-{}
+{
+}
```
## Description
-The change password command is triggered in ISC when a user changes their password through ISC. When this occurs, if your source has change password enabled, then you can change the user password on the source system through ISC.
+The change password command is triggered in ISC when a user changes their password through ISC. When this occurs, if your source has change password enabled, then you can change the user password on the source system through ISC.
## The Provisioning Plan
@@ -48,4 +49,4 @@ The change password command sends the password change event to your connector wh
## Testing in Identity Security Cloud
-In order to test in Identity Security Cloud, the source application must be configured so that it is able to accept password change requests through the Password Manager. Once this setup is complete, you can log in as a user whose identity exists in the configured application and change their password in the Password Manager.
\ No newline at end of file
+In order to test in Identity Security Cloud, the source application must be configured so that it is able to accept password change requests through the Password Manager. Once this setup is complete, you can log in as a user whose identity exists in the configured application and change their password in the Password Manager.
diff --git a/docs/connectivity/saas-connectivity/connector-commands/entitlement-list.md b/docs/connectivity/saas-connectivity/connector-commands/entitlement-list.md
index 3e04e061c..931e542e3 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/entitlement-list.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/entitlement-list.md
@@ -104,6 +104,7 @@ private buildStandardObject(): StdEntitlementReadOutput | StdEntitlementListOutp
}
}
```
+
:::caution Important
ISC will throw a connection timeout error if your connector doesn't respond within 3 minutes, and there are memory limitations involved with aggregating data. To prevent large memory utilization or timeout errors, you should set up your connectors to send data to ISC as it's retrieved from your source system. For more details and an example, refer to [Connector Timeouts](../in-depth/connector-timeouts.md).
@@ -112,7 +113,7 @@ ISC will throw a connection timeout error if your connector doesn't respond with
:::caution Important
-ISC supports [delta aggregation](#delta-aggregation-state). If your source has a large number of entitlements that will be syncronized with ISC, then it is highly recommended to utilize [delta aggregation](#delta-aggregation-state) for the source.
+ISC supports [delta aggregation](#delta-aggregation-state). If your source has a large number of entitlements that will be syncronized with ISC, then it is highly recommended to utilize [delta aggregation](#delta-aggregation-state) for the source.
:::
@@ -120,7 +121,7 @@ ISC supports [delta aggregation](#delta-aggregation-state). If your source has a
If your source can keep track of changes to the data in some way, then delta aggregation can be performed on a source. In order to implement, there are a few things that need to be configured
-1. In your connector-spec.json file, the feature needs to be enabled by adding the following key: ```"supportsStatefulCommands": true,``` and in the sourceConfig section, a checkbox needs to be added to enable state with the key ```spConnEnableStatefulCommands```:
+1. In your connector-spec.json file, the feature needs to be enabled by adding the following key: `"supportsStatefulCommands": true,` and in the sourceConfig section, a checkbox needs to be added to enable state with the key `spConnEnableStatefulCommands`:
```javascript
"supportsStatefulCommands": true,
@@ -133,7 +134,7 @@ If your source can keep track of changes to the data in some way, then delta agg
}
```
-2. In the ```stdEntitlementList``` command, when you are done sending entitlments, you need to also send the state to ISC so it knows where to start the next time it sends a list request:
+2. In the `stdEntitlementList` command, when you are done sending entitlments, you need to also send the state to ISC so it knows where to start the next time it sends a list request:
```javascript
const state = {"data": Date.now().toString()}
@@ -145,11 +146,11 @@ In the above example, I am capturing the date, but you can use any value you wan
:::caution Important
-The state that you send using the ```saveState``` command MUST be a json object, and it is recommend to only save strings to ensure proper serialization/deserialization of the data. You cannot send a simple string or number or it will not properly save the state.
+The state that you send using the `saveState` command MUST be a json object, and it is recommend to only save strings to ensure proper serialization/deserialization of the data. You cannot send a simple string or number or it will not properly save the state.
:::
-3. In the ```stdEntitlementList``` command, you need to properly handle the state object. Something like below checks the stateful boolean as well as the state object and fetches accounts accordingly:
+3. In the `stdEntitlementList` command, you need to properly handle the state object. Something like below checks the stateful boolean as well as the state object and fetches accounts accordingly:
```javascript
.stdEntitlementList(async (context: Context, input: StdEntitlementListInput, res: Response) => {
@@ -171,4 +172,4 @@ The state that you send using the ```saveState``` command MUST be a json object,
}
res.saveState(state)
})
-```
\ No newline at end of file
+```
diff --git a/docs/connectivity/saas-connectivity/connector-commands/source-data-discover.md b/docs/connectivity/saas-connectivity/connector-commands/source-data-discover.md
index d63387354..14bc2e672 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/source-data-discover.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/source-data-discover.md
@@ -4,12 +4,12 @@ title: Source Data Discover
pagination_label: Source Data Discover
sidebar_label: Source Data Discover
keywords: ['connectivity', 'connectors', 'Source Data Discover']
-description: Discover potential source data types.
+description: Discover potential source data types.
slug: /connectivity/saas-connectivity/commands/source-data-discover
tags: ['Connectivity', 'Connector Command']
---
-| Input/Output | Data Type |
+| Input/Output | Data Type |
| :----------- | :-------------------------: |
| Input | StdSourceDataDiscoverInput |
| Output | StdSourceDataDiscoverOutput |
@@ -29,26 +29,26 @@ tags: ['Connectivity', 'Connector Command']
```javascript
[
- {
- key: 'id',
- label: 'Id',
- subLabel: 'Airtable Base Id'
- },
- {
- key: 'name',
- label: 'Name',
- subLabel: 'Airtable Source Table Name'
- }
-]
+ {
+ key: 'id',
+ label: 'Id',
+ subLabel: 'Airtable Base Id',
+ },
+ {
+ key: 'name',
+ label: 'Name',
+ subLabel: 'Airtable Source Table Name',
+ },
+];
```
## Description
-Use the source data discover command to identify the types of data your source can return. Different sources can send different types of data to Identity Security Cloud. For example, one source may be able to send a list of the different languages it supports, while another may be able to send values describing source details normally sent through accounts and entitlements. You can use the source data discover command to discover these possibilities.
+Use the source data discover command to identify the types of data your source can return. Different sources can send different types of data to Identity Security Cloud. For example, one source may be able to send a list of the different languages it supports, while another may be able to send values describing source details normally sent through accounts and entitlements. You can use the source data discover command to discover these possibilities.
-One typical use for the source data discover command is found in Identity Security Cloud customer forms for dropdown menus: they use the command to identify the additional source types their sources can provide to Identity Security Cloud and use that information to populate the dropdown menus.
+One typical use for the source data discover command is found in Identity Security Cloud customer forms for dropdown menus: they use the command to identify the additional source types their sources can provide to Identity Security Cloud and use that information to populate the dropdown menus.
-This is a simple example of the source data discover command. It has been implemented to list two types of queries that the Airtable source can supply.
+This is a simple example of the source data discover command. It has been implemented to list two types of queries that the Airtable source can supply.
```javascript
.stdSourceDataDiscover(async (context: Context, input: StdSourceDataDiscoverInput, res: Response) => {
@@ -103,4 +103,4 @@ Now, if the source system sends a command like the following, they will only get
"query": "name"
}
},
-```
\ No newline at end of file
+```
diff --git a/docs/connectivity/saas-connectivity/connector-commands/source-data-read.md b/docs/connectivity/saas-connectivity/connector-commands/source-data-read.md
index 6b931bdd2..fb4f86148 100644
--- a/docs/connectivity/saas-connectivity/connector-commands/source-data-read.md
+++ b/docs/connectivity/saas-connectivity/connector-commands/source-data-read.md
@@ -4,13 +4,13 @@ title: Source Data Read
pagination_label: Source Data Read
sidebar_label: Source Data Read
keywords: ['connectivity', 'connectors', 'Source Data Read']
-description: Read source data.
+description: Read source data.
slug: /connectivity/saas-connectivity/commands/source-data-read
tags: ['Connectivity', 'Connector Command']
---
-| Input/Output | Data Type |
-| :----------- | :-------------------------: |
+| Input/Output | Data Type |
+| :----------- | :---------------------: |
| Input | StdSourceDataReadInput |
| Output | StdSourceDataReadOutput |
@@ -30,24 +30,24 @@ tags: ['Connectivity', 'Connector Command']
```javascript
[
- {
- key: 'id',
- label: 'Id',
- subLabel: 'Airtable Base Id'
- },
- {
- key: 'name',
- label: 'Name',
- subLabel: 'Airtable Source Table Name'
- }
-]
+ {
+ key: 'id',
+ label: 'Id',
+ subLabel: 'Airtable Base Id',
+ },
+ {
+ key: 'name',
+ label: 'Name',
+ subLabel: 'Airtable Source Table Name',
+ },
+];
```
## Description
Use the source data read command to query a source in Identity Security Cloud and return a set of data. This data is typically used to populate a dropdown menu for selection purposes. This functionality is typically useful for Identity Security Cloud forms, but it can be used for any type of implementation that requires you to get other information from a source, information that is not normally retrieved from identites or entitlements.
-This is a simple example of the source data read command. It is implemented to retrieve the base ID name. The `sourceDataKey` is required, the ```source data read``` command should return it.
+This is a simple example of the source data read command. It is implemented to retrieve the base ID name. The `sourceDataKey` is required, the `source data read` command should return it.
```javascript
.stdSourceDataRead(async (context: Context, input: StdSourceDataReadInput, res: Response) => {
@@ -63,7 +63,7 @@ This is a simple example of the source data read command. It is implemented to r
})
```
-You can optionally use `input.queryInput.query` to make the list searchable. One way you could do this is to import a tool like [alasql](https://github.com/AlaSQL/alasql) and allow the user to implement a search on the dataset. This example from Airtable shows how you could use the source data read command to get accounts and allow a search to be performed with the Airtable API:
+You can optionally use `input.queryInput.query` to make the list searchable. One way you could do this is to import a tool like [alasql](https://github.com/AlaSQL/alasql) and allow the user to implement a search on the dataset. This example from Airtable shows how you could use the source data read command to get accounts and allow a search to be performed with the Airtable API:
```javascript
.stdSourceDataRead(async (context: Context, input: StdSourceDataReadInput, res: Response) => {
@@ -113,4 +113,4 @@ Now, if the source system sends a command like the following, the system will on
"query": "Adam"
}
},
-```
\ No newline at end of file
+```
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/config.md b/docs/connectivity/saas-connectivity/connector-customizers/config.md
index 6054ecb42..d60573eb7 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/config.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/config.md
@@ -18,7 +18,7 @@ The connector config object holds all the config values that are set in the SaaS
The config object is fetched during initialization of the connector
```typescript
-const config: Config = await readConfig()
+const config: Config = await readConfig();
```
### Example Config Object
@@ -27,36 +27,36 @@ Below is an example object model that can be used to type your config. Any value
```typescript
export interface Config {
- beforeProvisioningRule: any
- cloudCacheUpdate: number
- cloudDisplayName: string
- cloudExternalId: string
- connectionType: string
- connectorName: string
- deleteThresholdPercentage: number
- deltaAggregation: DeltaAggregation
- deltaAggregationEnabled: boolean
- formPath: any
- hasFullAggregationCompleted: boolean
- healthCheckTimeout: number
- healthy: boolean
- idnProxyType: string
- managementWorkgroup: any
- managerCorrelationFilter: any
- since: string
- "slpt-source-diagnostics": string
- sourceConnected: boolean
- sourceDescription: string
- spConnEnableStatefulCommands: boolean
- spConnectorInstanceId: string
- spConnectorSpecId: string
- status: string
- supportsDeltaAgg: boolean
- templateApplication: string
- }
-
- export interface DeltaAggregation {
- "std:account:list": any
- "std:entitlement:list": any
- }
-```
\ No newline at end of file
+ beforeProvisioningRule: any;
+ cloudCacheUpdate: number;
+ cloudDisplayName: string;
+ cloudExternalId: string;
+ connectionType: string;
+ connectorName: string;
+ deleteThresholdPercentage: number;
+ deltaAggregation: DeltaAggregation;
+ deltaAggregationEnabled: boolean;
+ formPath: any;
+ hasFullAggregationCompleted: boolean;
+ healthCheckTimeout: number;
+ healthy: boolean;
+ idnProxyType: string;
+ managementWorkgroup: any;
+ managerCorrelationFilter: any;
+ since: string;
+ 'slpt-source-diagnostics': string;
+ sourceConnected: boolean;
+ sourceDescription: string;
+ spConnEnableStatefulCommands: boolean;
+ spConnectorInstanceId: string;
+ spConnectorSpecId: string;
+ status: string;
+ supportsDeltaAgg: boolean;
+ templateApplication: string;
+}
+
+export interface DeltaAggregation {
+ 'std:account:list': any;
+ 'std:entitlement:list': any;
+}
+```
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-create.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-create.md
index 88e8a13e2..04c3768e9 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-create.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-create.md
@@ -4,7 +4,7 @@ title: Account Create
pagination_label: Account Create
sidebar_label: Account Create
keywords: ['connectivity', 'connectors', 'Account Create']
-description: Intercept the account create command.
+description: Intercept the account create command.
slug: /connectivity/saas-connectivity/customizers/commands/account-create
tags: ['Connectivity', 'Connector Command']
---
@@ -13,7 +13,6 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-create](../../commands/account-create) command.
-
| Input/Output | Data Type |
| :----------- | :--------------------: |
| Input | StdAccountCreateInput |
@@ -60,11 +59,12 @@ Use these commands to intercept the [account-create](../../commands/account-crea
}
}
```
+
## Implementation
### Before account-create command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountCreate(async (context: Context, input: StdAccountCreateInput) => {
@@ -72,11 +72,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-create command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountCreate(async (context: Context, output: StdAccountCreateOutput) => {
@@ -84,4 +85,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-delete.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-delete.md
index f758b605f..2d4eb86cd 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-delete.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-delete.md
@@ -4,7 +4,7 @@ title: Account Delete
pagination_label: Account Delete
sidebar_label: Account Delete
keywords: ['connectivity', 'connectors', 'Account Delete']
-description: Intercept the account delete command.
+description: Intercept the account delete command.
slug: /connectivity/saas-connectivity/customizers/commands/account-delete
tags: ['Connectivity', 'Connector Command']
---
@@ -37,11 +37,12 @@ Use these commands to intercept the [account-delete](../../commands/account-dele
{
}
```
+
## Implementation
### Before account-delete command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountDelete(async (context: Context, input: StdAccountDeleteInput) => {
@@ -49,11 +50,12 @@ Use this logic to implement the command:
return input
})
```
-The `input` object can be mutated and returned, but the same data type must still be returned.
+
+The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-delete command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountDelete(async (context: Context, output: StdAccountDeleteOutput) => {
@@ -61,4 +63,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-disable.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-disable.md
index f038ae998..6d8f44699 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-disable.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-disable.md
@@ -4,7 +4,7 @@ title: Account Disable
pagination_label: Account Disable
sidebar_label: Account Disable
keywords: ['connectivity', 'connectors', 'Account Disable']
-description: Intercept the account disable command.
+description: Intercept the account disable command.
slug: /connectivity/saas-connectivity/customizers/commands/account-disable
tags: ['Connectivity', 'Connector Command']
---
@@ -13,11 +13,10 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-disable](../../commands/account-disable) command.
-
-| Input/Output | Data Type |
-| :-------------- | :---------------------: |
-| Input | StdAccountDisableInput |
-| Output | StdAccountDisableOutput |
+| Input/Output | Data Type |
+| :----------- | :---------------------: |
+| Input | StdAccountDisableInput |
+| Output | StdAccountDisableOutput |
### Example StdAccountDisableInput
@@ -53,11 +52,12 @@ Use these commands to intercept the [account-disable](../../commands/account-dis
}
}
```
+
## Implementation
### Before account-disable command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountDisable(async (context: Context, input: StdAccountDisableInput) => {
@@ -65,11 +65,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-disable command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountDisable(async (context: Context, output: StdAccountDisableOutput) => {
@@ -77,4 +78,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-enable.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-enable.md
index 5eae86fe1..36d3eefc1 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-enable.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-enable.md
@@ -13,11 +13,10 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-enable](../../commands/account-enable) command.
-
-| Input/Output | Data Type |
-| :-------------- | :---------------------: |
-| Input | StdAccountEnableInput |
-| Output | StdAccountEnableOutput |
+| Input/Output | Data Type |
+| :----------- | :--------------------: |
+| Input | StdAccountEnableInput |
+| Output | StdAccountEnableOutput |
### Example StdAccountEnableInput
@@ -53,11 +52,12 @@ Use these commands to intercept the [account-enable](../../commands/account-enab
}
}
```
+
## Implementation
### Before account-enable command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountEnable(async (context: Context, input: StdAccountEnableInput) => {
@@ -65,11 +65,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-enable command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountEnable(async (context: Context, output: StdAccountEnableOutput) => {
@@ -77,4 +78,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-list.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-list.md
index de17a0aa6..4e374c538 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-list.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-list.md
@@ -13,10 +13,9 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-list](../../commands/account-list) command.
-
-| Input/Output | Data Type |
-| :----------- | :------------------: |
-| Input | StdAccountListInput |
+| Input/Output | Data Type |
+| :----------- | :-----------------: |
+| Input | StdAccountListInput |
### Example StdAccountListInput
@@ -24,11 +23,12 @@ Use these commands to intercept the [account-list](../../commands/account-list)
"state": {"date": "1686341338871"},
"stateful": true
```
+
## Implementation
### Before account-list command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountList(async (context: Context, input: StdAccountListInput) => {
@@ -36,8 +36,9 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-list command
-After account-list is not available for customization at this time. If you need to modify the values of the response, it is recommended that you use [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/).
\ No newline at end of file
+After account-list is not available for customization at this time. If you need to modify the values of the response, it is recommended that you use [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/).
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-read.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-read.md
index 78f964d91..bf6c1fe15 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-read.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-read.md
@@ -13,7 +13,6 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-read](../../commands/account-read) command.
-
| Input/Output | Data Type |
| :----------- | :------------------: |
| Input | StdAccountReadInput |
@@ -53,12 +52,12 @@ Use these commands to intercept the [account-read](../../commands/account-read)
}
}
```
-## Implementation
+## Implementation
### Before account-read command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountRead(async (context: Context, input: StdAccountReadInput) => {
@@ -66,11 +65,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-read command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountRead(async (context: Context, output: StdAccountReadOutput) => {
@@ -78,4 +78,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-unlock.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-unlock.md
index 2e2bd7ec5..a3b8e80c0 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-unlock.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-unlock.md
@@ -13,7 +13,6 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-unlock](../../commands/account-unlock) command.
-
| Input/Output | Data Type |
| :----------- | :--------------------: |
| Input | StdAccountUnlockInput |
@@ -53,11 +52,12 @@ Use these commands to intercept the [account-unlock](../../commands/account-unlo
}
}
```
+
## Implementation
### Before account-unlock command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountUnlock(async (context: Context, input: StdAccountUnlockInput) => {
@@ -65,11 +65,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-unlock command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountUnlock(async (context: Context, output: StdAccountUnlockOutput) => {
@@ -77,4 +78,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-update.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-update.md
index 570c91703..2c3d4e4c2 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-update.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/account-update.md
@@ -13,7 +13,6 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [account-update](../../commands/account-update) command.
-
| Input/Output | Data Type |
| :----------- | :--------------------: |
| Input | StdAccountUpdateInput |
@@ -62,12 +61,12 @@ Use these commands to intercept the [account-update](../../commands/account-upda
}
}
```
-## Implementation
+## Implementation
### Before account-update command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdAccountUpdate(async (context: Context, input: StdAccountUpdateInput) => {
@@ -75,11 +74,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After account-update command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdAccountUpdate(async (context: Context, output: StdAccountUpdateOutput) => {
@@ -87,4 +87,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/change-password.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/change-password.md
index 1a8141cd9..115730efe 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/change-password.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/change-password.md
@@ -13,9 +13,8 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [change-password](../../commands/change-password) command.
-
-| Input/Output | Data Type |
-| :----------- | :--------------------: |
+| Input/Output | Data Type |
+| :----------- | :---------------------: |
| Input | StdChangePasswordInput |
| Output | StdChangePasswordOutput |
@@ -34,14 +33,15 @@ Use these commands to intercept the [change-password](../../commands/change-pass
### Example StdChangePasswordOutput
```javascript
-{}
+{
+}
```
-## Implementation
+## Implementation
### Before change-password command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdChangePassword(async (context: Context, input: StdChangePasswordInput) => {
@@ -49,11 +49,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After change-password command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdChangePassword(async (context: Context, output: StdChangePasswordOutput) => {
@@ -61,4 +62,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-list.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-list.md
index c8339c80f..b70753949 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-list.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-list.md
@@ -13,10 +13,9 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [entitlement-list](../../commands/entitlement-list) command.
-
-| Input/Output | Data Type |
-| :----------- | :----------------------: |
-| Input | StdEntitlementListInput |
+| Input/Output | Data Type |
+| :----------- | :---------------------: |
+| Input | StdEntitlementListInput |
### Example StdEntitlementListInput
@@ -30,7 +29,7 @@ Use these commands to intercept the [entitlement-list](../../commands/entitlemen
### Before entitlement-list command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdEntitlementList(async (context: Context, input: StdEntitlementListInput) => {
@@ -38,8 +37,9 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After entitlement-list command
-After entitlement-list is not available for customization at this time. If you need to modify the values of the response, it is recommended that you use [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/).
\ No newline at end of file
+After entitlement-list is not available for customization at this time. If you need to modify the values of the response, it is recommended that you use [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/).
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-read.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-read.md
index 2fdb85f61..6071b1223 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-read.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/entitlement-read.md
@@ -13,7 +13,6 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [entitlement-read](../../commands/entitlement-read) command.
-
| Input/Output | Data Type |
| :----------- | :----------------------: |
| Input | StdEntitlementReadInput |
@@ -50,11 +49,12 @@ Use these commands to intercept the [entitlement-read](../../commands/entitlemen
}
}
```
+
## Implementation
### Before entitlement-read command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdEntitlementRead(async (context: Context, input: StdEntitlementReadInput) => {
@@ -62,11 +62,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After entitlement-read command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdEntitlementRead(async (context: Context, output: StdEntitlementReadOutput) => {
@@ -74,4 +75,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-discover.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-discover.md
index 40674688a..c58e7c3ec 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-discover.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-discover.md
@@ -13,8 +13,7 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [source-data-discover](../../commands/source-data-discover) command.
-
-| Input/Output | Data Type |
+| Input/Output | Data Type |
| :----------- | :-------------------------: |
| Input | StdSourceDataDiscoverInput |
| Output | StdSourceDataDiscoverOutput |
@@ -34,23 +33,24 @@ Use these commands to intercept the [source-data-discover](../../commands/source
```javascript
[
- {
- key: 'id',
- label: 'Id',
- subLabel: 'Airtable Base Id'
- },
- {
- key: 'name',
- label: 'Name',
- subLabel: 'Airtable Source Table Name'
- }
-]
+ {
+ key: 'id',
+ label: 'Id',
+ subLabel: 'Airtable Base Id',
+ },
+ {
+ key: 'name',
+ label: 'Name',
+ subLabel: 'Airtable Source Table Name',
+ },
+];
```
+
## Implementation
### Before source-data-discover command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdSourceDataDiscover(async (context: Context, input: StdSourceDataDiscoverInput) => {
@@ -58,11 +58,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After source-data-discover command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdSourceDataDiscover(async (context: Context, output: StdSourceDataDiscoverOutput) => {
@@ -70,4 +71,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-read.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-read.md
index 6896be20b..4e67a7a8f 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-read.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/source-data-read.md
@@ -13,9 +13,8 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [source-data-read](../../commands/source-data-read) command.
-
-| Input/Output | Data Type |
-| :----------- | :-------------------------: |
+| Input/Output | Data Type |
+| :----------- | :---------------------: |
| Input | StdSourceDataReadInput |
| Output | StdSourceDataReadOutput |
@@ -35,23 +34,24 @@ Use these commands to intercept the [source-data-read](../../commands/source-dat
```javascript
[
- {
- key: 'id',
- label: 'Id',
- subLabel: 'Airtable Base Id'
- },
- {
- key: 'name',
- label: 'Name',
- subLabel: 'Airtable Source Table Name'
- }
-]
+ {
+ key: 'id',
+ label: 'Id',
+ subLabel: 'Airtable Base Id',
+ },
+ {
+ key: 'name',
+ label: 'Name',
+ subLabel: 'Airtable Source Table Name',
+ },
+];
```
+
## Implementation
### Before source-data-read command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdSourceDataRead(async (context: Context, input: StdSourceDataReadInput) => {
@@ -59,11 +59,12 @@ Use this logic to implement the command:
return input
})
```
+
The `input` object can be mutated and returned, but the same data type must still be returned.
### After source-data-read command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdSourceDataRead(async (context: Context, output: StdSourceDataReadOutput) => {
@@ -71,4 +72,5 @@ Use this logic to implement the command:
return output
})
```
-The `output` object can be mutated and returned, but the same data type must still be returned.
\ No newline at end of file
+
+The `output` object can be mutated and returned, but the same data type must still be returned.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/test-connection.md b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/test-connection.md
index c0632d6a8..57939639c 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/test-connection.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/customizer-commands/test-connection.md
@@ -13,7 +13,6 @@ tags: ['Connectivity', 'Connector Command']
Use these commands to intercept the [Test-Connection](../../commands/test-connection) command.
-
| Input/Output | Data Type |
| :----------- | :---------------------: |
| Input | undefined |
@@ -25,22 +24,24 @@ Use these commands to intercept the [Test-Connection](../../commands/test-connec
{
}
```
+
## Implementation
### Before test-connection command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.beforeStdTestConnection(async (context: Context, input: undefined) => {
logger.info('Running before test connection')
})
```
+
There is no input, so you cannot mutate any data. However, you can make web request calls or perform any type of logging or logic before calling the connector.
### After test-connection command
-Use this logic to implement the command:
+Use this logic to implement the command:
```javascript
.afterStdTestConnection(async (context: Context, output: StdTestConnectionOutput) => {
@@ -48,4 +49,5 @@ Use this logic to implement the command:
return output
})
```
-The output datatype is always an empty object handed down from the connector.
\ No newline at end of file
+
+The output datatype is always an empty object handed down from the connector.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/getting-started.md b/docs/connectivity/saas-connectivity/connector-customizers/getting-started.md
index 586c607b4..1d3c02a47 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/getting-started.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/getting-started.md
@@ -33,7 +33,7 @@ sail conn customizers init my-customizer-project
The CLI init command creates a new folder with your project name in the location where you run the command.
-Change the directory to the project folder and run ```npm install`` to install the dependencies.
+Change the directory to the project folder and run ``npm install` to install the dependencies.
### Source files
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/index.md b/docs/connectivity/saas-connectivity/connector-customizers/index.md
index df7260cd3..2fee8f0af 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/index.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/index.md
@@ -6,7 +6,7 @@ sidebar_label: Customizers
sidebar_position: 7.1
sidebar_class_name: saasConnectivity
keywords: ['connectivity', 'connectors', customizers]
-description: Connectivity customizers can customize out of the box SaaS connectors.
+description: Connectivity customizers can customize out of the box SaaS connectors.
slug: /connectivity/saas-connectivity/customizers
tags: ['Connectivity']
---
@@ -17,9 +17,9 @@ SaaS Connectivity Customizers are cloud-based connector customizers that make cu
## How do they work?
-SaaS Connectivity Customizers work by sitting in between Identity Security Cloud and the connector. They intercept calls from Identity Security Cloud to the connector and calls from the connector to Identity Security Cloud. When the customizer intercepts a call, it can call custom code to mutate the data in any way necessary to change the connector behavior.
+SaaS Connectivity Customizers work by sitting in between Identity Security Cloud and the connector. They intercept calls from Identity Security Cloud to the connector and calls from the connector to Identity Security Cloud. When the customizer intercepts a call, it can call custom code to mutate the data in any way necessary to change the connector behavior.
-This chart shows an example of this interception process - the ```stdAccountRead``` command is implemented with the customizer in place:
+This chart shows an example of this interception process - the `stdAccountRead` command is implemented with the customizer in place:
@@ -37,4 +37,4 @@ sequenceDiagram
```
-
\ No newline at end of file
+
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/link.md b/docs/connectivity/saas-connectivity/connector-customizers/link.md
index 7e3175484..8e347c34f 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/link.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/link.md
@@ -22,6 +22,7 @@ Use this command to find sources:
```bash
sail conn instances list
```
+
This similar looking list of instances will be returned:
```bash
@@ -41,6 +42,7 @@ Use this command to find customizers:
```bash
sail conn customizers list
```
+
This similar looking list of customizers will be returned:
```bash
@@ -58,7 +60,9 @@ To link a source to a customizer, find the source ID in the instance list and a
```bash
sail conn customizers link -i edfc9bfb-b55c-482f-b1aa-b4d51caf7558 -c 7b968fab-0f40-49f0-b13b-8bf529fc0b82
```
+
The output will indicate that the customizer has succesfully linked to the connector instance:
+
```bash
+--------------------------------------+----------------------+--------------------------------------+
| ID | NAME | CUSTOMIZER ID |
@@ -69,7 +73,7 @@ The output will indicate that the customizer has succesfully linked to the conne
### Unlink from a source
-To unlink a customizer from a source, issue the unlink command and pass the source instance ID:
+To unlink a customizer from a source, issue the unlink command and pass the source instance ID:
```bash
sail conn customizers unlink -i edfc9bfb-b55c-482f-b1aa-b4d51caf7558
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/testing.md b/docs/connectivity/saas-connectivity/connector-customizers/testing.md
index d296a21c4..2397ad2c7 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/testing.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/testing.md
@@ -6,7 +6,7 @@ sidebar_label: Testing and Debugging
sidebar_position: 6
sidebar_class_name: saasConnectivity
keywords: ['connectivity', 'connectors', customizers]
-description: Test and debug connectors with customizers.
+description: Test and debug connectors with customizers.
slug: /connectivity/saas-connectivity/customizers/testing
tags: ['Connectivity']
---
@@ -25,7 +25,7 @@ You can then set breakpoints in your code step through processes in your IDE (in
### Test alongside a custom connector
-If you want to test alongside a SaaS custom connector, the easiest way to do so is to copy the customizer code into the connector code.
+If you want to test alongside a SaaS custom connector, the easiest way to do so is to copy the customizer code into the connector code.
For example, you want to test this connector:
@@ -80,4 +80,4 @@ export const connectorCustomizer = async () => {
```
-Now, when you run the test-connection command, the customizer after the test-connection command will also run.
\ No newline at end of file
+Now, when you run the test-connection command, the customizer after the test-connection command will also run.
diff --git a/docs/connectivity/saas-connectivity/connector-customizers/upload.md b/docs/connectivity/saas-connectivity/connector-customizers/upload.md
index bc63c34e2..b0fe7d46e 100644
--- a/docs/connectivity/saas-connectivity/connector-customizers/upload.md
+++ b/docs/connectivity/saas-connectivity/connector-customizers/upload.md
@@ -21,7 +21,7 @@ Before you can upload a connector customizer, you must issue the create command
sail conn customizers create my-connector-customizer
```
-This will return the customizer ID.
+This will return the customizer ID.
```bash
+--------------------------------------+-------------------------+---------+
@@ -55,4 +55,5 @@ To upload the customizer to Identity Security Cloud, use the upload command:
```bash
sail conn customizers upload -c 7b968fab-0f40-49f0-b13b-8bf529fc0b82 -f .\dist\my-connector-customizer-0.1.0.zip
```
-Now the customizer is ready to be used!
\ No newline at end of file
+
+Now the customizer is ready to be used!
diff --git a/docs/connectivity/saas-connectivity/connector-spec/card.md b/docs/connectivity/saas-connectivity/connector-spec/card.md
index c07a1bac9..20d9553c0 100644
--- a/docs/connectivity/saas-connectivity/connector-spec/card.md
+++ b/docs/connectivity/saas-connectivity/connector-spec/card.md
@@ -3,18 +3,19 @@ id: connector-spec-card
title: Card
pagination_label: Card
sidebar_label: Card
-keywords: ['connectivity', 'connectors','connector-spec', 'card']
+keywords: ['connectivity', 'connectors', 'connector-spec', 'card']
description: Details on using the card item
slug: /connectivity/saas-connectivity/connector-spec/card
tags: ['Connectivity', 'Connector Spec']
---
## How to use the card type in the connector spec
+
You can use the `card` type to specify cards that allow users to add/copy/delete and enter a subMenu to make changes to more card details.
-When you create a card, you must specify the fields the cardSubMenu will use to generate the title and subtitle, as shown in the following example.
+When you create a card, you must specify the fields the cardSubMenu will use to generate the title and subtitle, as shown in the following example.
-In this example, clicking the ```Add table``` button opens a dialog, and the values entered for the ```Table Information``` and ```Airtable Id``` will populate the cards ```title``` and ```subtitle```.
+In this example, clicking the `Add table` button opens a dialog, and the values entered for the `Table Information` and `Airtable Id` will populate the cards `title` and `subtitle`.
### Example card item type
@@ -71,7 +72,7 @@ In this example, clicking the ```Add table``` button opens a dialog, and the val
]
}
```
+
-
diff --git a/docs/connectivity/saas-connectivity/connector-spec/initialValue.md b/docs/connectivity/saas-connectivity/connector-spec/initialValue.md
index bf8d1de34..a4eedab3d 100644
--- a/docs/connectivity/saas-connectivity/connector-spec/initialValue.md
+++ b/docs/connectivity/saas-connectivity/connector-spec/initialValue.md
@@ -3,7 +3,8 @@ id: connector-spec-initial-value
title: Initial Value
pagination_label: Initial Value
sidebar_label: Initial Value
-keywords: ['connectivity', 'connectors','connector-spec', 'sourceConfigInitialValues']
+keywords:
+ ['connectivity', 'connectors', 'connector-spec', 'sourceConfigInitialValues']
description: How to use the sourceConfigInitialValues field
slug: /connectivity/saas-connectivity/connector-spec/initial-value
tags: ['Connectivity', 'Connector Spec']
@@ -41,4 +42,4 @@ If you want to prepopulate a field in the connector spec configuration with an i
]
}
]
-```
\ No newline at end of file
+```
diff --git a/docs/connectivity/saas-connectivity/connector-spec/keyValue.md b/docs/connectivity/saas-connectivity/connector-spec/keyValue.md
index e6c9ef602..0c7f7be65 100644
--- a/docs/connectivity/saas-connectivity/connector-spec/keyValue.md
+++ b/docs/connectivity/saas-connectivity/connector-spec/keyValue.md
@@ -3,14 +3,15 @@ id: connector-spec-key-value
title: Key Value
pagination_label: Key Value
sidebar_label: Key Value
-keywords: ['connectivity', 'connectors','connector-spec', 'keyValue']
+keywords: ['connectivity', 'connectors', 'connector-spec', 'keyValue']
description: Details on using the key value item
slug: /connectivity/saas-connectivity/connector-spec/key-value
tags: ['Connectivity', 'Connector Spec']
---
## How to use the key value type in the connector spec
-You can use the `keyValue` type to allow users to enter multiple key value items in a single entry box.
+
+You can use the `keyValue` type to allow users to enter multiple key value items in a single entry box.
This is an example implementation:
@@ -37,4 +38,5 @@ This is an example implementation:
}
}
```
+
diff --git a/docs/connectivity/saas-connectivity/connector-spec/list.md b/docs/connectivity/saas-connectivity/connector-spec/list.md
index 97f4115cc..ea997dbf2 100644
--- a/docs/connectivity/saas-connectivity/connector-spec/list.md
+++ b/docs/connectivity/saas-connectivity/connector-spec/list.md
@@ -3,16 +3,17 @@ id: connector-spec-list
title: List
pagination_label: List
sidebar_label: List
-keywords: ['connectivity', 'connectors','connector-spec', 'list']
+keywords: ['connectivity', 'connectors', 'connector-spec', 'list']
description: Details on using the list item
slug: /connectivity/saas-connectivity/connector-spec/list
tags: ['Connectivity', 'Connector Spec']
---
## How to use the list type in the connector spec
-You can use the `list` type to allow users to enter multiple items in a single entry box.
-This is an example implementation:
+You can use the `list` type to allow users to enter multiple items in a single entry box.
+
+This is an example implementation:
### Example list item type
@@ -24,4 +25,5 @@ This is an example implementation:
"helpKey": "Add a list of entitlements to expose via your source"
}
```
+
diff --git a/docs/connectivity/saas-connectivity/connector-spec/radio.md b/docs/connectivity/saas-connectivity/connector-spec/radio.md
index b91e3d1b3..14dc26d1e 100644
--- a/docs/connectivity/saas-connectivity/connector-spec/radio.md
+++ b/docs/connectivity/saas-connectivity/connector-spec/radio.md
@@ -3,14 +3,15 @@ id: connector-spec-radio
title: Radio
pagination_label: Radio
sidebar_label: Radio
-keywords: ['connectivity', 'connectors','connector-spec', 'radio']
+keywords: ['connectivity', 'connectors', 'connector-spec', 'radio']
description: Details on using the Radio item
slug: /connectivity/saas-connectivity/connector-spec/radio
tags: ['Connectivity', 'Connector Spec']
---
## How to use the radio type in the connector spec
-You can use the `Rrdio` type to create radio buttons for users to interact with to select from a predefined set of values.
+
+You can use the `Rrdio` type to create radio buttons for users to interact with to select from a predefined set of values.
This is an example implementation:
@@ -34,6 +35,7 @@ This is an example implementation:
]
}
```
+
You can also create dependencies on other fields so they are hidden until the selection is made. This same type of dependency can be built into any field and linked by using the parentKey/parentValue fields.
diff --git a/docs/connectivity/saas-connectivity/connector-spec/select.md b/docs/connectivity/saas-connectivity/connector-spec/select.md
index 5d9047b16..90d09b71c 100644
--- a/docs/connectivity/saas-connectivity/connector-spec/select.md
+++ b/docs/connectivity/saas-connectivity/connector-spec/select.md
@@ -3,14 +3,15 @@ id: connector-spec-select
title: Select
pagination_label: Select
sidebar_label: Select
-keywords: ['connectivity', 'connectors','connector-spec', 'select']
+keywords: ['connectivity', 'connectors', 'connector-spec', 'select']
description: Details on using the select item
slug: /connectivity/saas-connectivity/connector-spec/select
tags: ['Connectivity', 'Connector Spec']
---
## How to use the Select type in the connector spec
-You can use the Select type to create a dropdown for users to interact with to select from a predefined set of values.
+
+You can use the Select type to create a dropdown for users to interact with to select from a predefined set of values.
This is an example implementation:
@@ -34,6 +35,7 @@ This is an example implementation:
]
}
```
+
You can also create dependencies on other fields so they are hidden until the selection is made. This same type of dependency can be built into any field and linked by using the parentKey/parentValue fields.
diff --git a/docs/connectivity/saas-connectivity/in-depth/cli-advanced.md b/docs/connectivity/saas-connectivity/in-depth/cli-advanced.md
index b0fd37514..bf579d81a 100644
--- a/docs/connectivity/saas-connectivity/in-depth/cli-advanced.md
+++ b/docs/connectivity/saas-connectivity/in-depth/cli-advanced.md
@@ -11,7 +11,7 @@ slug: /connectivity/saas-connectivity/in-depth/cli-advanced
tags: ['Connectivity']
---
-You can use the CLI to invoke a number of calls in Identity Security Cloud, including calls that aren't specifically defined by the CLI. This section includes examples that show how you can invoke those calls:
+You can use the CLI to invoke a number of calls in Identity Security Cloud, including calls that aren't specifically defined by the CLI. This section includes examples that show how you can invoke those calls:
## Use provided CLI invoke calls
@@ -33,6 +33,7 @@ Available Commands:
source-data-read Invoke a std:source-data:read command
test-connection Invoke a std:test-connection command
```
+
To understand the required parameters to invoke a command from the CLI, you can use the help command to get a list of required parameters. For example, to read an account using the CLI, first call `sail conn invoke account-read -h`. The CLI will respond with the required input:
```bash
@@ -52,14 +53,15 @@ Global Flags:
-c, --id string Connector ID or Alias
-v, --version string Optional. Run against a specific version if provided. Otherwise run against the latest tag.
```
-In this case, you need to provide the connector ID, the config path that contains the necessary configuration for the connector, and the ID for the account.
+
+In this case, you need to provide the connector ID, the config path that contains the necessary configuration for the connector, and the ID for the account.
The config file will look something like this:
```json
-{
- "apiKey": "",
- "airtableBase": ""
+{
+ "apiKey": "",
+ "airtableBase": ""
}
```
@@ -71,7 +73,7 @@ sail conn invoke account-read philip.ellis -c 4b12cf79-b2ac-44ac-842b-b5a6268548
## Use sail conn invoke raw
-Even if a command isn't supported by the CLI, you can still invoke it. The `invoke raw` command allows you to specify the entire JSON object used to invoke the command.
+Even if a command isn't supported by the CLI, you can still invoke it. The `invoke raw` command allows you to specify the entire JSON object used to invoke the command.
You can use the Postman collection as a way to build the JSON object needed to invoke the command. For example, if you want to run the `account-disable` command, you can create a JSON object with the required fields. If you look at this example, you will see that it closely resembles the same information that is sent when debugging the command using Postman:
@@ -83,6 +85,7 @@ You can use the Postman collection as a way to build the JSON object needed to i
}
}
```
+
Running the `raw` command is similar to running the other commands, except now you pass the JSON file created earlier with the `-f` flag:
```
diff --git a/docs/connectivity/saas-connectivity/in-depth/connector-timeouts.md b/docs/connectivity/saas-connectivity/in-depth/connector-timeouts.md
index 61e5c81e1..be028dbe7 100644
--- a/docs/connectivity/saas-connectivity/in-depth/connector-timeouts.md
+++ b/docs/connectivity/saas-connectivity/in-depth/connector-timeouts.md
@@ -15,7 +15,7 @@ An Identity Security Cloud SaaS Connectivity connector will send a timeout error
In the case of a long running API call to the source system, you can also optionally send `res.keepAlive()` to keep the connection to Identity Security Cloud open without having to send any data to Identity Security Cloud. If `res.keepAlive()` or `res.send()` is not called within 3 minutes, a connector timeout will occur.
-This is an example of how to set up this pagination:
+This is an example of how to set up this pagination:
```javascript
async getAccounts(res: Response): Promise {
@@ -25,7 +25,7 @@ async getAccounts(res: Response): Promise {
// each page will be called recursively until there are no more records to fetch, at which case the promise is fulfilled
).eachPage((records, fetchNextPage) => {
for (let record of records) {
- // this is the part that sends the data to Identity Security Cloud. Since eachPage is called with just 10 records,
+ // this is the part that sends the data to Identity Security Cloud. Since eachPage is called with just 10 records,
// if there are 100 records total, we would send data back to ISC in 10 sets of 10 records.
res.send({
identity: record.id,
diff --git a/docs/connectivity/saas-connectivity/in-depth/error-handling.md b/docs/connectivity/saas-connectivity/in-depth/error-handling.md
index 862454d8a..40bc3346a 100644
--- a/docs/connectivity/saas-connectivity/in-depth/error-handling.md
+++ b/docs/connectivity/saas-connectivity/in-depth/error-handling.md
@@ -45,15 +45,15 @@ export class AirtableClient {
## Not Found Error Type
-The connector SDK offers a special error type of "Not Found". This error signals to ISC that the specific account is not in the source system. If the account should be in the source system, ISC will then call the connector ```std:account:create``` command to create the account.
+The connector SDK offers a special error type of "Not Found". This error signals to ISC that the specific account is not in the source system. If the account should be in the source system, ISC will then call the connector `std:account:create` command to create the account.
-Here is an example:
+Here is an example:
```javascript
.stdAccountUpdate(async (context: Context, input: StdAccountUpdateInput, res: Response) => {
const account = await myClient.getAccount(input.identity)
if (!account) {
- // account was not found, but identity now has the account and expects it to be there!
+ // account was not found, but identity now has the account and expects it to be there!
// Send an error message to Identity Security Cloud so the account is automatically created
if (!account) {
throw new ConnectorError("account is not found", ConnectorErrorType.NotFound)
@@ -120,19 +120,25 @@ export class AirtableClient {
## Recommended custom exceptions and examples of when to use them
#### InvalidConfigurationException
+
- Use this exception during any operation if the connector requires a certain configuration to connect to the managed-system, but the configuration is either faulty or not provided. This could happen before sending a request to the managed system.
#### InsufficientPermissionException
-- Use this exception during any operation if the connector gets a known managed system exception indicating a lack of permission.
+
+- Use this exception during any operation if the connector gets a known managed system exception indicating a lack of permission.
#### InvalidRequestException
+
- Use this exception during any operation if the connector is creating messages to be sent to the managed system but is failing to create a message. This could happen before sending a request to the managed system.
#### ObjectAlreadyExistsException
+
- Use this exception during the provisioning operation of the type create(only) if the connector is trying to create an entity that already exists on the managed system.
#### InvalidResponseException
+
- Use this exception during aggregation or in the getObject when the connector is unable to parse data received from managed system. This could happen if something fails when converting a managed system response to a ResourceObject.
#### TimeoutException
-- This is intended for cases in which the connector receives timeout related error/exceptions from the managed system.
\ No newline at end of file
+
+- This is intended for cases in which the connector receives timeout related error/exceptions from the managed system.
diff --git a/docs/connectivity/saas-connectivity/index.md b/docs/connectivity/saas-connectivity/index.md
index 790ad4d8d..53ef18bf9 100644
--- a/docs/connectivity/saas-connectivity/index.md
+++ b/docs/connectivity/saas-connectivity/index.md
@@ -20,9 +20,10 @@ Connectors are the bridges between the SailPoint Identity Security Cloud (ISC) S
## Why We Are Introducing SaaS Connectivity
The primary driver for indroducing the SaaS Connectivity framework is to allow a way to connect to other cloud based sources in a truly SaaS architecture, without the need to rely on a VA. There are also other benefits that come with the SaaS Connectivity framework:
- - Ability to develop, debug and test custom connectors locally without any dependencies on Identity Security Cloud
- - Features to customize the user interface when configuring the connector that are specific to the source
- - Support for more modern languages and frameworks
+
+- Ability to develop, debug and test custom connectors locally without any dependencies on Identity Security Cloud
+- Features to customize the user interface when configuring the connector that are specific to the source
+- Support for more modern languages and frameworks
## Architecture of SaaS Connectivity
@@ -42,4 +43,4 @@ With both SaaS connectivity and traditional VA connectivity in place, you can ha
Any direct connectors that specify a virtual appliance (VA) use [Zero Knowledge Encryption](https://community.sailpoint.com/t5/Lighthouse/Protecting-Sensitive-Data-with-Zero-Knowledge-Encryption/ta-p/79657?attachment-id=452) schemes with an RSA 2048-bit asymmetric key pair: there is a private key on the VA for decryption and a public key in the cloud (as part of the VA cluster) for encryption.
-SaaS connectors cannot operate the same way because they do not communicate through VA clusters. Despite this, SaaS connectors can still leverage the asymmetric key pair scheme — the key pair simply resides in the cloud instead of on the VA. The key pair is only accessible to the Connectivity service and is managed to SailPoint standards for credential storage. Whenever you are storing secret data, use the ```secret``` or ```secrettextarea``` field types.
+SaaS connectors cannot operate the same way because they do not communicate through VA clusters. Despite this, SaaS connectors can still leverage the asymmetric key pair scheme — the key pair simply resides in the cloud instead of on the VA. The key pair is only accessible to the Connectivity service and is managed to SailPoint standards for credential storage. Whenever you are storing secret data, use the `secret` or `secrettextarea` field types.
diff --git a/docs/connectivity/saas-connectivity/postman-collection.md b/docs/connectivity/saas-connectivity/postman-collection.md
index 601602fa5..b0558902a 100644
--- a/docs/connectivity/saas-connectivity/postman-collection.md
+++ b/docs/connectivity/saas-connectivity/postman-collection.md
@@ -14,5 +14,5 @@ tags: ['Connectivity', 'Postman']
Use the following Postman Collection file to run tests for each of the commands locally.
| API | Postman Collection |
-|------|----------------------------|
+| --- | --- |
| SaaS Connectivity | [](https://god.gw.postman.com/run-collection/23226990-a0b5c429-d8dd-4fe2-a4a2-eb7ff85322ef?action=collection%2Ffork&collection-url=entityId%3D23226990-a0b5c429-d8dd-4fe2-a4a2-eb7ff85322ef%26entityType%3Dcollection%26workspaceId%3D80af54be-a333-4712-af5e-41aa9eccbdd0) |
diff --git a/docs/connectivity/saas-connectivity/prerequisites.md b/docs/connectivity/saas-connectivity/prerequisites.md
index d9388dae0..be4cfd969 100644
--- a/docs/connectivity/saas-connectivity/prerequisites.md
+++ b/docs/connectivity/saas-connectivity/prerequisites.md
@@ -41,7 +41,7 @@ sail conn init my-first-project
The CLI init command creates a new folder with your project name in the location where you run the command.
-Change the directory to the project folder and run ```npm install to install`` the dependencies.
+Change the directory to the project folder and run ``npm install to install` the dependencies.
### Source Files
diff --git a/docs/connectivity/saas-connectivity/test-build-deploy.md b/docs/connectivity/saas-connectivity/test-build-deploy.md
index 339b996fb..6babfbcac 100644
--- a/docs/connectivity/saas-connectivity/test-build-deploy.md
+++ b/docs/connectivity/saas-connectivity/test-build-deploy.md
@@ -102,8 +102,7 @@ $ sail conn tags list -c example-connector
:::caution Important
-Make sure that you implement a form of version control or regular backup process for your connectors.
-You cannot recover the source code from ISC because it gets sent to ISC as a compiled and minified JavaScript (JS) bundle that cannot be easily expanded into its original source code structure.
+Make sure that you implement a form of version control or regular backup process for your connectors. You cannot recover the source code from ISC because it gets sent to ISC as a compiled and minified JavaScript (JS) bundle that cannot be easily expanded into its original source code structure.
:::
diff --git a/docs/connectivity/saas-connectivity/videos.md b/docs/connectivity/saas-connectivity/videos.md
index 4c8adb4a0..fea13ffc3 100644
--- a/docs/connectivity/saas-connectivity/videos.md
+++ b/docs/connectivity/saas-connectivity/videos.md
@@ -10,14 +10,15 @@ description: Helpful videos on using SaaS connectivity
slug: /connectivity/saas-connectivity/videos
tags: ['Connectivity']
---
+
import Video from '@site/src/components/Video';
## Videos
-During our 2023 Developer Days Conference, we created several connectivity videos. These videos can help you as you start building connectors:
+During our 2023 Developer Days Conference, we created several connectivity videos. These videos can help you as you start building connectors:
- - [Roadmap and Introduction](https://www.youtube.com/watch?v=12pfpLBNCvM)
- - [Building a Complete Connector Walkthrough](https://www.youtube.com/watch?v=wHHje_ItTKQ)
- - [SDKs in practice](https://www.youtube.com/watch?v=uvnlSUVsF8M)
+- [Roadmap and Introduction](https://www.youtube.com/watch?v=12pfpLBNCvM)
+- [Building a Complete Connector Walkthrough](https://www.youtube.com/watch?v=wHHje_ItTKQ)
+- [SDKs in practice](https://www.youtube.com/watch?v=uvnlSUVsF8M)
diff --git a/docs/extensibility.md b/docs/extensibility.md
index e25b29e06..56914f222 100644
--- a/docs/extensibility.md
+++ b/docs/extensibility.md
@@ -6,13 +6,14 @@ sidebar_label: Extensibility
sidebar_position: 1
sidebar_class_name: extensibility
keywords: ['extensibility']
-description: Extend your ISC platform.
+description: Extend your ISC platform.
slug: /extensibility
tags: ['extensibility']
---
## Overview
-The Identity Security Cloud (ISC) platform is designed for extensibility, which means that it's designed to allow the addition of new capabilities or functionalities. In addition to the APIs, SailPoint provides a number of extensibility options you can use to build custom solutions and integrations that meet your organization's needs.
+
+The Identity Security Cloud (ISC) platform is designed for extensibility, which means that it's designed to allow the addition of new capabilities or functionalities. In addition to the APIs, SailPoint provides a number of extensibility options you can use to build custom solutions and integrations that meet your organization's needs.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
@@ -22,6 +23,7 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about ISC extensibility and discuss the different extensibility options with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
\ No newline at end of file
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+
+To learn more about ISC extensibility and discuss the different extensibility options with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/extensibility/configuration-management/_category_.json b/docs/extensibility/configuration-management/_category_.json
index e8ff3fd29..da7b0d250 100644
--- a/docs/extensibility/configuration-management/_category_.json
+++ b/docs/extensibility/configuration-management/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Export and import tenant configurations."
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Export and import tenant configurations."
+ }
+}
diff --git a/docs/extensibility/configuration-management/configuration-hub.md b/docs/extensibility/configuration-management/configuration-hub.md
index 92ddbdd29..7160fbfc8 100644
--- a/docs/extensibility/configuration-management/configuration-hub.md
+++ b/docs/extensibility/configuration-management/configuration-hub.md
@@ -5,19 +5,19 @@ pagination_label: Configuration Hub
sidebar_position: 3
sidebar_class_name: configurationHub
keywords: ['configuration']
-description: Manage tenant configurations with the ISC UI.
+description: Manage tenant configurations with the ISC UI.
slug: /extensibility/configuration-management/configuration-hub
tags: ['Configuration', 'Hub']
---
-## Overview
+## Overview
The SailPoint Configuration Hub supports management of configuration objects in your Identity Security Cloud (ISC) tenant through backup and deploy operations from the ISC UI. For example, you can back up configurations like sources and identity profiles defined for your business, restore them in the event of configuration errors or loss, or migrate and deploy them to your other tenants.
-To learn more about Configuration Hub, refer to the [Configuration Hub documentation](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html).
+To learn more about Configuration Hub, refer to the [Configuration Hub documentation](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html).
## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the SaiLPoint Configuration Hub and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
\ No newline at end of file
+To learn more about the SaiLPoint Configuration Hub and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/extensibility/event-triggers/_category_.json b/docs/extensibility/event-triggers/_category_.json
index 9b49f47c2..50e17bb7b 100644
--- a/docs/extensibility/event-triggers/_category_.json
+++ b/docs/extensibility/event-triggers/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Actions triggered by specific events."
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Actions triggered by specific events."
+ }
+}
diff --git a/docs/extensibility/event-triggers/available/access-request-submitted.md b/docs/extensibility/event-triggers/available/access-request-submitted.md
index 180be84e1..3888885c9 100644
--- a/docs/extensibility/event-triggers/available/access-request-submitted.md
+++ b/docs/extensibility/event-triggers/available/access-request-submitted.md
@@ -4,7 +4,16 @@ title: Access Request Submitted
pagination_label: Access Request Submitted
sidebar_label: Access Request Submitted
sidebar_class_name: accessRequestSubmitted
-keywords: ['event', 'trigger', 'access', 'request', 'submitted', 'preapproval', 'available']
+keywords:
+ [
+ 'event',
+ 'trigger',
+ 'access',
+ 'request',
+ 'submitted',
+ 'preapproval',
+ 'available',
+ ]
description: Fires after an access request is submitted.
slug: /extensibility/event-triggers/triggers/access-request-submitted
tags: ['Event Triggers', 'Available Event Triggers', 'Request Response']
diff --git a/docs/extensibility/event-triggers/available/certification-signed-off.md b/docs/extensibility/event-triggers/available/certification-signed-off.md
index 109337a0a..2365a5cb8 100644
--- a/docs/extensibility/event-triggers/available/certification-signed-off.md
+++ b/docs/extensibility/event-triggers/available/certification-signed-off.md
@@ -12,8 +12,7 @@ tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
## Event Context
-This event is triggered when a certification is signed-off and moves to End status.
-This is not to be confused with Campaign End/Expiration.
+This event is triggered when a certification is signed-off and moves to End status. This is not to be confused with Campaign End/Expiration.
This is an example input from this trigger:
diff --git a/docs/extensibility/event-triggers/available/native-change-account-created.md b/docs/extensibility/event-triggers/available/native-change-account-created.md
index 6de4780e4..477693e53 100644
--- a/docs/extensibility/event-triggers/available/native-change-account-created.md
+++ b/docs/extensibility/event-triggers/available/native-change-account-created.md
@@ -14,7 +14,7 @@ tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
:::info Important Setup Steps
-You must have at least one source configured for Native Change Detection (NCD) before you will receive events from this trigger. There are two ways you can configure a source for NCD:
+You must have at least one source configured for Native Change Detection (NCD) before you will receive events from this trigger. There are two ways you can configure a source for NCD:
1. Invoke the [update native change detection configuration](https://developer.sailpoint.com/docs/api/beta/put-native-change-detection-config) for each source you want to receive events for NCD.
2. Configure the NCD options on the source in the source configuration UI.
@@ -38,7 +38,7 @@ flowchart TD
-This event trigger can be used to immediately notify interested parties and remediate accounts that are created directly on the source. Some examples of how this trigger can be used are as follows:
+This event trigger can be used to immediately notify interested parties and remediate accounts that are created directly on the source. Some examples of how this trigger can be used are as follows:
- Notify the identity's manager and the source owner of the new account
- Create a micro-certification for the identity to review their new account access
@@ -48,139 +48,131 @@ This is an example input from this trigger:
```json
{
- "identity": {
- "manager": {
- "name": "Martena Heath",
- "id": "2c91808378eb9fa30178fb8caf90097f",
- "type": "IDENTITY",
- "email": "martena.heath@sample_email.com"
- },
- "name": "peter.williams",
- "alias": "peter.williams",
- "id": "e43ba47b265b4baf943efe3aaef886c8",
- "type": "IDENTITY",
- "email": "peter.williams@sample_email.com"
+ "identity": {
+ "manager": {
+ "name": "Martena Heath",
+ "id": "2c91808378eb9fa30178fb8caf90097f",
+ "type": "IDENTITY",
+ "email": "martena.heath@sample_email.com"
},
- "singleValueAttributeChanges": [
- {
- "newValue": "Peter Williams",
- "name": "cn",
- "oldValue": null
- },
- {
- "newValue": "Peter Williams",
- "name": "displayName",
- "oldValue": null
- },
- {
- "newValue": "CN=Peter Williams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com",
- "name": "distinguishedName",
- "oldValue": null
- },
- {
- "newValue": "Peter",
- "name": "givenName",
- "oldValue": null
- }
- ],
- "entitlementChanges": [
- {
- "removed": [],
- "added": [
- {
- "owner": {
- "id": "2c91808978eb9fab0178fb8ca9280919",
- "name": "Gregory Brooks",
- "type": "IDENTITY"
- },
- "name": "ProductionManagement",
- "id": "2c91808778eb9fa30178fb9482f00c60",
- "value": "CN=ProductionManagement,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- },
- {
- "owner": null,
- "name": "Employees",
- "id": "2c91808378eb9fa30178fb94818e0af8",
- "value": "CN=Employees,OU=BirthRight,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- },
- {
- "owner": null,
- "name": "WindowsAdministration",
- "id": "2c91808378eb9fa30178fb9481c30b02",
- "value": "CN=WindowsAdministration,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }
- ],
- "attributeName": "memberOf"
- }
- ],
- "eventType": "ACCOUNT_CREATED",
- "source": {
- "owner": {
- "name": "Aaron Andrew",
- "id": "2c9180867a7c46d0017a7ca099d50531",
- "type": "IDENTITY",
- "email": "aaron.andrew@sample_email.com"
- },
- "name": "Active Directory",
- "alias": "Active Directory [source]",
- "id": "2c91808a78efc63e0178fb8624b248c5",
- "type": "SOURCE",
- "governanceGroup": {
- "id": "fd0d1393-35fb-47d8-9809-0e385b73f25e",
- "name": "Active Directory Owners",
- "type": "GOVERNANCE_GROUP"
- }
+ "name": "peter.williams",
+ "alias": "peter.williams",
+ "id": "e43ba47b265b4baf943efe3aaef886c8",
+ "type": "IDENTITY",
+ "email": "peter.williams@sample_email.com"
+ },
+ "singleValueAttributeChanges": [
+ {
+ "newValue": "Peter Williams",
+ "name": "cn",
+ "oldValue": null
},
- "accountChangeTypes": [
- "ATTRIBUTES_CHANGED",
- "ENTITLEMENTS_ADDED"
- ],
- "multiValueAttributeChanges": [
- {
- "removedValues": [],
- "addedValues": [
- "top",
- "person",
- "organizationalPerson",
- "user"
- ],
- "name": "objectClass"
- },
- {
- "removedValues": [],
- "addedValues": [
- "Normal User Account",
- "Password Cannot Expire",
- "User Account is Disabled"
- ],
- "name": "accountFlags"
- }
- ],
- "account": {
- "name": "peter.williams",
- "id": "b3b17b0072f04da39b41e8802aaff01b",
- "type": "ACCOUNT",
- "uuid": "{615ebfa6-3d21-484e-9e67-01bd4e20c3da}",
- "correlated": true,
- "nativeIdentity": "CN=Peter Williams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ {
+ "newValue": "Peter Williams",
+ "name": "displayName",
+ "oldValue": null
+ },
+ {
+ "newValue": "CN=Peter Williams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com",
+ "name": "distinguishedName",
+ "oldValue": null
+ },
+ {
+ "newValue": "Peter",
+ "name": "givenName",
+ "oldValue": null
}
+ ],
+ "entitlementChanges": [
+ {
+ "removed": [],
+ "added": [
+ {
+ "owner": {
+ "id": "2c91808978eb9fab0178fb8ca9280919",
+ "name": "Gregory Brooks",
+ "type": "IDENTITY"
+ },
+ "name": "ProductionManagement",
+ "id": "2c91808778eb9fa30178fb9482f00c60",
+ "value": "CN=ProductionManagement,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ },
+ {
+ "owner": null,
+ "name": "Employees",
+ "id": "2c91808378eb9fa30178fb94818e0af8",
+ "value": "CN=Employees,OU=BirthRight,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ },
+ {
+ "owner": null,
+ "name": "WindowsAdministration",
+ "id": "2c91808378eb9fa30178fb9481c30b02",
+ "value": "CN=WindowsAdministration,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
+ ],
+ "attributeName": "memberOf"
+ }
+ ],
+ "eventType": "ACCOUNT_CREATED",
+ "source": {
+ "owner": {
+ "name": "Aaron Andrew",
+ "id": "2c9180867a7c46d0017a7ca099d50531",
+ "type": "IDENTITY",
+ "email": "aaron.andrew@sample_email.com"
+ },
+ "name": "Active Directory",
+ "alias": "Active Directory [source]",
+ "id": "2c91808a78efc63e0178fb8624b248c5",
+ "type": "SOURCE",
+ "governanceGroup": {
+ "id": "fd0d1393-35fb-47d8-9809-0e385b73f25e",
+ "name": "Active Directory Owners",
+ "type": "GOVERNANCE_GROUP"
+ }
+ },
+ "accountChangeTypes": ["ATTRIBUTES_CHANGED", "ENTITLEMENTS_ADDED"],
+ "multiValueAttributeChanges": [
+ {
+ "removedValues": [],
+ "addedValues": ["top", "person", "organizationalPerson", "user"],
+ "name": "objectClass"
+ },
+ {
+ "removedValues": [],
+ "addedValues": [
+ "Normal User Account",
+ "Password Cannot Expire",
+ "User Account is Disabled"
+ ],
+ "name": "accountFlags"
+ }
+ ],
+ "account": {
+ "name": "peter.williams",
+ "id": "b3b17b0072f04da39b41e8802aaff01b",
+ "type": "ACCOUNT",
+ "uuid": "{615ebfa6-3d21-484e-9e67-01bd4e20c3da}",
+ "correlated": true,
+ "nativeIdentity": "CN=Peter Williams,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
}
```
-- `identity` The identity correlated to this account. If `account.correlated` is `false`, then this will be a system generated identity, not a real identity. For uncorrelated accounts, this system generated identity can be used to revoke entitlements on the account, or in any other API request that requires an identity ID.
-- `singleValueAttributeChanges` Contains a list of account attributes that have changed. During an account created event, all aggregated account attributes will be listed, and their `oldValue` will be null.
+- `identity` The identity correlated to this account. If `account.correlated` is `false`, then this will be a system generated identity, not a real identity. For uncorrelated accounts, this system generated identity can be used to revoke entitlements on the account, or in any other API request that requires an identity ID.
+- `singleValueAttributeChanges` Contains a list of account attributes that have changed. During an account created event, all aggregated account attributes will be listed, and their `oldValue` will be null.
- it will include ALL account attributes if the config is `"allNonEntitlementAttributes": true`
- it will include the enumerated list of attributes contained in `"selectedNonEntitlementAttributes": []`
-- `entitlementChanges` Contains a list of entitlements that have been aggregated with the account. the `removed` list will always be empty for an account created event.
+- `entitlementChanges` Contains a list of entitlements that have been aggregated with the account. the `removed` list will always be empty for an account created event.
- `eventType` Will always be `ACCOUNT_CREATED` for account created events.
- `source` The source where this account originated from.
- `accountChangeTypes` A list of change types you can expect to see in the event input.
- Possible values are `ATTRIBUTES_CHANGED` and `ENTITLEMENTS_ADDED`.
- - The above example lists both change types since both attributes and entitlements were added. If an event payload only contains attributes added, then this list will only contain the `ATTRIBUTES_CHANGED` value. This can be useful when filtering events based on change types, or quickly checking what types of objects changed in the account before continuing to process the input.
-- `multiValueAttributeChanges` List of multivalued attributes that were aggregated with the account. Only `addedValues` will appear for account created events.
+ - The above example lists both change types since both attributes and entitlements were added. If an event payload only contains attributes added, then this list will only contain the `ATTRIBUTES_CHANGED` value. This can be useful when filtering events based on change types, or quickly checking what types of objects changed in the account before continuing to process the input.
+- `multiValueAttributeChanges` List of multivalued attributes that were aggregated with the account. Only `addedValues` will appear for account created events.
- it will include ALL account attributes if the config is `"allNonEntitlementAttributes": true`
- it will include the enumerated list of attributes contained in `"selectedNonEntitlementAttributes": []`
-- `account` The details of the account as it appears in Identity Security Cloud. This information can be used to query the account API for more information.
+- `account` The details of the account as it appears in Identity Security Cloud. This information can be used to query the account API for more information.
## Additional Information and Links
diff --git a/docs/extensibility/event-triggers/available/native-change-account-deleted.md b/docs/extensibility/event-triggers/available/native-change-account-deleted.md
index 0da5ec974..18de61d9c 100644
--- a/docs/extensibility/event-triggers/available/native-change-account-deleted.md
+++ b/docs/extensibility/event-triggers/available/native-change-account-deleted.md
@@ -14,7 +14,7 @@ tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
:::info Important Setup Steps
-You must have at least one source configured for Native Change Detection (NCD) before you will receive events from this trigger. There are two ways you can configure a source for NCD:
+You must have at least one source configured for Native Change Detection (NCD) before you will receive events from this trigger. There are two ways you can configure a source for NCD:
1. Invoke the [update native change detection configuration](https://developer.sailpoint.com/docs/api/beta/put-native-change-detection-config) for each source you want to receive events for NCD.
2. Configure the NCD options on the source in the source configuration UI.
@@ -38,7 +38,7 @@ flowchart TD
-This event trigger can be used to immediately notify interested parties and remediate accounts that are deleted directly on the source. Some examples of how this trigger can be used are as follows:
+This event trigger can be used to immediately notify interested parties and remediate accounts that are deleted directly on the source. Some examples of how this trigger can be used are as follows:
- Notify the identity's manager and the source owner of the deleted account
@@ -46,129 +46,126 @@ This is an example input from this trigger:
```json
{
- "identity": {
- "manager": {
- "name": "Martena Heath",
- "id": "2c91808378eb9fa30178fb8caf90097f",
- "type": "IDENTITY",
- "email": "martena.heath@sample_email.com"
- },
- "name": "Letty Wilson",
- "alias": "Letty.Wilson",
- "id": "2c91808978eb9fab0178fb8ca6d308fb",
- "type": "IDENTITY",
- "email": "letty.wilson@sample_email.com"
- },
- "singleValueAttributeChanges": [{
- "newValue": null,
- "name": "cn",
- "oldValue": "Letty Wilson"
- },
- {
- "newValue": null,
- "name": "displayName",
- "oldValue": "Letty Wilson"
- },
- {
- "newValue": null,
- "name": "distinguishedName",
- "oldValue": "CN=Letty Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }
- ],
- "entitlementChanges": [{
- "removed": [{
- "owner": {
- "id": "2c91808978eb9fab0178fb8ca9280919",
- "name": "Gregory Brooks",
- "type": "IDENTITY"
- },
- "name": "ProductionManagement",
- "id": "2c91808778eb9fa30178fb9482f00c60",
- "value": "CN=ProductionManagement,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- },
- {
- "owner": null,
- "name": "Employees",
- "id": "2c91808378eb9fa30178fb94818e0af8",
- "value": "CN=Employees,OU=BirthRight,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- },
- {
- "owner": null,
- "name": "WindowsAdministration",
- "id": "2c91808378eb9fa30178fb9481c30b02",
- "value": "CN=WindowsAdministration,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }
- ],
- "added": [],
- "attributeName": "memberOf"
- }],
- "eventType": "ACCOUNT_DELETED",
- "source": {
- "owner": {
- "name": "Aaron Andrew",
- "id": "2c9180867a7c46d0017a7ca099d50531",
- "type": "IDENTITY",
- "email": "aaron.andrew@sample_email.com"
- },
- "name": "Active Directory",
- "alias": "Active Directory [source]",
- "id": "2c91808a78efc63e0178fb8624b248c5",
- "type": "SOURCE",
- "governanceGroup": {
- "id": "fd0d1393-35fb-47d8-9809-0e385b73f25e",
- "name": "Active Directory Owners",
- "type": "GOVERNANCE_GROUP"
- }
- },
- "accountChangeTypes": [
- "ATTRIBUTES_CHANGED",
- "ENTITLEMENTS_REMOVED"
- ],
- "multiValueAttributeChanges": [{
- "removedValues": [
- "top",
- "person",
- "organizationalPerson",
- "user"
- ],
- "addedValues": [],
- "name": "objectClass"
- },
- {
- "removedValues": [
- "Normal User Account",
- "Password Cannot Expire",
- "User Account is Disabled"
- ],
- "addedValues": [],
- "name": "accountFlags"
- }
- ],
- "account": {
- "name": "letty.wilson",
- "id": "6805a47c09cc4dfca9083f1ce84552ee",
- "type": "ACCOUNT",
- "uuid": "{3c096158-9188-46f4-bb13-20ef9daafa7f}",
- "correlated": true,
- "nativeIdentity": "CN=Letty Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }
+ "identity": {
+ "manager": {
+ "name": "Martena Heath",
+ "id": "2c91808378eb9fa30178fb8caf90097f",
+ "type": "IDENTITY",
+ "email": "martena.heath@sample_email.com"
+ },
+ "name": "Letty Wilson",
+ "alias": "Letty.Wilson",
+ "id": "2c91808978eb9fab0178fb8ca6d308fb",
+ "type": "IDENTITY",
+ "email": "letty.wilson@sample_email.com"
+ },
+ "singleValueAttributeChanges": [
+ {
+ "newValue": null,
+ "name": "cn",
+ "oldValue": "Letty Wilson"
+ },
+ {
+ "newValue": null,
+ "name": "displayName",
+ "oldValue": "Letty Wilson"
+ },
+ {
+ "newValue": null,
+ "name": "distinguishedName",
+ "oldValue": "CN=Letty Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
+ ],
+ "entitlementChanges": [
+ {
+ "removed": [
+ {
+ "owner": {
+ "id": "2c91808978eb9fab0178fb8ca9280919",
+ "name": "Gregory Brooks",
+ "type": "IDENTITY"
+ },
+ "name": "ProductionManagement",
+ "id": "2c91808778eb9fa30178fb9482f00c60",
+ "value": "CN=ProductionManagement,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ },
+ {
+ "owner": null,
+ "name": "Employees",
+ "id": "2c91808378eb9fa30178fb94818e0af8",
+ "value": "CN=Employees,OU=BirthRight,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ },
+ {
+ "owner": null,
+ "name": "WindowsAdministration",
+ "id": "2c91808378eb9fa30178fb9481c30b02",
+ "value": "CN=WindowsAdministration,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
+ ],
+ "added": [],
+ "attributeName": "memberOf"
+ }
+ ],
+ "eventType": "ACCOUNT_DELETED",
+ "source": {
+ "owner": {
+ "name": "Aaron Andrew",
+ "id": "2c9180867a7c46d0017a7ca099d50531",
+ "type": "IDENTITY",
+ "email": "aaron.andrew@sample_email.com"
+ },
+ "name": "Active Directory",
+ "alias": "Active Directory [source]",
+ "id": "2c91808a78efc63e0178fb8624b248c5",
+ "type": "SOURCE",
+ "governanceGroup": {
+ "id": "fd0d1393-35fb-47d8-9809-0e385b73f25e",
+ "name": "Active Directory Owners",
+ "type": "GOVERNANCE_GROUP"
+ }
+ },
+ "accountChangeTypes": ["ATTRIBUTES_CHANGED", "ENTITLEMENTS_REMOVED"],
+ "multiValueAttributeChanges": [
+ {
+ "removedValues": ["top", "person", "organizationalPerson", "user"],
+ "addedValues": [],
+ "name": "objectClass"
+ },
+ {
+ "removedValues": [
+ "Normal User Account",
+ "Password Cannot Expire",
+ "User Account is Disabled"
+ ],
+ "addedValues": [],
+ "name": "accountFlags"
+ }
+ ],
+ "account": {
+ "name": "letty.wilson",
+ "id": "6805a47c09cc4dfca9083f1ce84552ee",
+ "type": "ACCOUNT",
+ "uuid": "{3c096158-9188-46f4-bb13-20ef9daafa7f}",
+ "correlated": true,
+ "nativeIdentity": "CN=Letty Wilson,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
}
```
-- `identity` The identity correlated to this account. If `account.correlated` is `false`, then this will be a system generated identity, not a real identity. For uncorrelated accounts, this system generated identity can be used to revoke entitlements on the account, or in any other API request that requires an identity ID.
-- `singleValueAttributeChanges` Contains a list of account attributes that have changed. During an account deleted event, all aggregated account attributes will be listed, and their `newValue` will be null.
+- `identity` The identity correlated to this account. If `account.correlated` is `false`, then this will be a system generated identity, not a real identity. For uncorrelated accounts, this system generated identity can be used to revoke entitlements on the account, or in any other API request that requires an identity ID.
+- `singleValueAttributeChanges` Contains a list of account attributes that have changed. During an account deleted event, all aggregated account attributes will be listed, and their `newValue` will be null.
- it will include ALL account attributes if the config is `"allNonEntitlementAttributes": true`
- it will include the enumerated list of attributes contained in `"selectedNonEntitlementAttributes": []`
-- `entitlementChanges` Contains a list of entitlements that have been aggregated with the account. the `added` list will always be empty for an account deleted event.
+- `entitlementChanges` Contains a list of entitlements that have been aggregated with the account. the `added` list will always be empty for an account deleted event.
- `eventType` Will always be `ACCOUNT_DELETED` for account deleted events.
- `source` The source where this account originated from.
- `accountChangeTypes` A list of change types you can expect to see in the event input.
- Possible values are `ATTRIBUTES_CHANGED` and `ENTITLEMENTS_REMOVED`.
- - The above example lists both change types since both attributes and entitlements were removed. If an event payload only contains attributes removed, then this list will only contain the `ATTRIBUTES_CHANGED` value. This can be useful when filtering events based on change types, or quickly checking what types of objects changed in the account before continuing to process the input.
-- `multiValueAttributeChanges` List of multivalued attributes that were aggregated with the account. Only `removedValues` will appear for account deleted events.
+ - The above example lists both change types since both attributes and entitlements were removed. If an event payload only contains attributes removed, then this list will only contain the `ATTRIBUTES_CHANGED` value. This can be useful when filtering events based on change types, or quickly checking what types of objects changed in the account before continuing to process the input.
+- `multiValueAttributeChanges` List of multivalued attributes that were aggregated with the account. Only `removedValues` will appear for account deleted events.
- it will include ALL account attributes if the config is `"allNonEntitlementAttributes": true`
- it will include the enumerated list of attributes contained in `"selectedNonEntitlementAttributes": []`
-- `account` The details of the account as it appears in Identity Security Cloud. This information can be used to query the account API for more information.
+- `account` The details of the account as it appears in Identity Security Cloud. This information can be used to query the account API for more information.
## Additional Information and Links
diff --git a/docs/extensibility/event-triggers/available/native-change-account-updated.md b/docs/extensibility/event-triggers/available/native-change-account-updated.md
index 948afa2f1..8281fb586 100644
--- a/docs/extensibility/event-triggers/available/native-change-account-updated.md
+++ b/docs/extensibility/event-triggers/available/native-change-account-updated.md
@@ -14,7 +14,7 @@ tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
:::info Important Setup Steps
-You must have at least one source configured for Native Change Detection (NCD) before you will receive events from this trigger. There are two ways you can configure a source for NCD:
+You must have at least one source configured for Native Change Detection (NCD) before you will receive events from this trigger. There are two ways you can configure a source for NCD:
1. Invoke the [update native change detection configuration](https://developer.sailpoint.com/docs/api/beta/put-native-change-detection-config) for each source you want to receive events for NCD.
2. Configure the NCD options on the source in the source configuration UI.
@@ -38,7 +38,7 @@ flowchart TD
-This event trigger can be used to immediately notify interested parties and remediate accounts that are updated directly on the source. Some examples of how this trigger can be used are as follows:
+This event trigger can be used to immediately notify interested parties and remediate accounts that are updated directly on the source. Some examples of how this trigger can be used are as follows:
- Notify the identity's manager and the source owner of the new account
- Create a micro-certification for the identity to review their new account attributes and entitlements
@@ -48,82 +48,90 @@ This is an example input from this trigger:
```json
{
- "identity": {
- "manager": {
- "name": "Martena Heath",
- "id": "2c91808378eb9fa30178fb8caf90097f",
- "type": "IDENTITY",
- "email": "martena.heath@sample_email.com"
- },
- "name": "Ann English",
- "alias": "Ann.English",
- "id": "2c91808978eb9fab0178fb8ca6d308fb",
- "type": "IDENTITY",
- "email": "ann.english@sample_email.com"
- },
- "singleValueAttributeChanges": [{
- "newValue": "Call Center Representative",
- "name": "title",
- "oldValue": "Call Center Manager"
- }],
- "entitlementChanges": [{
- "removed": [{
- "owner": null,
- "name": "AccountsReceivable",
- "id": "d0470502d73d4c2e8c7543c712f518ca",
- "value": "CN=AccountsReceivable,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }],
- "added": [{
- "owner": null,
- "name": "Accounts Payable",
- "id": "2c91808978eb9fab0178fb9482620b71",
- "value": "CN=AccountsPayable,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }],
- "attributeName": "memberOf"
- }],
- "eventType": "ACCOUNT_UPDATED",
- "source": {
- "owner": {
- "name": "Aaron Andrew",
- "id": "2c9180867a7c46d0017a7ca099d50531",
- "type": "IDENTITY",
- "email": "aaron.andrew@sample_email.com"
- },
- "name": "Active Directory",
- "alias": "Active Directory [source]",
- "id": "2c91808a78efc63e0178fb8624b248c5",
- "type": "SOURCE",
- "governanceGroup": {
- "id": "fd0d1393-35fb-47d8-9809-0e385b73f25e",
- "name": "Active Directory Owners",
- "type": "GOVERNANCE_GROUP"
- }
- },
- "accountChangeTypes": [
- "ATTRIBUTES_CHANGED",
- "ENTITLEMENTS_ADDED",
- "ENTITLEMENTS_REMOVED"
- ],
- "multiValueAttributeChanges": [{
- "removedValues": [],
- "addedValues": [
- "User Account is Disabled"
- ],
- "name": "accountFlags"
- }],
- "account": {
- "name": "Ann.English",
- "id": "2c91808378eb9fa30178fb9481a30afa",
- "type": "ACCOUNT",
- "uuid": "{08ee6c6d-7d02-4978-9417-d92ba6a5ed50}",
- "correlated": true,
- "nativeIdentity": "CN=Ann English,OU=Call Center,OU=AI,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
- }
+ "identity": {
+ "manager": {
+ "name": "Martena Heath",
+ "id": "2c91808378eb9fa30178fb8caf90097f",
+ "type": "IDENTITY",
+ "email": "martena.heath@sample_email.com"
+ },
+ "name": "Ann English",
+ "alias": "Ann.English",
+ "id": "2c91808978eb9fab0178fb8ca6d308fb",
+ "type": "IDENTITY",
+ "email": "ann.english@sample_email.com"
+ },
+ "singleValueAttributeChanges": [
+ {
+ "newValue": "Call Center Representative",
+ "name": "title",
+ "oldValue": "Call Center Manager"
+ }
+ ],
+ "entitlementChanges": [
+ {
+ "removed": [
+ {
+ "owner": null,
+ "name": "AccountsReceivable",
+ "id": "d0470502d73d4c2e8c7543c712f518ca",
+ "value": "CN=AccountsReceivable,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
+ ],
+ "added": [
+ {
+ "owner": null,
+ "name": "Accounts Payable",
+ "id": "2c91808978eb9fab0178fb9482620b71",
+ "value": "CN=AccountsPayable,OU=Groups,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
+ ],
+ "attributeName": "memberOf"
+ }
+ ],
+ "eventType": "ACCOUNT_UPDATED",
+ "source": {
+ "owner": {
+ "name": "Aaron Andrew",
+ "id": "2c9180867a7c46d0017a7ca099d50531",
+ "type": "IDENTITY",
+ "email": "aaron.andrew@sample_email.com"
+ },
+ "name": "Active Directory",
+ "alias": "Active Directory [source]",
+ "id": "2c91808a78efc63e0178fb8624b248c5",
+ "type": "SOURCE",
+ "governanceGroup": {
+ "id": "fd0d1393-35fb-47d8-9809-0e385b73f25e",
+ "name": "Active Directory Owners",
+ "type": "GOVERNANCE_GROUP"
+ }
+ },
+ "accountChangeTypes": [
+ "ATTRIBUTES_CHANGED",
+ "ENTITLEMENTS_ADDED",
+ "ENTITLEMENTS_REMOVED"
+ ],
+ "multiValueAttributeChanges": [
+ {
+ "removedValues": [],
+ "addedValues": ["User Account is Disabled"],
+ "name": "accountFlags"
+ }
+ ],
+ "account": {
+ "name": "Ann.English",
+ "id": "2c91808378eb9fa30178fb9481a30afa",
+ "type": "ACCOUNT",
+ "uuid": "{08ee6c6d-7d02-4978-9417-d92ba6a5ed50}",
+ "correlated": true,
+ "nativeIdentity": "CN=Ann English,OU=Call Center,OU=AI,OU=Demo,DC=seri,DC=sailpointdemo,DC=com"
+ }
}
```
-- `identity` The identity correlated to this account. If `account.correlated` is `false`, then this will be a system generated identity, not a real identity. For uncorrelated accounts, this system generated identity can be used to revoke entitlements on the account, or in any other API request that requires an identity ID.
-- `singleValueAttributeChanges` Contains a list of account attributes that have changed. During an account updated event, only account attributes that were modified will be listed, and their `oldValue` will contain the previous value before the change.
+- `identity` The identity correlated to this account. If `account.correlated` is `false`, then this will be a system generated identity, not a real identity. For uncorrelated accounts, this system generated identity can be used to revoke entitlements on the account, or in any other API request that requires an identity ID.
+- `singleValueAttributeChanges` Contains a list of account attributes that have changed. During an account updated event, only account attributes that were modified will be listed, and their `oldValue` will contain the previous value before the change.
- it will include ALL account attributes if the config is `"allNonEntitlementAttributes": true`
- it will include the enumerated list of attributes contained in `"selectedNonEntitlementAttributes": []`
- `entitlementChanges` Contains a list of entitlements that have been added and/or removed on the account.
@@ -131,11 +139,11 @@ This is an example input from this trigger:
- `source` The source where this account originated from.
- `accountChangeTypes` A list of change types you can expect to see in the event input.
- Possible values are `ATTRIBUTES_CHANGED`, `ENTITLEMENTS_ADDED`, and `ENTITLEMENTS_REMOVED`.
- - The above example lists all three change types since attributes were changed and entitlements were added and removed. If an event payload only contains changed attributes, then this list will only contain the `ATTRIBUTES_CHANGED` value. This can be useful when filtering events based on change types, or quickly checking what types of objects changed in the account before continuing to process the input.
+ - The above example lists all three change types since attributes were changed and entitlements were added and removed. If an event payload only contains changed attributes, then this list will only contain the `ATTRIBUTES_CHANGED` value. This can be useful when filtering events based on change types, or quickly checking what types of objects changed in the account before continuing to process the input.
- `multiValueAttributeChanges` List of multivalued attributes that were added and/or removed on the account.
- it will include ALL account attributes if the config is `"allNonEntitlementAttributes": true`
- it will include the enumerated list of attributes contained in `"selectedNonEntitlementAttributes": []`
-- `account` The details of the account as it appears in Identity Security Cloud. This information can be used to query the account API for more information.
+- `account` The details of the account as it appears in Identity Security Cloud. This information can be used to query the account API for more information.
## Additional Information and Links
diff --git a/docs/extensibility/event-triggers/available/outlier-detected.md b/docs/extensibility/event-triggers/available/outlier-detected.md
index 00f752d9c..2f423f612 100644
--- a/docs/extensibility/event-triggers/available/outlier-detected.md
+++ b/docs/extensibility/event-triggers/available/outlier-detected.md
@@ -4,8 +4,7 @@ title: Outlier Detected
pagination_label: Outlier Detected
sidebar_label: Outlier Detected
sidebar_class_name: outlierDetected
-keywords:
- ['event', 'trigger', 'outlier', 'detected']
+keywords: ['event', 'trigger', 'outlier', 'detected']
description: Fires after an identity was detected as an outlier.
slug: /extensibility/event-triggers/triggers/outlier-detected
tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
@@ -13,7 +12,7 @@ tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
## Event Context
-The 'Outlier Detected' event trigger notifies subscribed applications of any identities that have unusual access when compared to their peers. Outliers are calculated daily, and any identities that are flagged as outliers will be sent to subscribers of the trigger.
+The 'Outlier Detected' event trigger notifies subscribed applications of any identities that have unusual access when compared to their peers. Outliers are calculated daily, and any identities that are flagged as outliers will be sent to subscribers of the trigger.
This is an example input from this trigger:
@@ -30,7 +29,7 @@ This is an example input from this trigger:
```
- `outlierType` - Only `LOW_SIMILARITY` is supported at this time.
-- `score` - The range is `0.0` to `1.0`. The higher the score, the more likely the identity is an outlier.
+- `score` - The range is `0.0` to `1.0`. The higher the score, the more likely the identity is an outlier.
## Prerequisites
@@ -42,7 +41,7 @@ Before consuming this event trigger, the following prerequesites must be met:
:::caution Important
-If you don't meet the prerequisites and you subscribe to this event trigger, you will not receive any events. The prerequisites must be met in order to receive events.
+If you don't meet the prerequisites and you subscribe to this event trigger, you will not receive any events. The prerequisites must be met in order to receive events.
:::
diff --git a/docs/extensibility/event-triggers/available/scheduled-search.md b/docs/extensibility/event-triggers/available/scheduled-search.md
index c4649f11f..a84dde0ac 100644
--- a/docs/extensibility/event-triggers/available/scheduled-search.md
+++ b/docs/extensibility/event-triggers/available/scheduled-search.md
@@ -4,7 +4,8 @@ title: Scheduled Search
pagination_label: Scheduled Search
sidebar_label: Scheduled Search
sidebar_class_name: scheduledSearch
-keywords: ['event', 'trigger', 'saved', 'scheduled', 'search', 'complete', 'available']
+keywords:
+ ['event', 'trigger', 'saved', 'scheduled', 'search', 'complete', 'available']
description: Fires after a scheduled search completes.
slug: /extensibility/event-triggers/triggers/scheduled-search
tags: ['Event Triggers', 'Available Event Triggers', 'Fire and Forget']
diff --git a/docs/extensibility/event-triggers/early-access/identity-deleted.md b/docs/extensibility/event-triggers/early-access/identity-deleted.md
index d0f859c97..c7935d624 100644
--- a/docs/extensibility/event-triggers/early-access/identity-deleted.md
+++ b/docs/extensibility/event-triggers/early-access/identity-deleted.md
@@ -33,7 +33,7 @@ After accounts are aggregated and the identity refresh process finds an identity
:::info
-Identity Security Cloud will **hide** an identity from the identity list in the UI when the authoritative account is removed. This does not necessarily mean that the identity has been deleted. The identity will only be deleted when the above criteria are met. The deletion task run each night, so there will be a delay from when the criteria are met to when the identity will actually be deleted.
+Identity Security Cloud will **hide** an identity from the identity list in the UI when the authoritative account is removed. This does not necessarily mean that the identity has been deleted. The identity will only be deleted when the above criteria are met. The deletion task run each night, so there will be a delay from when the criteria are met to when the identity will actually be deleted.
:::
diff --git a/docs/extensibility/event-triggers/filtering-events.md b/docs/extensibility/event-triggers/filtering-events.md
index cfda93dff..941264bf5 100644
--- a/docs/extensibility/event-triggers/filtering-events.md
+++ b/docs/extensibility/event-triggers/filtering-events.md
@@ -77,7 +77,7 @@ Operators provide more options to filter JSON structures.
### Developing Filters
-Developing a filter can be faster when you use a tool like an online [JSONpath editor](https://www.javainuse.com/jsonpath). These tools can provide quick feedback on your filter, allowing you to focus on the exact filter expression you want before testing it on a trigger. Just paste an example of your event trigger input and start crafting an expression to see its result.
+Developing a filter can be faster when you use a tool like an online [JSONpath editor](https://www.javainuse.com/jsonpath). These tools can provide quick feedback on your filter, allowing you to focus on the exact filter expression you want before testing it on a trigger. Just paste an example of your event trigger input and start crafting an expression to see its result.
diff --git a/docs/extensibility/event-triggers/trigger-types.md b/docs/extensibility/event-triggers/trigger-types.md
index 4301f8de1..1e12096a5 100644
--- a/docs/extensibility/event-triggers/trigger-types.md
+++ b/docs/extensibility/event-triggers/trigger-types.md
@@ -6,7 +6,7 @@ sidebar_label: Trigger Types
sidebar_position: 1
sidebar_class_name: triggerTypes
keywords: ['event', 'trigger', 'types']
-description: These are the different trigger types you can use.
+description: These are the different trigger types you can use.
slug: /extensibility/event-triggers/trigger-types
tags: ['Event Triggers']
---
diff --git a/docs/extensibility/rules/_category_.json b/docs/extensibility/rules/_category_.json
index 9c10c2cb2..8d08cd392 100644
--- a/docs/extensibility/rules/_category_.json
+++ b/docs/extensibility/rules/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Advanced configurations with custom logic."
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Advanced configurations with custom logic."
+ }
+}
diff --git a/docs/extensibility/rules/cloud-rules/account_profile_attribute_generator_from_template.md b/docs/extensibility/rules/cloud-rules/account_profile_attribute_generator_from_template.md
index 4e4043a4b..641d2194f 100644
--- a/docs/extensibility/rules/cloud-rules/account_profile_attribute_generator_from_template.md
+++ b/docs/extensibility/rules/cloud-rules/account_profile_attribute_generator_from_template.md
@@ -19,24 +19,24 @@ This rule generates complex account attribute values during provisioning, e.g. w
In the following example, the template is `${firstname}.${lastname}${uniqueCounter}`, which is pulled in by the `Create Unique LDAP Attribute` rule and used to replace the `firstname`, `lastname` and `uniqueCounter` placeholders.
```json
- {
- "name": "userName",
- "transform": {
- "type": "rule",
- "attributes": {
- "name": "Create Unique LDAP Attribute"
- }
- },
- "attributes": {
- "template": "${firstname}.${lastname}${uniqueCounter}",
- "cloudMaxUniqueChecks": "50",
- "cloudMaxSize": "20",
- "cloudRequired": "true"
- },
- "isRequired": false,
- "type": "string",
- "isMultiValued": false
+{
+ "name": "userName",
+ "transform": {
+ "type": "rule",
+ "attributes": {
+ "name": "Create Unique LDAP Attribute"
}
+ },
+ "attributes": {
+ "template": "${firstname}.${lastname}${uniqueCounter}",
+ "cloudMaxUniqueChecks": "50",
+ "cloudMaxSize": "20",
+ "cloudRequired": "true"
+ },
+ "isRequired": false,
+ "type": "string",
+ "isMultiValued": false
+}
```
## Execution
diff --git a/docs/extensibility/rules/cloud-rules/before_provisioning_rule.md b/docs/extensibility/rules/cloud-rules/before_provisioning_rule.md
index dcffd7bd1..2d77de594 100644
--- a/docs/extensibility/rules/cloud-rules/before_provisioning_rule.md
+++ b/docs/extensibility/rules/cloud-rules/before_provisioning_rule.md
@@ -16,9 +16,9 @@ Use this rule to modify a provisioning plan as provisioning is sent out. Do not
These are some examples of when to use this rule:
-* Disable account and remove groups during provisioning when the lifecycle state of an identity is set to terminated
-* Remove or add permissions when certain attribute criteria are met
-* Move users to a specific organizational unit (OU) in Active Directory based upon attribute criteria
+- Disable account and remove groups during provisioning when the lifecycle state of an identity is set to terminated
+- Remove or add permissions when certain attribute criteria are met
+- Move users to a specific organizational unit (OU) in Active Directory based upon attribute criteria
## Execution
diff --git a/docs/extensibility/rules/cloud-rules/build_map_rule.md b/docs/extensibility/rules/cloud-rules/build_map_rule.md
index 9957a869b..0dae8082d 100644
--- a/docs/extensibility/rules/cloud-rules/build_map_rule.md
+++ b/docs/extensibility/rules/cloud-rules/build_map_rule.md
@@ -16,9 +16,7 @@ tags: ['Rules']
This rule manipulates raw input data provided by the rows and columns in a file and builds a map from the incoming data. Use this rule to create a new value by combining two columns together. For example, if one column was `access` and another `permissions` you could combine these together to create an entitlement `admin-read`.
-:::info
-This rule runs in the cloud, but it's really a connector rule because it executes against the DelimitedFileConnector.
-:::
+:::info This rule runs in the cloud, but it's really a connector rule because it executes against the DelimitedFileConnector. :::
## Execution
diff --git a/docs/extensibility/rules/cloud-rules/index.md b/docs/extensibility/rules/cloud-rules/index.md
index 9897ac30c..79e3e1466 100644
--- a/docs/extensibility/rules/cloud-rules/index.md
+++ b/docs/extensibility/rules/cloud-rules/index.md
@@ -59,7 +59,7 @@ All submitted rules must follow proper rule submission guidelines.
This is the file naming convention for rules: `Rule - {type} - {name}.xml`
-For example, this is the rule:
+For example, this is the rule:
``
diff --git a/docs/extensibility/rules/cloud-rules/manager_correlation_rule.md b/docs/extensibility/rules/cloud-rules/manager_correlation_rule.md
index 4b666f5e6..e842f56f3 100644
--- a/docs/extensibility/rules/cloud-rules/manager_correlation_rule.md
+++ b/docs/extensibility/rules/cloud-rules/manager_correlation_rule.md
@@ -16,9 +16,9 @@ This rule calculates a manager relationship between identities.
Use this rule to correlate an identity's manager for the following scenarios:
-* The authoritative source has multiple accounts for an identity and you must pick the manager data from the `active` account.
-* You need to do a lookup from an employee number to other data.
-* The identity changes types, for example, from consultant to employee with the manager coming from a different authoritative source.
+- The authoritative source has multiple accounts for an identity and you must pick the manager data from the `active` account.
+- You need to do a lookup from an employee number to other data.
+- The identity changes types, for example, from consultant to employee with the manager coming from a different authoritative source.
The manager correlation rule runs before configured manager account correlation.
diff --git a/docs/extensibility/rules/connector-rules/index.md b/docs/extensibility/rules/connector-rules/index.md
index 0c07ca463..45634da07 100644
--- a/docs/extensibility/rules/connector-rules/index.md
+++ b/docs/extensibility/rules/connector-rules/index.md
@@ -131,16 +131,12 @@ The value key is a list. All available AfterCreate, AfterModify, BeforeCreate, a
```json
[
-Â {
-Â Â Â Â "op":Â "add",
-Â Â Â Â "path":Â "/connectorAttributes/nativeRules",
-Â Â Â Â "value": [
-Â Â Â Â Â Â "Example Rule 1",
-Â Â Â Â Â Â "Example Rule 2"
-Â Â Â ]
-Â }
+ {
+ "op": "add",
+ "path": "/connectorAttributes/nativeRules",
+ "value": ["Example Rule 1", "Example Rule 2"]
+ }
]
-
```
### Correlation Rule
diff --git a/docs/extensibility/rules/guides/your_first_rule.md b/docs/extensibility/rules/guides/your_first_rule.md
index eea2c41a5..04e8d62a8 100644
--- a/docs/extensibility/rules/guides/your_first_rule.md
+++ b/docs/extensibility/rules/guides/your_first_rule.md
@@ -216,8 +216,8 @@ if(fullName.length() > MAX_USERNAME_LENGTH) {
int firstNameLength = firstName.length();
- //Checking if the firstname length is more than the MAX minus 2 chars.
- //If firstname is more then the MAX minus 2 we are picking MAX minus 2 characters from the firstname.
+ //Checking if the firstname length is more than the MAX minus 2 chars.
+ //If firstname is more then the MAX minus 2 we are picking MAX minus 2 characters from the firstname.
if(firstNameLength > (MAX_USERNAME_LENGTH - 2)){
//lastNameLength represents the current pointer of lastlength.
for(int lastNameLength = 0 ; lastNameLength < lastName.length() ; lastNameLength++){
@@ -229,7 +229,7 @@ if(fullName.length() > MAX_USERNAME_LENGTH) {
finalUserName = username;
return username;
}
- }
+ }
}
//If firstname is less than or equal to the MAX minus 2 chars then we are considering full firstname for username generation.
else{
@@ -243,8 +243,8 @@ if(fullName.length() > MAX_USERNAME_LENGTH) {
finalUserName = username;
return username;
}
- }
- }
+ }
+ }
}
```
@@ -263,7 +263,7 @@ if( isUnique( username ) ) {
return username;
}
else{
- //If the username was not unique with firstname.last name we then check uniqueness
+ //If the username was not unique with firstname.last name we then check uniqueness
// with firstname.firstLetterOfLastName, firstname.secondLetterOfLastName e.t.c...
for(int lastNameLength = 0 ; lastNameLength < lastName.length() ; lastNameLength++){
username = firstName + "." + lastName.charAt(lastNameLength);
@@ -290,8 +290,7 @@ public boolean isUnique ( String username ) throws GeneralException {
### Invoke `generateUsername()` With the Identity's First and Last Name
-This is the final part of the rule. Call the `generateUsername()` function, passing in the identity's first and last name.
-The `identity` variable is already initialized and included as input to our attribute generator rule.
+This is the final part of the rule. Call the `generateUsername()` function, passing in the identity's first and last name. The `identity` variable is already initialized and included as input to our attribute generator rule.
```java
return generateUsername( identity.getFirstname(), identity.getLastname() );
@@ -354,8 +353,8 @@ return generateUsername( identity.getFirstname(), identity.getLastname() );
int firstNameLength = firstName.length();
- //Checking if the firstname length is more than the MAX minus 2 chars.
- //If firstname is more then the MAX minus 2 we are picking MAX minus 2 characters from the firstname.
+ //Checking if the firstname length is more than the MAX minus 2 chars.
+ //If firstname is more then the MAX minus 2 we are picking MAX minus 2 characters from the firstname.
if(firstNameLength > (MAX_USERNAME_LENGTH - 2)){
//lastNameLength represents the current pointer of lastlength.
for(int lastNameLength = 0 ; lastNameLength < lastName.length() ; lastNameLength++){
@@ -367,7 +366,7 @@ return generateUsername( identity.getFirstname(), identity.getLastname() );
finalUserName = username;
return username;
}
- }
+ }
}
//If firstname is less than or equal to the MAX minus 2 chars then we are considering full firstname for username generation.
else{
@@ -381,8 +380,8 @@ return generateUsername( identity.getFirstname(), identity.getLastname() );
finalUserName = username;
return username;
}
- }
- }
+ }
+ }
} else {
//The full name is less than MAX_USERNAME_LENGTH minus 2 chars directly assign username to full name.
username = fullName;
@@ -394,7 +393,7 @@ return generateUsername( identity.getFirstname(), identity.getLastname() );
return username;
}
else{
- //If the username was not unique with firstname.last name we then check uniqueness
+ //If the username was not unique with firstname.last name we then check uniqueness
// with firstname.firstLetterOfLastName, firstname.secondLetterOfLastName e.t.c...
for(int lastNameLength = 0 ; lastNameLength < lastName.length() ; lastNameLength++){
username = firstName + "." + lastName.charAt(lastNameLength);
@@ -418,7 +417,7 @@ return generateUsername( identity.getFirstname(), identity.getLastname() );
public boolean isUnique ( String username ) throws GeneralException {
return !idn.accountExistsByDisplayName(application.getName(), username);
}
-
+
return generateUsername( identity.getFirstname(), identity.getLastname() );
]]>
@@ -458,14 +457,14 @@ No errors found.
Warnings: (3)
- Line 55 - [LintValidatorForStatement(31)] For statement detected: for ( int lastNameLength = 0 ; . . "For Loops" can cause issues when looping with incorrect exit conditions. Ensure Looping exit conditions are correct.
- 55: for ( int lastNameLength = 0 ; lastNameLength < lastName .length ( ) ; lastNameLength ++ ) {
+ Line 55 - [LintValidatorForStatement(31)] For statement detected: for ( int lastNameLength = 0 ; . . "For Loops" can cause issues when looping with incorrect exit conditions. Ensure Looping exit conditions are correct.
+ 55: for ( int lastNameLength = 0 ; lastNameLength < lastName .length ( ) ; lastNameLength ++ ) {
- Line 70 - [LintValidatorForStatement(31)] For statement detected: for ( int lastNameLength = 0 ; . . "For Loops" can cause issues when looping with incorrect exit conditions. Ensure Looping exit conditions are correct.
- 70: for ( int lastNameLength = 0 ; lastNameLength < lastName .length ( ) ; lastNameLength ++ ) {
+ Line 70 - [LintValidatorForStatement(31)] For statement detected: for ( int lastNameLength = 0 ; . . "For Loops" can cause issues when looping with incorrect exit conditions. Ensure Looping exit conditions are correct.
+ 70: for ( int lastNameLength = 0 ; lastNameLength < lastName .length ( ) ; lastNameLength ++ ) {
- Line 95 - [LintValidatorForStatement(31)] For statement detected: for ( int lastNameLength = 0 ; . . "For Loops" can cause issues when looping with incorrect exit conditions. Ensure Looping exit conditions are correct.
- 95: for ( int lastNameLength = 0 ; lastNameLength < lastName .length ( ) ; lastNameLength ++ ) {
+ Line 95 - [LintValidatorForStatement(31)] For statement detected: for ( int lastNameLength = 0 ; . . "For Loops" can cause issues when looping with incorrect exit conditions. Ensure Looping exit conditions are correct.
+ 95: for ( int lastNameLength = 0 ; lastNameLength < lastName .length ( ) ; lastNameLength ++ ) {
________________________________________________________________________________
diff --git a/docs/extensibility/rules/idn_rule_utility.md b/docs/extensibility/rules/idn_rule_utility.md
index 0e0a2ae46..9b4aaad04 100644
--- a/docs/extensibility/rules/idn_rule_utility.md
+++ b/docs/extensibility/rules/idn_rule_utility.md
@@ -502,19 +502,19 @@ String value, String sortAttribute)
}
/**
- * Use this method to call LDAP type connectors to look for
+ * Use this method to call LDAP type connectors to look for
* unique values. This method calls the connector with a specific search filter
* based on the attributeName and value passed into the method.
* Any returned value is considered non-unique.
- *
+ *
* @param identityNameOrId The name or ID of the identity you are using
* @param applicationNameOrId The name or ID of the source you are targeting
* @param attributeName The name of the attribute you want to validate
* @param attributeValue The value of the attribute you want to validate
- *
+ *
* @return true if the value is unique AND false otherwise. If the application or identity can't be found, an
* IllegalStateException will be thrown.
- *
+ *
*/
public boolean isUniqueLDAPValue(String identityNameOrId, String applicationNameOrId, String attributeName, String attributeValue)
```
diff --git a/docs/extensibility/transforms/_category_.json b/docs/extensibility/transforms/_category_.json
index 17d3fb707..e8604e38d 100644
--- a/docs/extensibility/transforms/_category_.json
+++ b/docs/extensibility/transforms/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Modify attribute data without code."
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Modify attribute data without code."
+ }
+}
diff --git a/docs/extensibility/transforms/guides/identity-context.md b/docs/extensibility/transforms/guides/identity-context.md
index 6e0a4dc7a..4f5bc4be8 100644
--- a/docs/extensibility/transforms/guides/identity-context.md
+++ b/docs/extensibility/transforms/guides/identity-context.md
@@ -15,7 +15,7 @@ tags: ['Transforms', 'Guides', 'identity']
Transforms ship with the Apache Velocity template engine, which allows a transform to reference, transform, and render values passed into the transform context.
-The following variables are available to the Apache Velocity template engine when a transform is used to source an identity attribute:
+The following variables are available to the Apache Velocity template engine when a transform is used to source an identity attribute:
| Variable | Type | Description |
| --- | --- | --- |
@@ -25,7 +25,7 @@ The following variables are available to the Apache Velocity template engine whe
For available methods on these objects see our [Rules Java Docs](https://developer.sailpoint.com/docs/extensibility/rules/java-docs).
-## Examples
+## Examples
These examples will help you learn what you can do with the identity context.
@@ -56,14 +56,17 @@ You must use a `firstValid`. If the identity does not have a manager, `getManage
{
"type": "firstValid",
"attributes": {
- "values": ["$identity.getManager().getStringAttribute('country')", "no manager exists"]
+ "values": [
+ "$identity.getManager().getStringAttribute('country')",
+ "no manager exists"
+ ]
}
}
```
### Get manager status of the identity's manager
-This example would get the status of whether or not the identity's manager is currently actually a manager.
+This example would get the status of whether or not the identity's manager is currently actually a manager.
```json
{
@@ -76,7 +79,7 @@ This example would get the status of whether or not the identity's manager is cu
### Get an identity's accounts
-This example would get an identity's various associated source accounts.
+This example would get an identity's various associated source accounts.
```json
{
@@ -89,7 +92,7 @@ This example would get an identity's various associated source accounts.
### Get a comma separated list of account names from an application/source
-This is the velocity logic of the transform:
+This is the velocity logic of the transform:
```java
/* Loop through accounts returned from get accounts by application id */
diff --git a/docs/extensibility/transforms/guides/lifecycle-state-transforms.md b/docs/extensibility/transforms/guides/lifecycle-state-transforms.md
index d5739a089..a5a6a0643 100644
--- a/docs/extensibility/transforms/guides/lifecycle-state-transforms.md
+++ b/docs/extensibility/transforms/guides/lifecycle-state-transforms.md
@@ -15,7 +15,7 @@ tags: ['Transforms', 'Guides', 'Lifecycle']
In this guide, you will walk through a lifecycle state transform that requires you to nest multiple transforms together to achieve your desired result.
-A lifecycle state is a status an identity can be in, such as `active`, `inactive` and `terminated`, for example. You can then use this lifecycle state in Identity Security Cloud to determine an identity's access.
+A lifecycle state is a status an identity can be in, such as `active`, `inactive` and `terminated`, for example. You can then use this lifecycle state in Identity Security Cloud to determine an identity's access.
## Determine lifecycle state from end date attribute
@@ -38,24 +38,24 @@ This example and dates assume that the `now` keyword in the dateMath expression
:::
-| id | email | first_name | last_name | end_date |
-| ------ | ---------------------------- | ---------- | --------- | ---------- |
-| 100010 | lewis.hamilton@sailpoint.com | Lewis | Hamilton | 2023-11-01 |
-| 100011 | frank.williams@sailpoint.com | Frank | Williams | 2023-11-09 |
-| 100012 | paddy.lowe@sailpoint.com | Paddy | Lowe | 2023-11-25 |
+| id | email | first_name | last_name | end_date |
+| --- | --- | --- | --- | --- |
+| 100010 | lewis.hamilton@sailpoint.com | Lewis | Hamilton | 2023-11-01 |
+| 100011 | frank.williams@sailpoint.com | Frank | Williams | 2023-11-09 |
+| 100012 | paddy.lowe@sailpoint.com | Paddy | Lowe | 2023-11-25 |
| 100013 | keifer.sutherland@sailpoint.com | Keifer | Sutherland | 2023-12-25 |
-### Check whether the end date was in the past
+### Check whether the end date was in the past
The first part of the transform will check whether the `end_date` attribute was in the past. You will use these transforms to do so: `dateCompare`, `dateFormat`, and `dateMath`.
-First, use the [dateCompare operation](../operations/date-compare.md) to check that today is less than the specified `end_date`. To use the `dateCompare` operation, the dates must be in the `ISO8601` format, so the transform will require the use of the [dateFormat operation](../operations/date-format.md) as well.
+First, use the [dateCompare operation](../operations/date-compare.md) to check that today is less than the specified `end_date`. To use the `dateCompare` operation, the dates must be in the `ISO8601` format, so the transform will require the use of the [dateFormat operation](../operations/date-format.md) as well.
On lines 10-17, the [dathMath operation](../operations/date-math.md) to pull the date `now`, which represents the current moment in time. The `dateFormat` operation then converts it into the `ISO8601` format for comparison.
-On lines 21-31, the `dateFormat` operation converts the end date provided from the source format (`YYYY-MM-dd`) into the `ISO8601` format.
+On lines 21-31, the `dateFormat` operation converts the end date provided from the source format (`YYYY-MM-dd`) into the `ISO8601` format.
-Finally, lines 34-36 use the comparison operator greater than or equal to `gte`. If the current date is greater than or equal to the end date, the comparison will return `true`, meaning that the end date is in the past. This would result in identity's `terminated` lifecycle state. If the current date is still less than the end date, the comparison will return `false`.
+Finally, lines 34-36 use the comparison operator greater than or equal to `gte`. If the current date is greater than or equal to the end date, the comparison will return `true`, meaning that the end date is in the past. This would result in identity's `terminated` lifecycle state. If the current date is still less than the end date, the comparison will return `false`.
Show Transform
@@ -108,11 +108,11 @@ Finally, lines 34-36 use the comparison operator greater than or equal to `gte`.
### Check whether end date is within 7 days
-Once you have ensured that the `end_date` is in fact in the past, the next step is to check whether the `end_date` is fewer than 7 days away, 7-25 days days away, or more than 25 days away, to determine their exact lifecycle states. Start by checking whether the `end_date` is fewer than 7 days away. You will again use `dateCompare`, `dateFormat`, and `dateMath` for this comparison.
+Once you have ensured that the `end_date` is in fact in the past, the next step is to check whether the `end_date` is fewer than 7 days away, 7-25 days days away, or more than 25 days away, to determine their exact lifecycle states. Start by checking whether the `end_date` is fewer than 7 days away. You will again use `dateCompare`, `dateFormat`, and `dateMath` for this comparison.
On line 27, use the `dateMath` operation to add 7 days to the current date: `now+7d`. It pulls in the `end_date` the same way it did before, and it converts both dates to the `ISO8601` format for comparison.
-Lines 34-36 use the comparison operator less than or equal to: `lte`. This uses the result from the previous check to ensure that if the `end_date` is not in the past and that it is also fewer than 7 days away, the `end_date` will indeed occur in the 0-7 days range. This would result in the identity's `inactivePendingTermination` lifecycle state.
+Lines 34-36 use the comparison operator less than or equal to: `lte`. This uses the result from the previous check to ensure that if the `end_date` is not in the past and that it is also fewer than 7 days away, the `end_date` will indeed occur in the 0-7 days range. This would result in the identity's `inactivePendingTermination` lifecycle state.
Show Transform
@@ -169,7 +169,7 @@ Once you have ensured that the end date is in the past and that it is not fewer
On line 27, the `dateMath` operation adds 25 days to the current date `now+25d`. It pulls in the end date the same way it did before, and it converts both dates to the `ISO8601` format for comparison.
-Lines 34-36 use the comparison operator less than or equal to: `lte`. This uses the combination of the previous checks to ensure that if the `end_date` is not in the past, it is greater than 7 days away, and it returns `true` that it is fewer than 25 days away, then the `end_date` must fall between 7 and 25 days away. This would result in the identity's `activePendingTermination` lifecycle state. If it returns `false`, then the `end_date` must be more than 25 days away. This would result in the identity's `active` lifecycle state.
+Lines 34-36 use the comparison operator less than or equal to: `lte`. This uses the combination of the previous checks to ensure that if the `end_date` is not in the past, it is greater than 7 days away, and it returns `true` that it is fewer than 25 days away, then the `end_date` must fall between 7 and 25 days away. This would result in the identity's `activePendingTermination` lifecycle state. If it returns `false`, then the `end_date` must be more than 25 days away. This would result in the identity's `active` lifecycle state.
Show Transform
@@ -236,7 +236,7 @@ Now that you have taken the time to understand each of the nested transforms, yo
#end
```
-This is the logic within the static transform:
+This is the logic within the static transform:
```json
{
@@ -371,9 +371,9 @@ This is the logic within the static transform:
These are the results of the transform on each identity, given that `now` returns 2023-11-07:
-| id | email | first_name | last_name | end_date | result |
-| ------ | ---------------------------- | ---------- | --------- | ---------- | ------ |
-| 100010 | lewis.hamilton@sailpoint.com | Lewis | Hamilton | 2023-11-01 | terminated |
-| 100011 | frank.williams@sailpoint.com | Frank | Williams | 2023-11-09 | inactivePendingTermination |
-| 100012 | paddy.lowe@sailpoint.com | Paddy | Lowe | 2023-11-25 | activePendingTermination |
+| id | email | first_name | last_name | end_date | result |
+| --- | --- | --- | --- | --- | --- |
+| 100010 | lewis.hamilton@sailpoint.com | Lewis | Hamilton | 2023-11-01 | terminated |
+| 100011 | frank.williams@sailpoint.com | Frank | Williams | 2023-11-09 | inactivePendingTermination |
+| 100012 | paddy.lowe@sailpoint.com | Paddy | Lowe | 2023-11-25 | activePendingTermination |
| 100013 | keifer.sutherland@sailpoint.com | Keifer | Sutherland | 2023-12-25 | active |
diff --git a/docs/extensibility/transforms/guides/provisioning-policy-transform.md b/docs/extensibility/transforms/guides/provisioning-policy-transform.md
index 71b88e8d6..6d2cce226 100644
--- a/docs/extensibility/transforms/guides/provisioning-policy-transform.md
+++ b/docs/extensibility/transforms/guides/provisioning-policy-transform.md
@@ -129,13 +129,11 @@ This is an example create provisioning policy response for a source:
}
```
-## Add to the Create policy
+## Add to the Create policy
This transform concatenates the identityAttributes `firstName`, `lastName`, the two digit month of the `hireDate` and the static string `Rt4e!` to form a temporaryPassword.
-:::caution
-You must use the `identityAttribute` type when you're writing transforms in provisioning policies. The `accountAttribute` type won't work during provisioning.
-:::
+:::caution You must use the `identityAttribute` type when you're writing transforms in provisioning policies. The `accountAttribute` type won't work during provisioning. :::
```json
{
@@ -197,7 +195,7 @@ If you assume the given attributes have the following values, this transform wou
Upload your complete CREATE provisioning policy by using the [Create Provisioning Policy API](/docs/api/v3/create-provisioning-policy), or use the [Update Provisioning Policy API](/docs/api/v3/put-provisioning-policy) to update an existing provisioning policy.
-This is the example response with the full policy, along with the new attribute:
+This is the example response with the full policy, along with the new attribute:
```json
{
diff --git a/docs/extensibility/transforms/index.md b/docs/extensibility/transforms/index.md
index fb17d25a4..33d83f173 100644
--- a/docs/extensibility/transforms/index.md
+++ b/docs/extensibility/transforms/index.md
@@ -240,6 +240,7 @@ Account attribute transforms are configured on the account create profiles. They
These transforms are configured separately from the transforms applied via the identity profile mappings tab.
:::
+
#### Configuration
These can be configured in Identity Security Cloud by going to **Admin** > **Sources** > (A Source) > **Accounts** (tab) > **Create Account**.
diff --git a/docs/extensibility/transforms/operations/account-attribute.md b/docs/extensibility/transforms/operations/account-attribute.md
index 56918c54b..b57d597d6 100644
--- a/docs/extensibility/transforms/operations/account-attribute.md
+++ b/docs/extensibility/transforms/operations/account-attribute.md
@@ -147,36 +147,36 @@ When you are mapping values like a username, focus on primary accounts from a pa
To determine whether an identity is a member of an entitlement.
- `input` contains the condition to be evaluated (is member of an entitlement or not). If the user doesn't meet the below conditions, the `firstValid` retuns "FALSE".
- - `sourceName` is "Active Directory" because that is the source this data is coming from.
- - `attributeName` is "sAMAccountName" because you are mapping the username of the user.
- - `accountPropertyFilter` is filtering accounts that are members of an entitlement that contains "All AD Users-rshwart".
+ - `sourceName` is "Active Directory" because that is the source this data is coming from.
+ - `attributeName` is "sAMAccountName" because you are mapping the username of the user.
+ - `accountPropertyFilter` is filtering accounts that are members of an entitlement that contains "All AD Users-rshwart".
- `table` contains the boolean results: FALSE or TRUE (default).
```json
{
- "attributes": {
- "input": {
+ "attributes": {
+ "input": {
+ "attributes": {
+ "values": [
+ {
"attributes": {
- "values": [
- {
- "attributes": {
- "accountPropertyFilter": "(memberOf.contains(\"All AD Users-rshwart\"))",
- "attributeName": "sAMAccountName",
- "sourceName": "Active Directory"
- },
- "type": "accountAttribute"
- },
- "FALSE"
- ]
+ "accountPropertyFilter": "(memberOf.contains(\"All AD Users-rshwart\"))",
+ "attributeName": "sAMAccountName",
+ "sourceName": "Active Directory"
},
- "type": "firstValid"
- },
- "table": {
- "FALSE": "FALSE",
- "default": "TRUE"
- }
+ "type": "accountAttribute"
+ },
+ "FALSE"
+ ]
+ },
+ "type": "firstValid"
},
- "id": "Contains IT Access",
- "type": "lookup"
+ "table": {
+ "FALSE": "FALSE",
+ "default": "TRUE"
+ }
+ },
+ "id": "Contains IT Access",
+ "type": "lookup"
}
```
diff --git a/docs/extensibility/transforms/operations/date-format.md b/docs/extensibility/transforms/operations/date-format.md
index e432da841..b7c60407a 100644
--- a/docs/extensibility/transforms/operations/date-format.md
+++ b/docs/extensibility/transforms/operations/date-format.md
@@ -29,7 +29,7 @@ This transform leverages the Java SimpleDateFormat syntax; see the [References](
## Transform Structure
-The date format transform takes whatever value provided as the input, parses the datetime based on the `inputFormat` provided, and then reformats it into the desired `outputFormat`.
+The date format transform takes whatever value provided as the input, parses the datetime based on the `inputFormat` provided, and then reformats it into the desired `outputFormat`.
```json
{
@@ -53,11 +53,9 @@ The date format transform takes whatever value provided as the input, parses the
- If no inputFormat is provided, the transform assumes that it is in [ISO8601 format](https://en.wikipedia.org/wiki/ISO_8601).
- **outputFormat** - This string value indicates either the explicit SimpleDateFormat or the built-in named format that the data is formatted into.
- If no outputFormat is provided, the transform assumes that it is in [ISO8601 format](https://en.wikipedia.org/wiki/ISO_8601).
- - **input** - This is an optional attribute that can explicitly define the input data passed into the transform logic. If no input is provided, the transform takes its input from the source and attribute combination configured with the UI.
+ - **input** - This is an optional attribute that can explicitly define the input data passed into the transform logic. If no input is provided, the transform takes its input from the source and attribute combination configured with the UI.
-:::note Important
-This transform does not currently support the "now" keyword as an input value.
-:::
+:::note Important This transform does not currently support the "now" keyword as an input value. :::
## Examples
diff --git a/docs/extensibility/transforms/operations/date-math.md b/docs/extensibility/transforms/operations/date-math.md
index 5facd3ba7..34d6b0b17 100644
--- a/docs/extensibility/transforms/operations/date-math.md
+++ b/docs/extensibility/transforms/operations/date-math.md
@@ -16,7 +16,6 @@ Use the date math transform to add, subtract, and round components of a timestam
The output format for the DateMath transform is "yyyy-MM-dd'T'HH:mm". When you use this transform inside another transform (e.g., [dateCompare](./date-compare.md)), make sure to convert to [ISO8601](https://en.wikipedia.org/wiki/ISO_8601) first.
-
:::note Other Considerations
- The input datetime value must always be in [ISO8601 format](https://en.wikipedia.org/wiki/ISO_8601), in UTC time zone:
@@ -90,6 +89,7 @@ Some examples of expressions are:
- `true` indicates the transform rounds up (i.e., truncate the fractional date/time component indicated and then add one unit of that component).
- `false` indicates the transform rounds down (i.e., truncate the fractional date/time component indicated).
+
- **input** - This is an optional attribute that can explicitly define the input data passed into the transform logic. If no input is provided, the transform takes its input from the source and attribute combination configured with the UI.
## Examples
diff --git a/docs/extensibility/transforms/operations/decompose-diacritical-marks.md b/docs/extensibility/transforms/operations/decompose-diacritical-marks.md
index 974060751..12bad8216 100644
--- a/docs/extensibility/transforms/operations/decompose-diacritical-marks.md
+++ b/docs/extensibility/transforms/operations/decompose-diacritical-marks.md
@@ -21,7 +21,7 @@ The following are examples of diacritical marks:
> - Ň
> - Å´
-The decomposeDiacriticalMarks transform uses the [Normalizer library](https://docs.oracle.com/javase/7/docs/api/java/text/Normalizer.html) to decompose the diacritical marks. It specifically uses the Normalization Form KD (NFKD), as described in Sections 3.6, 3.10, and 3.11 of the Unicode Standard, also summarized under [Annex 4: Decomposition](https://www.unicode.org/reports/tr15/tr15-23.html#Decomposition).
+The decomposeDiacriticalMarks transform uses the [Normalizer library](https://docs.oracle.com/javase/7/docs/api/java/text/Normalizer.html) to decompose the diacritical marks. It specifically uses the Normalization Form KD (NFKD), as described in Sections 3.6, 3.10, and 3.11 of the Unicode Standard, also summarized under [Annex 4: Decomposition](https://www.unicode.org/reports/tr15/tr15-23.html#Decomposition).
After decomposition, the transform uses a [Regex Replace](https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html) to replace all diacritical marks by using the `InCombiningDiacriticalMarks` property of Unicode (ex. `replaceAll("[\\p{InCombiningDiacriticalMarks}]", "")`).
@@ -95,7 +95,7 @@ Output: "Dubcek"
## Testing
-To run some tests in code, use this java code to compare the results of what the transform does to what your code does:
+To run some tests in code, use this java code to compare the results of what the transform does to what your code does:
```java
import java.text.Normalizer;
diff --git a/docs/guides.md b/docs/guides.md
index 5c9e53525..1fd825bb6 100644
--- a/docs/guides.md
+++ b/docs/guides.md
@@ -6,13 +6,14 @@ sidebar_label: Guides
sidebar_position: 1
sidebar_class_name: guides
keywords: ['guides']
-description: ISC guides.
+description: ISC guides.
slug: /guides
tags: ['guides']
---
-## Overview
-Identity Security Cloud (ISC) has all sorts of potential specific solutions you can implement as long as you know how. These specific solutions may either not fall into one of the extensibility, connectivity, tools, or reporting categories, or they may fall into multiple categories. Read these guides to learn how to implement these specific solutions.
+## Overview
+
+Identity Security Cloud (ISC) has all sorts of potential specific solutions you can implement as long as you know how. These specific solutions may either not fall into one of the extensibility, connectivity, tools, or reporting categories, or they may fall into multiple categories. Read these guides to learn how to implement these specific solutions.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
@@ -21,7 +22,8 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
-## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+## Discuss
-To learn more about these ISC topics and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
\ No newline at end of file
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+
+To learn more about these ISC topics and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/guides/disable-access-profile-requests.md b/docs/guides/disable-access-profile-requests.md
index 814f63a79..b6863db4f 100644
--- a/docs/guides/disable-access-profile-requests.md
+++ b/docs/guides/disable-access-profile-requests.md
@@ -11,30 +11,38 @@ slug: /guides/disable-access-profile-requests
tags: ['AccessProfileRequestManagement']
---
-## Overview
-In Identity Security Cloud, [access profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) are groups of [entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html), which represent access rights on [sources](https://documentation.sailpoint.com/saas/help/sources/index.html). By default, all access profiles are marked as requestable. This means that an organization's users can submit [access requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for the access profiles in the Identity Security Cloud [Request Center](https://documentation.sailpoint.com/saas/user-help/requests/request_center.html), where all access profiles are listed.
+## Overview
-You can disable requests for access profiles to prevent users from gaining inappropriate or undesired access. In the UI, you can edit the [individual access profile](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#configuring-access-profiles-for-requests) to disable requests for the access profile. You can also use the [PATCH Access Profile endpoint](https://developer.sailpoint.com/docs/api/v3/patch-access-profile) to mark the individual access profile as non-requestable.
+In Identity Security Cloud, [access profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) are groups of [entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html), which represent access rights on [sources](https://documentation.sailpoint.com/saas/help/sources/index.html). By default, all access profiles are marked as requestable. This means that an organization's users can submit [access requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for the access profiles in the Identity Security Cloud [Request Center](https://documentation.sailpoint.com/saas/user-help/requests/request_center.html), where all access profiles are listed.
-You may have many access profiles that you want to disable requests for, and you don't want one to get overlooked and then inappropriately accessed. There are three different processes you can use to ensure that you have disabled requests for all access profiles that aren't currently associated with [applications](https://documentation.sailpoint.com/saas/help/common/app-config.html) configured for access requests. Read this guide to learn how to perform these processes.
+You can disable requests for access profiles to prevent users from gaining inappropriate or undesired access. In the UI, you can edit the [individual access profile](https://documentation.sailpoint.com/saas/help/requests/config_ap_roles.html#configuring-access-profiles-for-requests) to disable requests for the access profile. You can also use the [PATCH Access Profile endpoint](https://developer.sailpoint.com/docs/api/v3/patch-access-profile) to mark the individual access profile as non-requestable.
+
+You may have many access profiles that you want to disable requests for, and you don't want one to get overlooked and then inappropriately accessed. There are three different processes you can use to ensure that you have disabled requests for all access profiles that aren't currently associated with [applications](https://documentation.sailpoint.com/saas/help/common/app-config.html) configured for access requests. Read this guide to learn how to perform these processes.
## Disable requests for individual access profiles with the UI
+
Follow these steps to use the Identity Security Cloud UI to individually disable requests for all access profiles that aren't currently associated with applications:
-1. Identify the access profiles that are associated with applications configured for access requests. Create a list of these associated access profiles.
-- Go to **Admin > Applications** and open each application you use for access requests. These applications have both 'Visible in the Request Center' and 'Allow Access Requests' marked on the 'Configuration' tab.
+1. Identify the access profiles that are associated with applications configured for access requests. Create a list of these associated access profiles.
+
+- Go to **Admin > Applications** and open each application you use for access requests. These applications have both 'Visible in the Request Center' and 'Allow Access Requests' marked on the 'Configuration' tab.
- Go to the application's 'Access' tab and capture the names of each application's associated access profiles, recording them in your list of access profiles.
-2. Edit each access profile that is **not** in your list to disable access requests.
-- Go to **Admin > Access > Access Profiles** to view a list of all access profiles.
-- For each access profile that isn't in your list of those associated with applications configured for access requests, select 'Edit', go to the 'Access Requests' tab, and disable 'Allow Access Requests'. Then save your changes.
-Once you have performed this process, all the access profiles that aren't currently associated with applications will no longer be requestable.
+2. Edit each access profile that is **not** in your list to disable access requests.
-## Disable requests for individual access profiles with the API
-Follow these steps to use two API endpoints to individually disable access requests for all access profiles that aren't currently associated with applications:
+- Go to **Admin > Access > Access Profiles** to view a list of all access profiles.
+- For each access profile that isn't in your list of those associated with applications configured for access requests, select 'Edit', go to the 'Access Requests' tab, and disable 'Allow Access Requests'. Then save your changes.
+
+Once you have performed this process, all the access profiles that aren't currently associated with applications will no longer be requestable.
+
+## Disable requests for individual access profiles with the API
+
+Follow these steps to use two API endpoints to individually disable access requests for all access profiles that aren't currently associated with applications:
+
+1. Use the [Search endpoint](https://developer.sailpoint.com/docs/api/v3/search-post) to identify the access profiles that are **not** associated with applications configured for access requests. Sending the following query will return a list of these unassociated access profiles.
+
+- Provide this request body. It will return all access profiles that have a null or empty `apps` list.
-1. Use the [Search endpoint](https://developer.sailpoint.com/docs/api/v3/search-post) to identify the access profiles that are **not** associated with applications configured for access requests. Sending the following query will return a list of these unassociated access profiles.
-- Provide this request body. It will return all access profiles that have a null or empty `apps` list.
```
{
"queryDsl": {
@@ -62,9 +70,13 @@ Follow these steps to use two API endpoints to individually disable access reque
]
}
```
-- The response body will include all the details of each unassociated access profile. Extract the `id` for each access profile returned.
-2. Use the [PATCH Access Profile endpoint](https://developer.sailpoint.com/docs/api/v3/patch-access-profile) and provide the unassociated access profile's `id` to update the specified access profile's `requestable` field.
-- Provide this request body. It will use the `replace` operation to update the value in the specified access profile's `requestable` path to `false`.
+
+- The response body will include all the details of each unassociated access profile. Extract the `id` for each access profile returned.
+
+2. Use the [PATCH Access Profile endpoint](https://developer.sailpoint.com/docs/api/v3/patch-access-profile) and provide the unassociated access profile's `id` to update the specified access profile's `requestable` field.
+
+- Provide this request body. It will use the `replace` operation to update the value in the specified access profile's `requestable` path to `false`.
+
```
[
{
@@ -74,14 +86,19 @@ Follow these steps to use two API endpoints to individually disable access reque
}
]
```
-- After a successful PATCH update, the response body will include all the specified access profile's details, including the updated `false` value in the `requestable` path.
-Once you have performed this process for each of the unassociated access profiles returned in your search, all the access profiles that aren't associated with applications will no longer be requestable.
+- After a successful PATCH update, the response body will include all the specified access profile's details, including the updated `false` value in the `requestable` path.
+
+Once you have performed this process for each of the unassociated access profiles returned in your search, all the access profiles that aren't associated with applications will no longer be requestable.
+
+## Bulk disable requests for access profiles with the API
+
+Follow these steps to use two API endpoints to bulk disable access requests for all access profiles that aren't currently associated with applications:
+
+1. Use the [Search endpoint](https://developer.sailpoint.com/docs/api/v3/search-post) to identify the access profiles that are **not** associated with applications configured for access requests. Sending the following query will return a list of these unassociated access profiles.
+
+- Provide this request body. It will return all access profiles that have a null or empty `apps` list.
-## Bulk disable requests for access profiles with the API
-Follow these steps to use two API endpoints to bulk disable access requests for all access profiles that aren't currently associated with applications:
-1. Use the [Search endpoint](https://developer.sailpoint.com/docs/api/v3/search-post) to identify the access profiles that are **not** associated with applications configured for access requests. Sending the following query will return a list of these unassociated access profiles.
-- Provide this request body. It will return all access profiles that have a null or empty `apps` list.
```
{
"queryDsl": {
@@ -109,9 +126,13 @@ Follow these steps to use two API endpoints to bulk disable access requests for
]
}
```
+
- The response body will include all the details of each unassociated access profile. Extract the `id` for each access profile returned.
-2. Use the [Update Requestability for Access Profiles endpoint](https://developer.sailpoint.com/docs/api/beta/update-access-profiles-in-bulk) and provide every unassociated access profile's `id`, along with the updated values for their `requestable` fields.
-- Provide this request body. It can bulk update all the access profiles you specify - you just need to specify each access profile's `id` and the `requestable` value you want for the access profile.
+
+2. Use the [Update Requestability for Access Profiles endpoint](https://developer.sailpoint.com/docs/api/beta/update-access-profiles-in-bulk) and provide every unassociated access profile's `id`, along with the updated values for their `requestable` fields.
+
+- Provide this request body. It can bulk update all the access profiles you specify - you just need to specify each access profile's `id` and the `requestable` value you want for the access profile.
+
```
[
{
@@ -124,6 +145,7 @@ Follow these steps to use two API endpoints to bulk disable access requests for
}
]
```
-- After a successful update, the response body will include the `id` and new `requestable` values for all the updated access profiles, along with confirmations that they were successfully updated.
-Once you have performed this process for all the unassociated access profiles returned in your search, all the access profiles that aren't associated with applications will no longer be requestable.
\ No newline at end of file
+- After a successful update, the response body will include the `id` and new `requestable` values for all the updated access profiles, along with confirmations that they were successfully updated.
+
+Once you have performed this process for all the unassociated access profiles returned in your search, all the access profiles that aren't associated with applications will no longer be requestable.
diff --git a/docs/guides/ip-address-allow-list.md b/docs/guides/ip-address-allow-list.md
index 36f274b55..c62e2309f 100644
--- a/docs/guides/ip-address-allow-list.md
+++ b/docs/guides/ip-address-allow-list.md
@@ -5,10 +5,10 @@ pagination_label: IP Address Allow List
sidebar_label: IP Address Allow List
sidebar_position: 2
sidebar_class_name: allowList
-keywords: ['connectivity', 'connectors', 'workflows', 'allowlist','ip address']
+keywords: ['connectivity', 'connectors', 'workflows', 'allowlist', 'ip address']
description: Create an IP Address Allow List​.
slug: /guides/ip-address-allow-list
-tags: ['Connectivity', 'connectors', 'workflows', 'allowlist','ip address']
+tags: ['Connectivity', 'connectors', 'workflows', 'allowlist', 'ip address']
---
## Overview
@@ -59,7 +59,7 @@ def find_aws_region(ip):
print(region)
# simply add your IP address here:
-find_aws_region('54.234.204.155')
+find_aws_region('54.234.204.155')
```
## Using your region to create the allow-list URL
@@ -87,11 +87,11 @@ https://files.accessiq.sailpoint.com/network/us-east-1/source_ips.yaml
which will result in a file similar to the following:
```yaml
-"region": "us-east-1"
-"source_ips":
-- "52.204.100.58/32"
-- "52.205.92.24/32"
-- "52.206.146.115/32"
+'region': 'us-east-1'
+'source_ips':
+ - '52.204.100.58/32'
+ - '52.205.92.24/32'
+ - '52.206.146.115/32'
```
These IP Address ranges can now be used as an allow list to permit any call from your Identity Security Cloud tenant to access your internal network.
diff --git a/docs/guides/service-accounts.md b/docs/guides/service-accounts.md
index d3235dccf..5f01b77ca 100644
--- a/docs/guides/service-accounts.md
+++ b/docs/guides/service-accounts.md
@@ -15,11 +15,11 @@ tags: ['Service Account', 'Authentication']
Service accounts are identities in Identity Security Cloud (ISC) that aren't real people. Their purpose is to provide credentials for automation services that can be managed and controlled separately from real identities. As a developer of integrations with ISC, there are two main advantages of creating service accounts: you can scope access to the least privilege necessary to do the job, and you can ensure that your integration's access doesn't end when you leave your organization. If you use your user account to generate credentials for integrations, they are tied to your level of access (i.e. admin) and can be revoked when you leave the organization - this could cause downtime in your integrations.
-Read this guide to learn how to create service accounts and implement them.
+Read this guide to learn how to create service accounts and implement them.
### Implementing service accounts
-Any authoritative source can be used to create and manage service accounts, with Active Directory (AD) being a likely choice. Using AD to create service accounts is advantageous because doing so provisions your service accounts with unique email addresses that can be used to log in to ISC as the service account. However, if you don't want to create service accounts by using AD, you can use a flat file source to create and manage your accounts.
+Any authoritative source can be used to create and manage service accounts, with Active Directory (AD) being a likely choice. Using AD to create service accounts is advantageous because doing so provisions your service accounts with unique email addresses that can be used to log in to ISC as the service account. However, if you don't want to create service accounts by using AD, you can use a flat file source to create and manage your accounts.
### Create a delimited file source
@@ -52,7 +52,7 @@ If it's successful, you will see one account imported.
### Make the source authoritative
-The service account source must be authoritative to be able to create new identities for each service account. This will allow you to log in as the service account to generate access tokens.
+The service account source must be authoritative to be able to create new identities for each service account. This will allow you to log in as the service account to generate access tokens.
To make the service account source authoritative, you must create a new identity profile and link it to your source.
@@ -69,11 +69,11 @@ Configure the identity profile as you want. Once it's configured, go to the 'Map
-Click 'Save' and then 'Apply Changes' to create the first identity from the service accounts source. Once the identity is created, you may need to manually send the invite. To do so, go to the identity list and search for the account's name (ex. `audit01`).
+Click 'Save' and then 'Apply Changes' to create the first identity from the service accounts source. Once the identity is created, you may need to manually send the invite. To do so, go to the identity list and search for the account's name (ex. `audit01`).
-If you have not received the invite, check your junk folder or deleted folder because the invite may have been automatically filtered by your email provider. Once you receive the invite, follow the steps to register your service account. Once your service account user is registered, log in as the service account with the password you created for it.
+If you have not received the invite, check your junk folder or deleted folder because the invite may have been automatically filtered by your email provider. Once you receive the invite, follow the steps to register your service account. Once your service account user is registered, log in as the service account with the password you created for it.
diff --git a/docs/iiq/plugin-developer-guide/appendix-a/index.md b/docs/iiq/plugin-developer-guide/appendix-a/index.md
index 423e8fd93..68493b559 100644
--- a/docs/iiq/plugin-developer-guide/appendix-a/index.md
+++ b/docs/iiq/plugin-developer-guide/appendix-a/index.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide_appendix_migration
keywords: ['plugin']
description: Migration from IdentityIQ 7.0 to 7.1
slug: /iiq/plugin-developer-guide/appendix-migration
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Appendix A - Plugin Migration 7.0 to 7.1
@@ -19,44 +19,44 @@ The 7.1 Plugin Framework provides a dynamic, plugin-specific class loader. It al
The object model for plugins has also changed somewhat. This table maps the old (7.0) plugin object model to the new (7.1+) plugin object model:
-|**7.0 Object Model**|**7.1 Object Model**|
-| --- | --- |
-|uniqueName|name|
-|displayName|displayName|
-|enabled|disabled|
-|installationDate|installDate|
-|version|version|
-|order|position|
-|vendorName|n/a|
-|vendorID|n/a|
-|visible|n/a|
-|allowDisable|n/a|
-|allowUninstall|n/a|
-|minUpgradeableVersion|minUpgradeableVersion|
-|minFrameworkVersion|minSystemVersion|
-|maxFrameworkVersion|maxSystemVersion|
-|installationMode|n/a|
-|configurationSettings|attributes|
-|certificationLevel|certificationLevel|
-|pluginAccessRight|rightRequired|
+| **7.0 Object Model** | **7.1 Object Model** |
+| --------------------- | --------------------- |
+| uniqueName | name |
+| displayName | displayName |
+| enabled | disabled |
+| installationDate | installDate |
+| version | version |
+| order | position |
+| vendorName | n/a |
+| vendorID | n/a |
+| visible | n/a |
+| allowDisable | n/a |
+| allowUninstall | n/a |
+| minUpgradeableVersion | minUpgradeableVersion |
+| minFrameworkVersion | minSystemVersion |
+| maxFrameworkVersion | maxSystemVersion |
+| installationMode | n/a |
+| configurationSettings | attributes |
+| certificationLevel | certificationLevel |
+| pluginAccessRight | rightRequired |
-Gone in 7.1 is the idea of a plugin configuration model, and a snippet model. Instead, these elements have been rolled into the 'PluginAttributes' map that appears in the 'manifest.xml' file required by each plugin. The 'fullPage' object is now a single entry in the attributes mapping, which only holds the title of the 'fullPage'. Snippets move into a 'List' entry key in the attributes map. For each snippet entry in the 'List', implementers can define a regular expression 'regexPattern' to match against, the 'rightRequired' to see the snippet, and then a list of and that determine the look and action of the snippet.
+Gone in 7.1 is the idea of a plugin configuration model, and a snippet model. Instead, these elements have been rolled into the 'PluginAttributes' map that appears in the 'manifest.xml' file required by each plugin. The 'fullPage' object is now a single entry in the attributes mapping, which only holds the title of the 'fullPage'. Snippets move into a 'List' entry key in the attributes map. For each snippet entry in the 'List', implementers can define a regular expression 'regexPattern' to match against, the 'rightRequired' to see the snippet, and then a list of and that determine the look and action of the snippet.
-The most readily apparent change in plugin definition going from 7.0 to 7.1 is the location of each setting's plugins. Previously, developers could define a URL to a settings page ('settingsPageTemplateURL') that they could completely customize. In 7.1, in order to support future portability and support, the settings page has been removed, and individual plugin settings have been internalized to the 'manifest.xm'l file. These settings are now defined in a 'Settings' list in the 'PluginAttributes' map. Each element of the list is a 'Setting', which can have the following defined:
+The most readily apparent change in plugin definition going from 7.0 to 7.1 is the location of each setting's plugins. Previously, developers could define a URL to a settings page ('settingsPageTemplateURL') that they could completely customize. In 7.1, in order to support future portability and support, the settings page has been removed, and individual plugin settings have been internalized to the 'manifest.xm'l file. These settings are now defined in a 'Settings' list in the 'PluginAttributes' map. Each element of the list is a 'Setting', which can have the following defined:
-|Attribute Name|Description|
-|---|---|
-|name|Name of the current setting|
-|dataType|Setting type (Ex. string or int or boolean)|
-|value|Value for the setting|
-|label|Display label for the setting|
-|helpText|Associated help text for the setting|
-|allowedValues|List of allowed values for dropdown population|
-|defaultValue|Default value for the setting|
+| Attribute Name | Description |
+| -------------- | ---------------------------------------------- |
+| name | Name of the current setting |
+| dataType | Setting type (Ex. string or int or boolean) |
+| value | Value for the setting |
+| label | Display label for the setting |
+| helpText | Associated help text for the setting |
+| allowedValues | List of allowed values for dropdown population |
+| defaultValue | Default value for the setting |
## Convert manifest
-The first step in migrating a plugin from 7.0 to 7.1 is to review the changes that are required to move the 'manifest.xml' file to the 7.1 format. Refer to the previous chart when you're mapping old attributes to new ones. Move any plugin related settings from the unique page previously specified in the 'settingsPageTemplateURL' to the attributes map of the manifest object itself. If the previous unique page was complex, you may need to refactor the way these settings are selected.
+The first step in migrating a plugin from 7.0 to 7.1 is to review the changes that are required to move the 'manifest.xml' file to the 7.1 format. Refer to the previous chart when you're mapping old attributes to new ones. Move any plugin related settings from the unique page previously specified in the 'settingsPageTemplateURL' to the attributes map of the manifest object itself. If the previous unique page was complex, you may need to refactor the way these settings are selected.
## Update UI
@@ -70,43 +70,42 @@ Refactor old JAX-RS based REST service classes that extended 'sailpoint.plugin.r
Any 7.0 plugins that extended the 'AbstractPluginBackgroundService' for a background service will now need to extend 'sailpoint.server.BasePluginService'. Details on this new class are elsewhere in this document. In addition to refactoring the service class itself, care should be taken to also modify the 'ServiceDefinition' XML object. The 'implementationClass' attribute entry is now gone. Instead, the 'executor' attribute will now change from 'sailpoint.plugin.server.PluginServiceExecutor' to the actual service that used to be listed in the 'implementationClass' entry.
-
### Example: A prior ServiceDefinition in 7.0
```xml
-
-
-
-
-
- A Service to demo something that runs in the background
-
-
-
-
-
+
+
+
+
+
+ A Service to demo something that runs in the background
+
+
+
+
+
```
### Example: The same ServiceDefinition in 7.1
```xml
-
-
-
-
-
- A Service to demo something that runs in the background
-
-
-
-
-
+
+
+
+
+
+ A Service to demo something that runs in the background
+
+
+
+
+
```
@@ -132,4 +131,4 @@ Due to the changes in how plugins are loaded and the inheritance of the object c
-```
\ No newline at end of file
+```
diff --git a/docs/iiq/plugin-developer-guide/appendix-b/index.md b/docs/iiq/plugin-developer-guide/appendix-b/index.md
index 2052e995e..821bb7bac 100644
--- a/docs/iiq/plugin-developer-guide/appendix-b/index.md
+++ b/docs/iiq/plugin-developer-guide/appendix-b/index.md
@@ -8,14 +8,15 @@ sidebar_class_name: plugin_developer_guide_updates
keywords: ['plugin']
description: IdentityIQ 8.0 Updates
slug: /iiq/plugin-developer-guide/updates
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
+
# Appendix B - 8.0 Updates
Version 8.0 of IdentityIQ offers a number of enhancements to plugins:
-* Classes contained in a plugin can be leveraged from any area or feature of IdentityIQ where BeanShell can be used, such as rules, workflow steps, and scriptlets. Version 8.0 also provides mechanisms for limiting or blocking scripting access to plugin classes as needed, and some new IIQ console commands to support troubleshooting of plugin classes.
-* Support for forms in the plugin configuration UI, giving you new ways to present complex or dynamic options in the plugin's configuration page.
-* Stricter handling of executors for tasks, services, and policies, with a global configuration option allowing you to "relax" the stricter declarations for legacy plugins, to help with forward compatibility.
+- Classes contained in a plugin can be leveraged from any area or feature of IdentityIQ where BeanShell can be used, such as rules, workflow steps, and scriptlets. Version 8.0 also provides mechanisms for limiting or blocking scripting access to plugin classes as needed, and some new IIQ console commands to support troubleshooting of plugin classes.
+- Support for forms in the plugin configuration UI, giving you new ways to present complex or dynamic options in the plugin's configuration page.
+- Stricter handling of executors for tasks, services, and policies, with a global configuration option allowing you to "relax" the stricter declarations for legacy plugins, to help with forward compatibility.
-A further detailed explanation of enhancements can be found here: [IdentityIQ 8.0: Plugin Enhancements](https://community.sailpoint.com/docs/DOC-13331)
\ No newline at end of file
+A further detailed explanation of enhancements can be found here: [IdentityIQ 8.0: Plugin Enhancements](https://community.sailpoint.com/docs/DOC-13331)
diff --git a/docs/iiq/plugin-developer-guide/chapter-1/index.md b/docs/iiq/plugin-developer-guide/chapter-1/index.md
index 1dc24079c..e533c6e83 100644
--- a/docs/iiq/plugin-developer-guide/chapter-1/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-1/index.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide_overview
keywords: ['plugin']
description: IdentityIQ Plugin Developer Guide Overview
slug: /iiq/plugin-developer-guide/overview
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Overview
@@ -19,7 +19,7 @@ The first iteration of the plugin framework was released as an add-on to Identit
Developing a plugin requires a fairly robust knowledge of IdentityIQ and its object model, Java, JavaScript, CSS, and SQL. This document is designed to provide development guidance at a high level - it goes over what the components of a plugin are, which components are required, and how those objects interact. Language specific tutorials are beyond its scope. Throughout this document, examples will be taken and discussed from the 'TodoPlugin'.
-*A quick note about plugin loading...*
+_A quick note about plugin loading..._
Before getting into the structure of a plugin project and why it is important, it may be helpful to understand how a plugin is represented in IdentityIQ once installed. IdentityIQ stores the '.zip' archive file of the plugin in the IdentityIQ database in a data LONGBLOB in the 'spt_file_bucket' table. The data in the 'spt_file_bucket' table is referenced (by 'id') to an entry in the 'spt_persisted_file' table as shown below.
@@ -33,20 +33,20 @@ A plugin is defined in IdentityIQ by the 'Plugin' XML object. This object define
**Plugin Model Attributes**
-|**Attribute Name**|**Description**|
-| --- | --- |
-|name|Unique Name of the Plugin|
-|installDate|Date when plugin was installed|
-|displayName|Plugin's display name|
-|certificationLevel|Plugin's certification level|
-|disabled|Plugin's status|
-|rightRequired|SPRIGHT required for this plugin|
-|position|TBD|
-|version|Plugin's version|
-|minSystemVersion|Minimum IdentityIQ version the plugin will run on|
-|maxSystemVersion|Maximum IdentityIQ version the plugin will run on|
-|attributes|List of configurable attributes|
-|file|Reference to the persisted file in the database|
+| **Attribute Name** | **Description** |
+| ------------------ | ------------------------------------------------- |
+| name | Unique Name of the Plugin |
+| installDate | Date when plugin was installed |
+| displayName | Plugin's display name |
+| certificationLevel | Plugin's certification level |
+| disabled | Plugin's status |
+| rightRequired | SPRIGHT required for this plugin |
+| position | TBD |
+| version | Plugin's version |
+| minSystemVersion | Minimum IdentityIQ version the plugin will run on |
+| maxSystemVersion | Maximum IdentityIQ version the plugin will run on |
+| attributes | List of configurable attributes |
+| file | Reference to the persisted file in the database |
## Plugin Structure
@@ -54,7 +54,7 @@ A basic plugin will consist of a manifest file, database scripts, IdentityIQ obj
-These are the main build components:
+These are the main build components:
1. Manifest file
2. Build file(s)
@@ -63,4 +63,4 @@ These are the main build components:
5. XML Artifacts
6. Java Classes
-Each build component is described in more detail in each chapter of this guide.
\ No newline at end of file
+Each build component is described in more detail in each chapter of this guide.
diff --git a/docs/iiq/plugin-developer-guide/chapter-2/index.md b/docs/iiq/plugin-developer-guide/chapter-2/index.md
index 96d96d800..7a527ecf3 100644
--- a/docs/iiq/plugin-developer-guide/chapter-2/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-2/index.md
@@ -8,67 +8,67 @@ sidebar_class_name: plugin_developer_guide_manifest
keywords: ['plugin']
description: IdentityIQ Plugin Manifest File
slug: /iiq/plugin-developer-guide/manifest
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Manifest File
A plugin is defined in IdentityIQ by the 'Plugin' XML object that defines the parameters of the plugin. Features such as REST resources, snippets, settings, etc. are defined in these parameters. The 'Plugin' object is defined in the 'manifest.xml' file. This is a required artifact. The 'Todo' plugin manifest will be examined:
- ```xml
+```xml
-
-
-
+
+
+
```
@@ -80,7 +80,6 @@ A plugin is defined in IdentityIQ by the 'Plugin' XML object that defines the pa
- **Line 28-37** - specifies the settings that are end-user configurable for this plugin.
- **Line 38-51** - lists the various snippets that can be injected into IdentityIQ pages, the match criteria, and the content and style of the snippet.
-
## Settings
Plugin settings are attributes that are available for the end-user/system administrator to modify as part of their installation. The example from the 'Todo' plugin has four settings available that control default values for certain elements, as well as whether or not 'Todo' entries can be deleted in the UI. Settings appear to the end user when they click the 'Configure' button for the specific plugin on the 'Plugins' dashboard.
@@ -91,61 +90,61 @@ One concept not shown in the 'Todo' plugin example, the concept of 'allowed valu
Plugin setting object can be used to represent a single setting the settings/configuration page for a Plugin. Each object is used to represent a single configurable setting on the settings page.
-|Attribute Name|Description|
-|---|---|
-|name|Name of the current setting|
-|dataType|Setting type ( Ex. string or int or boolean)|
-|value|Value for the setting|
-|label|Display label for the setting|
-|helpText|Associated help text for the setting|
-|allowedValues|List of allowed values for dropdown population|
-|defaultValue|The default value for the setting|
+| Attribute Name | Description |
+| -------------- | ---------------------------------------------- |
+| name | Name of the current setting |
+| dataType | Setting type ( Ex. string or int or boolean) |
+| value | Value for the setting |
+| label | Display label for the setting |
+| helpText | Associated help text for the setting |
+| allowedValues | List of allowed values for dropdown population |
+| defaultValue | The default value for the setting |
## Snippets
Snippets are small, configurable pieces of code that can be injected into the rendering of normal IdentityIQ UI pages. A snippet contains four equally important components:
-|**Attribute Name**|**Description**|
+| **Attribute Name** | **Description** |
| --- | --- |
-|regexPattern|Regular expression pattern run against the current URL in the browser - if the URL matches the pattern, the snippet will attempt to display.|
-|rightRequired|Determines the scope of users allowed to view the snippet element - this should reference an IdentityIQ 'SPRight' object.|
-|scripts|List of scripts to run when a particular URL matches the `regexPattern`. Normally this will consist of injecting an element into the DOM of the page. The 'Todo' example's 'hearder.js' file uses JQuery for this purpose.|
-|styleSheets|list of any css files that are required by Snippet Scripts|
+| regexPattern | Regular expression pattern run against the current URL in the browser - if the URL matches the pattern, the snippet will attempt to display. |
+| rightRequired | Determines the scope of users allowed to view the snippet element - this should reference an IdentityIQ 'SPRight' object. |
+| scripts | List of scripts to run when a particular URL matches the `regexPattern`. Normally this will consist of injecting an element into the DOM of the page. The 'Todo' example's 'hearder.js' file uses JQuery for this purpose. |
+| styleSheets | list of any css files that are required by Snippet Scripts |
The 'Todo' plugin snippet creates a new top level icon on every page of the IdentityIQ UI, which is visible to someone with the `ViewTodoPluginIcon` SPRight.
- ```xml
-
-
-
-
-
- ui/js/snippets/header.js
-
-
- ui/css/todo.css
-
-
-
-
-
+```xml
+
+
+
+
+
+ ui/js/snippets/header.js
+
+
+ ui/css/todo.css
+
+
+
+
+
```
The script, `header.js` looks for `ul.navbar-right li:first`. Then, using the JQuery operation `.before()`, the script injects an icon link pointing to the fullPage (/plugins/pluginPage.jsf?pn=TodoPlugin) of the 'Todo' plugin.
-
```javascript
var url = SailPoint.CONTEXT_PATH + '/plugins/pluginPage.jsf?pn=TodoPlugin';
-jQuery(document).ready(function(){
- jQuery("ul.navbar-right li:first")
- .before(
- '
',
+ );
});
```
@@ -153,4 +152,4 @@ For reference, if you were to inspect any page of the IdentityIQ UI using a util
The end result of this snippet is shown here, with the icon properly inserted before the other items in the `navbar-right` list:
-
\ No newline at end of file
+
diff --git a/docs/iiq/plugin-developer-guide/chapter-3/index.md b/docs/iiq/plugin-developer-guide/chapter-3/index.md
index 73a236413..f2b1030bb 100644
--- a/docs/iiq/plugin-developer-guide/chapter-3/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-3/index.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide_build_file
keywords: ['plugin']
description: IdentityIQ Plugin Build File
slug: /iiq/plugin-developer-guide/build-file
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Build File
@@ -24,7 +24,6 @@ version=2.0.0
The earlier example illustrates how a properties file can be leveraged to allow multiple developers to use the same build process, despite having different build environments. The actual 'build.xml' file is fairly straightforward, and it's responsible for creating the build directory, compiling any java classes, packaging those compiled classes into a .jar archive, and then archiving the complete plugin in .zip format. A more detailed explanation is provided for the 'Todo' plugin build file.
-
```xml
@@ -32,13 +31,13 @@ The earlier example illustrates how a properties file can be leveraged to allow
-
+
-
+
@@ -47,30 +46,30 @@ The earlier example illustrates how a properties file can be leveraged to allow
-
+
-
+
-
+
-
+
-
+
-
+
@@ -101,4 +100,4 @@ The earlier example illustrates how a properties file can be leveraged to allow
## Java versions
-When you're developing a plugin, complications can arise when the plugin is built using a different version of Java (newer) than that deployed on the application server(s) hosting IdentityIQ. To avoid this issue, it is recommended that the 'javac' argument in the build.xml file be parametrized with the most compatible Java version available. IdentityIQ 7.1 supports both Java 1.7 and 1.8, so setting the compilation to be 1.7 compatible is a good idea. To do so, add the property 'target' to the 'javac' directive, and set it equal to '1.7', or whatever version is being targeted. You can find an example of this process in **line 24** of the earlier example.
+When you're developing a plugin, complications can arise when the plugin is built using a different version of Java (newer) than that deployed on the application server(s) hosting IdentityIQ. To avoid this issue, it is recommended that the 'javac' argument in the build.xml file be parametrized with the most compatible Java version available. IdentityIQ 7.1 supports both Java 1.7 and 1.8, so setting the compilation to be 1.7 compatible is a good idea. To do so, add the property 'target' to the 'javac' directive, and set it equal to '1.7', or whatever version is being targeted. You can find an example of this process in **line 24** of the earlier example.
diff --git a/docs/iiq/plugin-developer-guide/chapter-4/index.md b/docs/iiq/plugin-developer-guide/chapter-4/index.md
index 9c4c14241..699bff9b0 100644
--- a/docs/iiq/plugin-developer-guide/chapter-4/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-4/index.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide_database_scripts
keywords: ['plugin']
description: IdentityIQ Plugin Database Scripts
slug: /iiq/plugin-developer-guide/database-scripts
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Database Scripts
@@ -19,4 +19,4 @@ For plugin creation, create a folder called 'db' in your project directory. Furt
-The scripts placed in these folders automatically run when a plugin is installed or deleted with the UI. It is recommended that developers include scripts for the four major database types supported by IdentityIQ: MySQL, SQLServer, DB2, and Oracle. Otherwise, developers should ensure that they document which databases are supported. The 'upgrade' folder will contain any deltas in table definitions from prior versions of the plugin.
\ No newline at end of file
+The scripts placed in these folders automatically run when a plugin is installed or deleted with the UI. It is recommended that developers include scripts for the four major database types supported by IdentityIQ: MySQL, SQLServer, DB2, and Oracle. Otherwise, developers should ensure that they document which databases are supported. The 'upgrade' folder will contain any deltas in table definitions from prior versions of the plugin.
diff --git a/docs/iiq/plugin-developer-guide/chapter-5/index.md b/docs/iiq/plugin-developer-guide/chapter-5/index.md
index 331c00c16..6515051a9 100644
--- a/docs/iiq/plugin-developer-guide/chapter-5/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-5/index.md
@@ -8,11 +8,12 @@ sidebar_class_name: plugin_developer_guide_ui_elements
keywords: ['plugin']
description: IdentityIQ Plugin UI Elements
slug: /iiq/plugin-developer-guide/ui-elements
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
+
# UI Elements
-Most plugins will have some additional UI component that will display in IdentityIQ. You can use images, CSS files, HTML templates, and JavaScript to provide the interactions and views required by the plugin. Plugins using a `fullPage` element will look for a file called 'page.xhtml' in the build.
+Most plugins will have some additional UI component that will display in IdentityIQ. You can use images, CSS files, HTML templates, and JavaScript to provide the interactions and views required by the plugin. Plugins using a `fullPage` element will look for a file called 'page.xhtml' in the build.
:::Note
@@ -51,27 +52,37 @@ me.viewFlaggedUsers = function() {
});
};
```
+
The 'TodoController' controller (and available methods) can then be referenced in `page.xhtml`.
```html
-
-
-
-
-
+
+
+
+
+
```
+
- **Line 2** - shows the angular controller `ng-controller` defined as 'TodoController' from **line 8** of 'TodoModule.js'.
- **Line 4** - example of accessing controller method `viewFlaggedUsers` from **line 21** of 'TodoModule.js'.
-This example demonstrates how to use the Angular concept of the modal within a plugin. In the 'Todo' plugin, if the user clicks the 'Flagged Users' button as defined on the `fullPage`, it will switch context to the page defined by the ui/`html/flagged-template.html`, and swap the AngularJS controller to `FlaggedUserCtrl`. The behavior of this modal dialogue is essentially the same as the `fullPage` 'page.xhtml' - it accesses information by the controller, which may rely on backend Java classes to produce data. Notice that to reference the .html template for the flagged users, the example uses the `PluginHelper` classes' method `getPluginFileUrl` - this allows for fetching the plugin resource by a relative path as it would display in the installed .zip archive.
+This example demonstrates how to use the Angular concept of the modal within a plugin. In the 'Todo' plugin, if the user clicks the 'Flagged Users' button as defined on the `fullPage`, it will switch context to the page defined by the ui/`html/flagged-template.html`, and swap the AngularJS controller to `FlaggedUserCtrl`. The behavior of this modal dialogue is essentially the same as the `fullPage` 'page.xhtml' - it accesses information by the controller, which may rely on backend Java classes to produce data. Notice that to reference the .html template for the flagged users, the example uses the `PluginHelper` classes' method `getPluginFileUrl` - this allows for fetching the plugin resource by a relative path as it would display in the installed .zip archive.
One last aspect to remember for the `page.xhtml` is the necessity to include references to the JavaScript packages the plugin will use. Use this path to reference the packages: `#{plugins.requestContextPath}/plugin//path/to/js/files.js`.
```html
-
-
-
+
+
+
```
-The path to the page would be the following: `{serverpath}/plugins/pluginPage.jsf?pn={PluginName}`, where `PluginName` is the name of your plugin, as specified in the manifest, and `serverpath` is the path to your server.
\ No newline at end of file
+The path to the page would be the following: `{serverpath}/plugins/pluginPage.jsf?pn={PluginName}`, where `PluginName` is the name of your plugin, as specified in the manifest, and `serverpath` is the path to your server.
diff --git a/docs/iiq/plugin-developer-guide/chapter-6/index.md b/docs/iiq/plugin-developer-guide/chapter-6/index.md
index b12417ff0..bf4d95e5a 100644
--- a/docs/iiq/plugin-developer-guide/chapter-6/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-6/index.md
@@ -8,14 +8,14 @@ sidebar_class_name: plugin_developer_guide_xml_artifacts
keywords: ['plugin']
description: IdentityIQ Plugin XML Artifacts
slug: /iiq/plugin-developer-guide/xml-artifacts
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# XML Artifacts
Any IdentityIQ objects required as part of a plugin must be represented in XML artifacts. This can mean something as small as a single new SPRight object, such as the 'ViewTodoPluginIcon', or a complex workflow or rule. The mechanism used to import these artifacts during installation is the same as any other IdentityIQ object import, so the normal import actions are also available: merge, include, execute, logConfig.
-You can directly develop these XML artifacts in the build folder or in the IdentityIQ UI. You can then export them either by using the console or by copying and pasting them from the build's debug.
+You can directly develop these XML artifacts in the build folder or in the IdentityIQ UI. You can then export them either by using the console or by copying and pasting them from the build's debug.
When you're developing in the UI and then migrating the artifacts to your build folder, it is important to strip out some of the metadata that IdentityIQ attaches to XML objects when they're first created. First and foremost, you should remove the 'id' attribute assigned by 'Hibernate'. Then remove any other hibernate ID value references. For this reason, it is preferable to export the artifacts by using the IdentityIQ console command: './iiq export -clean'
@@ -25,4 +25,4 @@ The development of regular IdentityIQ objects is beyond the scope of this docume
[Technical White Papers - IdentityIQ](https://community.sailpoint.com/space/2068)
-[BeanShell Developer's Guide for IdentityIQ](https://community.sailpoint.com/docs/DOC-3375)
\ No newline at end of file
+[BeanShell Developer's Guide for IdentityIQ](https://community.sailpoint.com/docs/DOC-3375)
diff --git a/docs/iiq/plugin-developer-guide/chapter-7/index.md b/docs/iiq/plugin-developer-guide/chapter-7/index.md
index 0587d3463..9babfd7c0 100644
--- a/docs/iiq/plugin-developer-guide/chapter-7/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-7/index.md
@@ -6,27 +6,26 @@ sidebar_label: Java Classes - Rest Resources
sidebar_position: 7
sidebar_class_name: plugin_developer_guide_java_rest_resources
keywords: ['plugin']
-description: IdentityIQ Plugin Java Classes REST Resources
+description: IdentityIQ Plugin Java Classes REST Resources
slug: /iiq/plugin-developer-guide/java-classes-rest-resources
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Java Classes - REST Resources
-The plugin framework relies heavily on REST web services integration for the majority of CRUD (create, read, update, and delete) operations. To create a custom REST resource, there are a couple requirements. This guide will cover those requirements.
+The plugin framework relies heavily on REST web services integration for the majority of CRUD (create, read, update, and delete) operations. To create a custom REST resource, there are a couple requirements. This guide will cover those requirements.
## Extend BasePluginResource
The first step to creating a custom REST resource is to use the `BasePluginResource` class as the base class for all resources. It provides access to utility methods for accessing plugin settings, getting database connections and more.
- **getConnection** - Gets connection to the datasource specified in the iiq.properties file for the plugins
-- **getPluginName** - This method should be overriden to return the plugin's correct name.
+- **getPluginName** - This method should be overriden to return the plugin's correct name.
- **getSettingBool** - Gets value of boolean plugin setting for plugin name returned by `getPluginName()`.
- **getSettingInt** - Gets value of int plugin setting for plugin name returned by `getPluginName()`.
- **getSettingString** - Gets value of String plugin setting for plugin name returned by `getPluginName()`.
- **prepareStatement** - Convenience security method for getting Java `PreparedStatement` object for any required database queries - signature is `prepareStatement`(Connection, String, Object...) where the string would be the SQL statement you wish to execute and the object would be a list of the parameters values, if any, to be used.
-- **authorize** - This should be overridden by implementers, but by default it only ensures that SystemAdministrator can see everything.
- Additional methods should be introduced to handle the various endpoints required by the plugin.
+- **authorize** - This should be overridden by implementers, but by default it only ensures that SystemAdministrator can see everything. Additional methods should be introduced to handle the various endpoints required by the plugin.
## Secure endpoints
@@ -48,11 +47,11 @@ An annotation should have at least three parts
- **Line 1** - The HTTP method (GET, POST, PUT, DELETE, etc).
- **Line 2** - The path or endpoint - this can be parameterized, which is useful for pulling back a single record. The earlier example uses parameterization by adding the variable within {} tags to the end of the URL and also declaring the @PathParam "appName" in the input arguments of the method signature.
-- **Line 3** - The authorization of the method. The following values are allowed:
- - **@AllowAll** - Allows anyone to interrogate the endpoint.
- - **@RequiredRight("")** - Allows users with the named SPRight to access the endpoint.
- - **@SystemAdmin** - System administrator access only.
- - **@Deferred** - Authorization is deferred to the method. When this option is selected, the implementer must also create an `Authorizer` class that implements the `sailpoint.authorization.Authorize`r interface. The `Authorizer` class should override the `authorize(UserContext)` method of the base `Authorizer` interface. Inside the REST resource method, the author would then call `authorize()`. Here is a simple example:
+- **Line 3** - The authorization of the method. The following values are allowed:
+ - **@AllowAll** - Allows anyone to interrogate the endpoint.
+ - **@RequiredRight("")** - Allows users with the named SPRight to access the endpoint.
+ - **@SystemAdmin** - System administrator access only.
+ - **@Deferred** - Authorization is deferred to the method. When this option is selected, the implementer must also create an `Authorizer` class that implements the `sailpoint.authorization.Authorize`r interface. The `Authorizer` class should override the `authorize(UserContext)` method of the base `Authorizer` interface. Inside the REST resource method, the author would then call `authorize()`. Here is a simple example:
```java
import sailpoint.authorization.Authorizer;
@@ -78,7 +77,7 @@ class CustomPluginAuthorizer implements Authorizer{
public CustomPluginAuthorizer(CustomPluginObject cpo) {
this.cpo = cpo
}
-
+
/**
* {@inheritDoc}
*/
@@ -90,4 +89,4 @@ class CustomPluginAuthorizer implements Authorizer{
}
}
-```
\ No newline at end of file
+```
diff --git a/docs/iiq/plugin-developer-guide/chapter-8/index.md b/docs/iiq/plugin-developer-guide/chapter-8/index.md
index 800aceaa9..9b7b51d55 100644
--- a/docs/iiq/plugin-developer-guide/chapter-8/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-8/index.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide_java_executors
keywords: ['plugin']
description: IdentityIQ Plugin Java Class Plugin Executors
slug: /iiq/plugin-developer-guide/java-classes-executors
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Java Classes - Plugin Executors
@@ -21,7 +21,7 @@ The plugin framework allows developers to include custom task implementations or
## Plugin Object Properties
-When you're defining your plugin object, you must provide a list of service executors that will be included. The list will live inside an attributes map under the key serviceExecutors. Here is what such a list would look like:
+When you're defining your plugin object, you must provide a list of service executors that will be included. The list will live inside an attributes map under the key serviceExecutors. Here is what such a list would look like:
1. Plugin Helper methods
2. All inherited Service methods
@@ -32,22 +32,21 @@ When you're defining your plugin object, you must provide a list of service exec
7. Plugin Helper methods
8. All inherited PolicyExecutor methods.
-
## Plugin Helper Methods
This is the list of methods included with the `BasePlugin` classes:
-* **getPluginName()** - returns a string value of the plugin's name.
-* **getConnection()** - returns a connection object used to query the database.
-* **getSettingString(String settingName)** - returns a string setting value from the Plugin Settings.
-* **getSettingBool( String settingName)** - returns a boolean value from the Plugin Settings.
-* **getSettingInt(String settingName)** - returns a integer value from the Plugin Settings.
+- **getPluginName()** - returns a string value of the plugin's name.
+- **getConnection()** - returns a connection object used to query the database.
+- **getSettingString(String settingName)** - returns a string setting value from the Plugin Settings.
+- **getSettingBool( String settingName)** - returns a boolean value from the Plugin Settings.
+- **getSettingInt(String settingName)** - returns a integer value from the Plugin Settings.
You can think of the `BasePlugin` classes as the foundation for the creation of your specific objects. The biggest advantage to using them is the access to the Plugin Helper Methods. You aren't required to use the `BasePlugin` classes for your implementation though - you're welcome to extend directly from the parent class object you want to implement.
## Implement a plugin service definition
-When you're implementing a plugin service you will have to implement two parts. The first is your Service class, which will contain the business logic for what you want the service ot actually do. The second is the service definition XML file that will be loaded into IdentityIQ. You can find examples of both below:
+When you're implementing a plugin service you will have to implement two parts. The first is your Service class, which will contain the business logic for what you want the service ot actually do. The second is the service definition XML file that will be loaded into IdentityIQ. You can find examples of both below:
### BasePluginService Class
@@ -98,7 +97,7 @@ public class MyPluginService extends BasePluginService {
### Service Definition
-The Service Definition must specify a `pluginName` attribute. This tells IdentityIQ to use the plugin class loader for this executor. If the `pluginName` attribute isn't specified, the executor class won't be findable.
+The Service Definition must specify a `pluginName` attribute. This tells IdentityIQ to use the plugin class loader for this executor. If the `pluginName` attribute isn't specified, the executor class won't be findable.
```xml
@@ -157,8 +156,7 @@ public class MyTaskExecutor extends BasePluginTaskExecutor {
### TaskDefinition
-In your `TaskDefintion`, you must include the `pluginName` attribute because this attribute tells IdentityIQ to to use the plugin class loader instead of the default class loader. If the `pluginName` attribute isn't specified, the executor class won't be findable.
-
+In your `TaskDefintion`, you must include the `pluginName` attribute because this attribute tells IdentityIQ to to use the plugin class loader instead of the default class loader. If the `pluginName` attribute isn't specified, the executor class won't be findable.
```xml
@@ -195,9 +193,9 @@ public class MyPolicyExecutor extends BasePluginPolicyExecutor {
return "My Plugin";
}
-
-
+
+
/**
* {@inheritDoc}
@@ -212,9 +210,9 @@ public class MyPolicyExecutor extends BasePluginPolicyExecutor {
return violations;
}
-
-
+
+
/**
* Creates a policy violation for the identity.
@@ -252,4 +250,4 @@ configPage="genericpolicy.xhtml" executor="com.acme.MyPolicyExecutor" state="Act
-```
\ No newline at end of file
+```
diff --git a/docs/iiq/plugin-developer-guide/chapter-9/index.md b/docs/iiq/plugin-developer-guide/chapter-9/index.md
index 766691e99..ec435beb2 100644
--- a/docs/iiq/plugin-developer-guide/chapter-9/index.md
+++ b/docs/iiq/plugin-developer-guide/chapter-9/index.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide_installation
keywords: ['plugin']
description: IdentityIQ Plugin Installation
slug: /iiq/plugin-developer-guide/installation
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
# Plugin Installation
@@ -25,8 +25,8 @@ But wait, where do I get the .zip archive? If you have downloaded a published pl
-When a plugin is installed, the database scripts from the 'db/install' folder run, creating any necessary tables for the plugin, importing the XML configuration files into the IdentityIQ database from the 'import/install' folder, loading any compiled classes into the unique plugin classloader, and importing the manifest file - this process creates the plugin object.
+When a plugin is installed, the database scripts from the 'db/install' folder run, creating any necessary tables for the plugin, importing the XML configuration files into the IdentityIQ database from the 'import/install' folder, loading any compiled classes into the unique plugin classloader, and importing the manifest file - this process creates the plugin object.
-Uninstallation follows a similar path. You can launch uninstallation by clicking the small 'X' icon on the appropriate plugin card in the 'Settings->Plugin' interface. Database scripts responsible for cleaning up data run from the 'db/uninstall' folder, and the manifest file (the plugin object) is removed. Remember that the other XML objects created during installation are currently *not* uninstalled when a plugin is removed.
+Uninstallation follows a similar path. You can launch uninstallation by clicking the small 'X' icon on the appropriate plugin card in the 'Settings->Plugin' interface. Database scripts responsible for cleaning up data run from the 'db/uninstall' folder, and the manifest file (the plugin object) is removed. Remember that the other XML objects created during installation are currently _not_ uninstalled when a plugin is removed.
-
\ No newline at end of file
+
diff --git a/docs/index.md b/docs/index.md
index e630d1a2e..ab451b6a2 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -6,7 +6,7 @@ sidebar_label: Docs
sidebar_position: 1
sidebar_class_name: docs
keywords: ['docs']
-description: The Identity Security Cloud Developer Documentation.
+description: The Identity Security Cloud Developer Documentation.
slug: /
tags: ['docs']
---
@@ -15,17 +15,17 @@ tags: ['docs']
:::caution What about IdentityNow?
-Looking for IdentityNow? You're in the right place! IdentityNow has an updated brand in Identity Security Cloud.
+Looking for IdentityNow? You're in the right place! IdentityNow has an updated brand in Identity Security Cloud.
:::
-Identity Security Cloud (ISC) is a unified, multi-tenant identity governance and security platform. ISC provides organizations with the ability to ensure that their users, known as identities in ISC, have secure access to different data sources, and it makes identity access management fast and easy.
+Identity Security Cloud (ISC) is a unified, multi-tenant identity governance and security platform. ISC provides organizations with the ability to ensure that their users, known as identities in ISC, have secure access to different data sources, and it makes identity access management fast and easy.
-The ISC platform out of the box will often meet all your identity governance and security needs, but it's possible that it won't. The beauty of ISC is that even if it doesn't quite meet all your needs, you can extend the platform's functionality and build custom solutions that do!
+The ISC platform out of the box will often meet all your identity governance and security needs, but it's possible that it won't. The beauty of ISC is that even if it doesn't quite meet all your needs, you can extend the platform's functionality and build custom solutions that do!
-The SailPoint Developer Documentation provides developers with all the information they need to extend their platforms' functionality and build their desired solutions. The developer documentation is written for developers of all experience levels, from nontechnical users exploring what's possible to advanced developers who live and breathe code.
+The SailPoint Developer Documentation provides developers with all the information they need to extend their platforms' functionality and build their desired solutions. The developer documentation is written for developers of all experience levels, from nontechnical users exploring what's possible to advanced developers who live and breathe code.
-Check out the developer documentation and see what's possible!
+Check out the developer documentation and see what's possible!
:::info Are you a partner?
@@ -40,11 +40,10 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
-import Tabs from '@theme/Tabs';
-import TabItem from '@theme/TabItem';
+import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about ISC and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
\ No newline at end of file
+To learn more about ISC and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/plugin-developer-guide.md b/docs/plugin-developer-guide.md
index 93bf86cc5..a65c8f602 100644
--- a/docs/plugin-developer-guide.md
+++ b/docs/plugin-developer-guide.md
@@ -8,7 +8,7 @@ sidebar_class_name: plugin_developer_guide
keywords: ['plugin']
description: IdentityIQ Plugin Developer Guide.
slug: /iiq/plugin-developer-guide
-tags: ['plugin','guide','identityiq']
+tags: ['plugin', 'guide', 'identityiq']
---
Introduced with IdentityIQ 7.1, the plugin framework provides the infrastructure and tools to enable developers to extend the Open Identity Platform to meet a variety of specialized use cases that one might encounter in a non-standard deployment. The plugin framework allows developers to create packaged functionality that integrates with IdentityIQ, in a upgrade safe and isolated manner. It gives implementers a safe option for creating User Interface extensions, REST services, Custom SailPoint configuration objects, and more. This guide is designed to walk through the basics of plugin development and installation.
diff --git a/docs/reporting.md b/docs/reporting.md
index 09d9dd3cb..68bcd3512 100644
--- a/docs/reporting.md
+++ b/docs/reporting.md
@@ -6,7 +6,7 @@ sidebar_label: Reporting
sidebar_position: 1
sidebar_class_name: reporting
keywords: ['reporting']
-description: Collect data reports from ISC.
+description: Collect data reports from ISC.
slug: /reporting
tags: ['reporting']
---
@@ -23,6 +23,7 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about ISC data reporting and discuss the different options with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+
+To learn more about ISC data reporting and discuss the different options with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/reporting/access-intelligence-center/_category_.json b/docs/reporting/access-intelligence-center/_category_.json
index 9c0816cc1..f92ea6971 100644
--- a/docs/reporting/access-intelligence-center/_category_.json
+++ b/docs/reporting/access-intelligence-center/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Create your own dashboards and discover key insights."
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Create your own dashboards and discover key insights."
+ }
+}
diff --git a/docs/reporting/access-intelligence-center/audit-er-diagram.md b/docs/reporting/access-intelligence-center/audit-er-diagram.md
index f07326342..2bbc96c72 100644
--- a/docs/reporting/access-intelligence-center/audit-er-diagram.md
+++ b/docs/reporting/access-intelligence-center/audit-er-diagram.md
@@ -16,7 +16,6 @@ import MermaidViewer from '@site/src/components/MermaidViewer';
# Access Intelligence Center Audit ER Diagram
-
-
-
-
diff --git a/docs/reporting/access-intelligence-center/identity-er-diagram.md b/docs/reporting/access-intelligence-center/identity-er-diagram.md
index 1560860a2..08263984c 100644
--- a/docs/reporting/access-intelligence-center/identity-er-diagram.md
+++ b/docs/reporting/access-intelligence-center/identity-er-diagram.md
@@ -16,7 +16,6 @@ import MermaidViewer from '@site/src/components/MermaidViewer';
# Access Intelligence Center ER Diagram
-
-
-
-
diff --git a/docs/reporting/access-intelligence-center/index.md b/docs/reporting/access-intelligence-center/index.md
index 8e67cd9c2..cee3d5099 100644
--- a/docs/reporting/access-intelligence-center/index.md
+++ b/docs/reporting/access-intelligence-center/index.md
@@ -24,11 +24,12 @@ The AIC Audit dashboard focuses on more tangible audit events, such as access re
With Reader permission, users can view any public sheets available and make selections to further filter the data. With Authoring permission, users can view public sheets, create new public or private sheets, and bookmark certain filters for future use.
-
## Identity Security Cloud Documentation
+
For information on how to use AIC in your environment, see the documentation [here](https://documentation.sailpoint.com/saas/help/ai/access_insights/access_intelligence.html)
## Technical Documentation and Videos
+
For Entity Relationship (ER) Diagrams that represent the data model in AIC as well as other documentation see the following pages
```mdx-code-block
@@ -36,4 +37,4 @@ import DocCardList from '@theme/DocCardList';
import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
-```
\ No newline at end of file
+```
diff --git a/docs/reporting/access-intelligence-center/videos.md b/docs/reporting/access-intelligence-center/videos.md
index 809980410..a49c3ed1b 100644
--- a/docs/reporting/access-intelligence-center/videos.md
+++ b/docs/reporting/access-intelligence-center/videos.md
@@ -16,14 +16,17 @@ import Video from '@site/src/components/Video';
# Videos
### Out of the Box Charts and Dashboards
+
### Filtering and Responsive UI
+
### Authoring and Creating new Sheets
+
### Bookmarking Capabilities
-
+
diff --git a/docs/reporting/secure-data-share/_category_.json b/docs/reporting/secure-data-share/_category_.json
index 11508475c..bce33d7b0 100644
--- a/docs/reporting/secure-data-share/_category_.json
+++ b/docs/reporting/secure-data-share/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Securely share ISC data with Snowflake."
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Securely share ISC data with Snowflake."
+ }
+}
diff --git a/docs/reporting/secure-data-share/audit-er-diagram.md b/docs/reporting/secure-data-share/audit-er-diagram.md
index b381a9670..d3ebef00d 100644
--- a/docs/reporting/secure-data-share/audit-er-diagram.md
+++ b/docs/reporting/secure-data-share/audit-er-diagram.md
@@ -16,7 +16,6 @@ import MermaidViewer from '@site/src/components/MermaidViewer';
# Secure Data Share Audit ER Diagram
-
-
-
-
diff --git a/docs/reporting/secure-data-share/identity-er-diagram.md b/docs/reporting/secure-data-share/identity-er-diagram.md
index 4a28d0a26..53f705b44 100644
--- a/docs/reporting/secure-data-share/identity-er-diagram.md
+++ b/docs/reporting/secure-data-share/identity-er-diagram.md
@@ -16,7 +16,6 @@ import MermaidViewer from '@site/src/components/MermaidViewer';
# Secure Data Share Identity ER Diagram
-
--indices
-```
-
-You must start your search query with `sail search query`, and you must specify a query string to search for and a set of indices to search.
-
-### Flags
-
-You can append a number of flags to the `query` command to refine it:
-- The first flag, `indices`, is required. It specifies the indices to run the search operation on.
-- The second possible flag, `sort`, allows you to specify the sort strings to use for the search query, as well as the sorting arrangement for the results.
-- The third possible flag, `folderPath`, allows you to specify the folder path where you want to save the search query result files.
-
-#### Indices
-
-Use the `indices` flag to specify the indices you want to search. The `indices` flag is required to use the `query` command.
-
-Here is an example of a `query` command with specified `indices`:
+The basic format of a query is "field:term", so an example `query` command would like this:
```shell
sail search query "name:a*" --indices identities
```
-You can search multiple indices.
+The CLI will use the [V3 Search endpoint](https://developer.sailpoint.com/docs/api/v3/search-post) to search for all identities starting with names starting with the letter "a". The CLI will then generate a JSON file containing the search results. This JSON file will be located in a folder titled "search_results", within the current working directory, unless a folder path is specified.
-Here is an example of a `query` command with multiple specified `indices`.
+### Command
+
+This example can help you understand the `query` command structure:
+
+```shell
+sail search query --indices
+```
+
+You must start your search query with `sail search query`, and you must specify a query string to search for and a set of indices to search.
+
+### Flags
+
+You can append a number of flags to the `query` command to refine it:
+
+- The first flag, `indices`, is required. It specifies the indices to run the search operation on.
+- The second possible flag, `sort`, allows you to specify the sort strings to use for the search query, as well as the sorting arrangement for the results.
+- The third possible flag, `folderPath`, allows you to specify the folder path where you want to save the search query result files.
+
+#### Indices
+
+Use the `indices` flag to specify the indices you want to search. The `indices` flag is required to use the `query` command.
+
+Here is an example of a `query` command with specified `indices`:
+
+```shell
+sail search query "name:a*" --indices identities
+```
+
+You can search multiple indices.
+
+Here is an example of a `query` command with multiple specified `indices`.
```shell
sail search query "name:a*" --indices identities --indices accessprofiles
@@ -87,18 +87,17 @@ sail search query "name:a*" --indices identities --indices accessprofiles
#### Sort
-Use the `sort` flag to specify the sort strings you want to use to determine the sorting arrangement of your search query results.
-When you specify a string to sort by, like `name`, the CLI sorts results by `name` in ascending order. If you add a "-" before the sort string, like `-name`, the CLI will sort the results in descending order instead.
+Use the `sort` flag to specify the sort strings you want to use to determine the sorting arrangement of your search query results. When you specify a string to sort by, like `name`, the CLI sorts results by `name` in ascending order. If you add a "-" before the sort string, like `-name`, the CLI will sort the results in descending order instead.
-Here is an example of a `query` command that sorts the results in descending order based on the identities' `created` dates:
+Here is an example of a `query` command that sorts the results in descending order based on the identities' `created` dates:
```shell
sail search query "name:a*" --indices identities --sort "-created"
```
-You can specify multiple sort strings for your search queries.
+You can specify multiple sort strings for your search queries.
-Here is an example of a `query` command that sorts the results in ascending order based on `name`, as well as in descending order based on the identities' `created` dates:
+Here is an example of a `query` command that sorts the results in ascending order based on `name`, as well as in descending order based on the identities' `created` dates:
```shell
sail search query "name:a*" --indices identities --sort name --sort "-created"
@@ -106,9 +105,9 @@ sail search query "name:a*" --indices identities --sort name --sort "-created"
#### Output Types
-Use the `outputTypes` flag to specify the output data format for the search query results. Currently, the only supported output types are `json` and `csv`.
+Use the `outputTypes` flag to specify the output data format for the search query results. Currently, the only supported output types are `json` and `csv`.
-Here is an example of a `query` command that specifies the `json` output type:
+Here is an example of a `query` command that specifies the `json` output type:
```shell
sail search query "name:a*" --indices identities
@@ -116,10 +115,9 @@ sail search query "name:a*" --indices identities
#### Folder Path
-Use the `folderPath` flag to specify the folder path to save the search results in.
-If you don't specify a `folderPath`, the results will save to a folder called "search_results", located within your current working directory.
+Use the `folderPath` flag to specify the folder path to save the search results in. If you don't specify a `folderPath`, the results will save to a folder called "search_results", located within your current working directory.
-Here is an example of a `query` command that specifies a `folderPath`:
+Here is an example of a `query` command that specifies a `folderPath`:
```shell
sail search query "name:a*" --indices identities --folderPath ./local/folder/path
@@ -129,33 +127,30 @@ sail search query "name:a*" --indices identities --folderPath ./local/folder/pat
For more detailed search queries, you can provide a predefined template instead of constructing the whole query every time. This allows you to run very detailed search queries quickly and easily.
-The `template` command allows you to use predefined templates to search Identity Security Cloud.
-
+The `template` command allows you to use predefined templates to search Identity Security Cloud.
+
### Command
-This example shows the essential `template` command structure:
+This example shows the essential `template` command structure:
```shell
sail search template all-provisioning-events-90-days
```
-The specified template file will give the CLI all the information it needs to perform its search in Identity Security Cloud.
+The specified template file will give the CLI all the information it needs to perform its search in Identity Security Cloud.
### Flags
+You can append one flag to the `template` command to refine it:
-You can append one flag to the `template` command to refine it:
-- The flag, `folderPath`, allows you to specify the folder path where you want to save the search query result files.
-
+- The flag, `folderPath`, allows you to specify the folder path where you want to save the search query result files.
#### Folder Path
-Use the `folderPath` flag to specify the folder path to save the search results in.
-If you don't specify a `folderPath`, the results will save to a folder called "search_results", located within your current working directory.
+Use the `folderPath` flag to specify the folder path to save the search results in. If you don't specify a `folderPath`, the results will save to a folder called "search_results", located within your current working directory.
-Here is an example of a `template` command that specifies a `folderPath`:
+Here is an example of a `template` command that specifies a `folderPath`:
```shell
sail search template all-provisioning-events-90-days --folderPath ./local/folder/path
```
-
diff --git a/docs/tools/cli/set.md b/docs/tools/cli/set.md
index f442ed6cc..1e46c25f6 100644
--- a/docs/tools/cli/set.md
+++ b/docs/tools/cli/set.md
@@ -6,18 +6,18 @@ sidebar_label: Set
sidebar_position: 4
sidebar_class_name: cli
keywords: ['cli', 'set']
-description: Learn how to configure your CLI settings in this guide.
+description: Learn how to configure your CLI settings in this guide.
slug: /tools/cli/set
tags: ['CLI']
---
## Set
-Learn how to configure your CLI settings in this guide.
+Learn how to configure your CLI settings in this guide.
-This includes setting your authentication mode, your debug mode, and the filepaths for the templates your CLI uses to make your search and export processes easier.
+This includes setting your authentication mode, your debug mode, and the filepaths for the templates your CLI uses to make your search and export processes easier.
-You can use these `set` commands to configure your CLI settings:
+You can use these `set` commands to configure your CLI settings:
- [Set](#set)
- [Auth](#auth)
@@ -30,27 +30,27 @@ You can use these `set` commands to configure your CLI settings:
### Auth
-To set the current authentication method for the CLI, run this command:
+To set the current authentication method for the CLI, run this command:
```shell
sail set auth {authentication type}
```
-You can currently set authentication to either `pat` to use a personal access token (PAT), or `oauth` to use OAuth2 authentication via browser authentication.
+You can currently set authentication to either `pat` to use a personal access token (PAT), or `oauth` to use OAuth2 authentication via browser authentication.
### Debug
-To enable debug mode, run this command:
+To enable debug mode, run this command:
```shell
sail set debug enable
```
-To disable debug mode, run the same command with `disable` instead.
+To disable debug mode, run the same command with `disable` instead.
### PAT
-To configure PAT authentication for a given environment, run this command:
+To configure PAT authentication for a given environment, run this command:
```shell
sail set pat
@@ -62,7 +62,7 @@ Then follow the prompts to provide your PAT client ID and client secret.
### Search templates
-To set the filepath for the search templates your CLI uses, run this command:
+To set the filepath for the search templates your CLI uses, run this command:
```shell
sail set searchTemplates "path/to/search/template/file"
@@ -74,14 +74,14 @@ sail set search "path/to/search/template/file"
#### File format
-Here are a couple examples of the file format a search template uses:
+Here are a couple examples of the file format a search template uses:
```json
[
{
"name": "all-provisioning-events",
"description": "All provisioning events in the tenant for a given time range",
- "variables": [{ "name": "days", "prompt": "Days before today" }],
+ "variables": [{"name": "days", "prompt": "Days before today"}],
"searchQuery": {
"indices": ["events"],
"queryType": null,
@@ -111,11 +111,11 @@ Here are a couple examples of the file format a search template uses:
]
```
-In the first example, the template uses variables in its query. The second example is a fully predefined template without variables.
+In the first example, the template uses variables in its query. The second example is a fully predefined template without variables.
### Export templates
-To set the filepath for the export templates your CLI uses, run this command:
+To set the filepath for the export templates your CLI uses, run this command:
```shell
sail set exportTemplates "path/to/export/template/file"
@@ -127,7 +127,8 @@ sail set export "path/to/export/template/file"
#### File format
-Here is an example of the file format an export template uses:
+Here is an example of the file format an export template uses:
+
```json
[
{
diff --git a/docs/tools/cli/transforms.md b/docs/tools/cli/transforms.md
index 6d9ed1d76..666d583eb 100644
--- a/docs/tools/cli/transforms.md
+++ b/docs/tools/cli/transforms.md
@@ -6,22 +6,22 @@ sidebar_label: Transforms
sidebar_position: 6
sidebar_class_name: cli-transforms
keywords: ['cli', 'cli transforms', 'transforms']
-description: Learn about the CLI commands you can use to create, manage, and test transforms in this guide.
+description: Learn about the CLI commands you can use to create, manage, and test transforms in this guide.
slug: /tools/cli/transforms
tags: ['CLI']
---
# Transforms
-Learn about the CLI commands you can use to create, manage, and test transforms in this guide.
+Learn about the CLI commands you can use to create, manage, and test transforms in this guide.
-In Identity Security Cloud (ISC), you can use transforms to manipulate attribute data without writing any code. For more information about transforms, refer to [Transforms](/docs/extensibility/transforms).
+In Identity Security Cloud (ISC), you can use transforms to manipulate attribute data without writing any code. For more information about transforms, refer to [Transforms](/docs/extensibility/transforms).
-With the `transforms` command, it's it easy to create, manage, and test transforms in the CLI.
+With the `transforms` command, it's it easy to create, manage, and test transforms in the CLI.
## Commands
-To create, manage, and test transforms with the CLI, you can use these commands:
+To create, manage, and test transforms with the CLI, you can use these commands:
- [Transforms](#transforms)
- [Commands](#commands)
@@ -33,13 +33,13 @@ To create, manage, and test transforms with the CLI, you can use these commands:
## List transforms
-To get a list of the transforms available in your tenant, run this command:
+To get a list of the transforms available in your tenant, run this command:
```shell
sail transform list
```
-This command produces a table of available transforms.
+This command produces a table of available transforms.
@@ -55,7 +55,7 @@ By default, this command will save the files in the current working directory. U
-This command will overwrite any existing files with the same name, so be careful when you run this in a directory that has transforms that have been modified but not yet saved.
+This command will overwrite any existing files with the same name, so be careful when you run this in a directory that has transforms that have been modified but not yet saved.
## Create transform
@@ -89,9 +89,9 @@ To delete multiple transforms, use this syntax:
sail transform delete
```
-You can use this command in conjunction with the `ls` command to find the ID of the transform you want to delete.
+You can use this command in conjunction with the `ls` command to find the ID of the transform you want to delete.
-This is an example of how you can find a transform ID and delete it:
+This is an example of how you can find a transform ID and delete it:
```shell
sail transform list
diff --git a/docs/tools/cli/va.md b/docs/tools/cli/va.md
index 3dc27faf6..3b8f2b959 100644
--- a/docs/tools/cli/va.md
+++ b/docs/tools/cli/va.md
@@ -1,26 +1,28 @@
---
id: cli-va
-title: VA
+title: VA
pagination_label: CLI VA
sidebar_label: VA
sidebar_position: 7
sidebar_class_name: cli-va
keywords: ['cli', 'va']
-description: Learn about the CLI commands you can use to interact with VAs in this guide.
+description: Learn about the CLI commands you can use to interact with VAs in this guide.
slug: /tools/cli/va
tags: ['CLI']
---
+
# VA
-Learn about the CLI commands you can use to interact with VAs in this guide.
+Learn about the CLI commands you can use to interact with VAs in this guide.
-A virtual appliance (VA) is a Linux-based virtual machine that connects to your sources and applications in ISC by using APIs, connectors, and other integrations SailPoint has made available.
+A virtual appliance (VA) is a Linux-based virtual machine that connects to your sources and applications in ISC by using APIs, connectors, and other integrations SailPoint has made available.
-For more information about VAs, refer to the [Virtual Appliance Reference Guide](https://community.sailpoint.com/t5/IdentityNow-Connectors/Virtual-Appliance-Reference-Guide/ta-p/74641?_ga=2.265747530.43742715.1681135659-1245631791.1680185785&_gl=1*1bevvkq*_ga*MTI0NTYzMTc5MS4xNjgwMTg1Nzg1*_ga_SS72Z4HXJM*MTY4MTMwOTc1MC4yOS4xLjE2ODEzMDk5MzkuMjguMC4w).
+For more information about VAs, refer to the [Virtual Appliance Reference Guide](https://community.sailpoint.com/t5/IdentityNow-Connectors/Virtual-Appliance-Reference-Guide/ta-p/74641?_ga=2.265747530.43742715.1681135659-1245631791.1680185785&_gl=1*1bevvkq*_ga*MTI0NTYzMTc5MS4xNjgwMTg1Nzg1*_ga_SS72Z4HXJM*MTY4MTMwOTc1MC4yOS4xLjE2ODEzMDk5MzkuMjguMC4w).
## Commands
-To use the CLI to interact with VAs connected to your tenant, run these commands:
+To use the CLI to interact with VAs connected to your tenant, run these commands:
+
- [VA](#va)
- [Commands](#commands)
- [Collect](#collect)
@@ -33,30 +35,31 @@ To use the CLI to interact with VAs connected to your tenant, run these commands
- [Flags](#flags-2)
- [Example](#example-2)
-### Collect
+### Collect
-To collect all files from a VA, run this command:
+To collect all files from a VA, run this command:
```shell
sail va collect {VA IP address} {flags}
-```
+```
-This command gets all files from the VA and saves them to the current working directory (the directory you're in), unless you specify flags.
+This command gets all files from the VA and saves them to the current working directory (the directory you're in), unless you specify flags.
#### Flags
-You can add these flags to the the `collect` command:
-- `-o, --output`: Set the path to save the files to. If the directory doesn't exist, the CLI creates it. The default directory is the current working directory.
-- `-c, --config`: Only get config files.
+You can add these flags to the the `collect` command:
+
+- `-o, --output`: Set the path to save the files to. If the directory doesn't exist, the CLI creates it. The default directory is the current working directory.
+- `-c, --config`: Only get config files.
- `-h, --help`: View the command's help with examples within the CLI.
-- `-l, --logs`: Only get log files.
+- `-l, --logs`: Only get log files.
#### Example
-Here is an example command and response:
+Here is an example command and response:
```shell
-sail va collect 10.10.10.25 10.10.10.26 -p S@ilp0int -p S@ilp0int
+sail va collect 10.10.10.25 10.10.10.26 -p S@ilp0int -p S@ilp0int
2023/10/05 22:19:19 INFO Starting File Collection VA=10.10.10.26
2023/10/05 22:19:19 INFO Starting File Collection VA=10.10.10.25
2023/10/05 22:19:19 WARN Skipping file file=/home/sailpoint/proxy.yaml VA=10.10.10.25
@@ -73,40 +76,41 @@ sail va collect 10.10.10.25 10.10.10.26 -p S@ilp0int -p S@ilp0int
### Parse
-This command converts log files into a human-readable format. It's helpful when you want to troubleshoot VA issues.
+This command converts log files into a human-readable format. It's helpful when you want to troubleshoot VA issues.
-To parse log files, run this command:
+To parse log files, run this command:
```shell
sail va parse {log file} {flags}
```
-By default, this command parses all errors in the log files, not all log traffic - you can use flags to parse all log traffic.
+By default, this command parses all errors in the log files, not all log traffic - you can use flags to parse all log traffic.
#### Flags
-You can add these flags to the `parse` command:
-- `--type`:
+You can add these flags to the `parse` command:
+
+- `--type`:
- `canal` Specify that the provided files are Canal log files.
- - `ccg` Specify that the provided files are CCG log files.
-- `-e, --everything`: Parse all log traffic, not just errors.
-- `-h, --help`: View the command's help with examples within the CLI.
+ - `ccg` Specify that the provided files are CCG log files.
+- `-e, --everything`: Parse all log traffic, not just errors.
+- `-h, --help`: View the command's help with examples within the CLI.
#### Example
-Here is an example command:
+Here is an example command:
```shell
sail va parse --type ccg ./path/to/ccg.log ./path/to/ccg.log --all
-or
+or
-sail va parse --type canal ./path/to/canal.log ./path/to/canal.log
+sail va parse --type canal ./path/to/canal.log ./path/to/canal.log
```
### Update
-To update a VA, run this command:
+To update a VA, run this command:
```shell
sail va update {VA IP address} {flags}
@@ -115,16 +119,17 @@ sail va update {VA IP address} {flags}
#### Flags
You can add these flags to the `update` command:
+
- `-h, --help`: View the command's help with examples within the CLI.
#### Example
-Here is an example command:
+Here is an example command:
```shell
sail va update 10.10.10.25
-or
+or
sail va update 10.10.10.25 -p S@ilp0int
```
diff --git a/docs/tools/cli/workflow.md b/docs/tools/cli/workflow.md
index fcebd0989..942a9bc44 100644
--- a/docs/tools/cli/workflow.md
+++ b/docs/tools/cli/workflow.md
@@ -13,13 +13,14 @@ tags: ['CLI']
# Workflows
-Learn how to use the SailPoint CLI to create, manage, and test workflows in this guide.
+Learn how to use the SailPoint CLI to create, manage, and test workflows in this guide.
-A workflow is a set of steps that are completed whenever a specific event occurs. Once that event triggers the workflow, the workflow performs the steps within Identity Security Cloud.
+A workflow is a set of steps that are completed whenever a specific event occurs. Once that event triggers the workflow, the workflow performs the steps within Identity Security Cloud.
The `workflow` command makes it easy to create, manage, and test workflows from within the SailPoint CLI. To learn more about workflows, refer to [Workflows](https://documentation.sailpoint.com/saas/help/workflows/workflow-basics.html?h=workflow).
- [Workflows](#workflows)
+
- [List workflows](#list-workflows)
- [Get workflow](#get-workflow)
- [Create workflow](#create-workflow)
@@ -28,147 +29,147 @@ The `workflow` command makes it easy to create, manage, and test workflows from
- [Update workflow](#update-workflow)
- [File path](#file-path-1)
- [Folder path](#folder-path-1)
- - [Delete workflow](#delete-workflow)
+ - [Delete workflow](#delete-workflow)
- [Download workflow](#download-workflow)
- [Folder](#folder)
- ## List workflows
+ ## List workflows
- To manage workflows in the SailPoint CLI, you need to know which workflows are available, and you may need to know their IDs. Run this command to list the workflows in your tenant:
+ To manage workflows in the SailPoint CLI, you need to know which workflows are available, and you may need to know their IDs. Run this command to list the workflows in your tenant:
```shell
- sail workflow list
+ sail workflow list
```
- The CLI will return a table of the available workflows in your tenant, with their IDs.
+ The CLI will return a table of the available workflows in your tenant, with their IDs.
- This command uses the [List Workflows endpoint](https://developer.sailpoint.com/docs/api/beta/list-workflows).
+ This command uses the [List Workflows endpoint](https://developer.sailpoint.com/docs/api/beta/list-workflows).
- ## Get workflow
+ ## Get workflow
- Once you have a workflow's ID, you can see view all its details. Run this command to get a workflow by ID:
+ Once you have a workflow's ID, you can see view all its details. Run this command to get a workflow by ID:
```shell
sail workflow get {workflow ID}
```
- Here is an example command:
+ Here is an example command:
```shell
sail workflow get f691874a-c5a5-426d-9dd4-33129072bafa
```
- The CLI will return the workflow, along with all its details.
+ The CLI will return the workflow, along with all its details.
This command uses the [Get workflow endpoint](https://developer.sailpoint.com/docs/api/beta/get-workflow).
- ## Create workflow
+ ## Create workflow
- To create workflows with the SailPoint CLI, you must append the `--file` (`-f` for short) flag to provide a file path for the workflow. Run this command to create a workflow:
+ To create workflows with the SailPoint CLI, you must append the `--file` (`-f` for short) flag to provide a file path for the workflow. Run this command to create a workflow:
```shell
sail workflow create -f {file path}
```
- File paths are relative to the working directory, and only one workflow is allowed per file path. You can provide multiple workflows by specifying multiple file paths as arguments:
+ File paths are relative to the working directory, and only one workflow is allowed per file path. You can provide multiple workflows by specifying multiple file paths as arguments:
```shell
sail workflow create -f {file path} {file-path}
```
- Here is an example command:
+ Here is an example command:
```shell
sail workflow create -f ./workflow-file.json
```
- Once you create the workflow, it will be located in the file path you specified.
+ Once you create the workflow, it will be located in the file path you specified.
- This command uses the [Create workflow endpoint](https://developer.sailpoint.com/docs/api/beta/create-workflow).
+ This command uses the [Create workflow endpoint](https://developer.sailpoint.com/docs/api/beta/create-workflow).
- ### File path
+ ### File path
- The first flag you can append when you are creating workflows is required, the `--file` (`-f` for short) flag. This flag specifies the file path for the workflow you are going to create.
-
- You can specify multiple file paths with one workflow create command.
+ The first flag you can append when you are creating workflows is required, the `--file` (`-f` for short) flag. This flag specifies the file path for the workflow you are going to create.
+
+ You can specify multiple file paths with one workflow create command.
### Folder path
- The second flag you can append when you are creating workflows is the `--directory` (`-d` for short) flag. Appending the `-d` flag specifies a directory, or folder path, of workflows to contain the created workflow.
+ The second flag you can append when you are creating workflows is the `--directory` (`-d` for short) flag. Appending the `-d` flag specifies a directory, or folder path, of workflows to contain the created workflow.
- Here is what the command looks like with the `-d` flag:
+ Here is what the command looks like with the `-d` flag:
```shell
sail workflow create -d {folder-path}
```
- You can also provide multiple workflow directories by specifying multiple folder paths as arguments:
+ You can also provide multiple workflow directories by specifying multiple folder paths as arguments:
```shell
sail workflow create -d {folder-path} {folder-path}
```
- ## Update workflow
+ ## Update workflow
- To update workflows with the SailPoint CLI, you must append the `--file` (`-f` for short) flag to provide a file path for the updated workflow. Run this command to update a workflow:
+ To update workflows with the SailPoint CLI, you must append the `--file` (`-f` for short) flag to provide a file path for the updated workflow. Run this command to update a workflow:
```shell
- sail workflow update -f {file-path}
+ sail workflow update -f {file-path}
```
- You can also provide multiple workflows by specifying multiple file paths as arguments:
+ You can also provide multiple workflows by specifying multiple file paths as arguments:
```shell
sail workflow update -f {file-path} {file-path}
```
- Here is an example command:
+ Here is an example command:
```shell
sail workflow create -f ./workflow-file.json
```
- The updated workflow will be located in the file path you specified.
+ The updated workflow will be located in the file path you specified.
This command uses the [Update workflow endpoint](https://developer.sailpoint.com/docs/api/beta/update-workflow).
- ### File path
+ ### File path
- The first flag you can append when you are creating workflows is required, the `--file` (`-f` for short) flag. This flag specifies the file path for the workflow you are going to update.
-
- You can specify multiple file paths with one workflow update command.
+ The first flag you can append when you are creating workflows is required, the `--file` (`-f` for short) flag. This flag specifies the file path for the workflow you are going to update.
- ### Folder path
+ You can specify multiple file paths with one workflow update command.
- The second flag you can append when you are updating workflows is the `--directory` (`-d` for short) flag. Appending the `-d` flag specifies a directory, or folder path, of workflows to contain the updated workflow.
+ ### Folder path
- Here is what the command looks like with the `-d` flag:
+ The second flag you can append when you are updating workflows is the `--directory` (`-d` for short) flag. Appending the `-d` flag specifies a directory, or folder path, of workflows to contain the updated workflow.
+
+ Here is what the command looks like with the `-d` flag:
```shell
sail workflow update -d {folder-path}
```
- You can also provide multiple workflow directories by specifying multiple folder paths as arguments:
+ You can also provide multiple workflow directories by specifying multiple folder paths as arguments:
```shell
sail workflow update -d {folder-path} {folder-path}
```
- ## Delete workflow
+ ## Delete workflow
- To delete workflows with the SailPoint CLI, you must specify the ID of the workflow you want to delete. Run this command to delete a workflow:
+ To delete workflows with the SailPoint CLI, you must specify the ID of the workflow you want to delete. Run this command to delete a workflow:
```shell
sail workflow delete id1
```
- You can also delete multiple workflows:
+ You can also delete multiple workflows:
```shell
- sail workflow delete id1 id2
+ sail workflow delete id1 id2
```
- You can also delete a list of workflows specified in a file:
+ You can also delete a list of workflows specified in a file:
```shell
sail workflow delete $(cat list_of_workflowIDs.txt)
@@ -176,22 +177,22 @@ The `workflow` command makes it easy to create, manage, and test workflows from
This command uses the [Delete workflow endpoint](https://developer.sailpoint.com/docs/api/beta/delete-workflow).
- ## Download workflow
+ ## Download workflow
- To download workflows with the SailPoint CLI, run this command:
+ To download workflows with the SailPoint CLI, run this command:
```shell
- sail workflow download
+ sail workflow download
```
- Running this command downloads the available workflow files to the default folder, "workflows".
+ Running this command downloads the available workflow files to the default folder, "workflows".
- ### Folder
+ ### Folder
- By default, workflows downloaded from the CLI are located in the folder, "workflows". To change the folder the workflows are downloaded to, append the `-f` flag to the command, as shown in this example:
+ By default, workflows downloaded from the CLI are located in the folder, "workflows". To change the folder the workflows are downloaded to, append the `-f` flag to the command, as shown in this example:
```shell
sail workflow download -f my-workflows
```
- Running this command downloads the available workflow files.
\ No newline at end of file
+ Running this command downloads the available workflow files.
diff --git a/docs/tools/rule-development-kit/index.md b/docs/tools/rule-development-kit/index.md
index dbdb06cb1..ae7cd0988 100644
--- a/docs/tools/rule-development-kit/index.md
+++ b/docs/tools/rule-development-kit/index.md
@@ -5,7 +5,7 @@ pagination_label: RDK
sidebar_label: Rule Development Kit
sidebar_position: 3
sidebar_class_name: rdk
-keywords: ['rule', 'development','kit']
+keywords: ['rule', 'development', 'kit']
description: Rule development made quick and easy.
slug: /tools/rule-development-kit
tags: ['RDK']
@@ -13,7 +13,7 @@ tags: ['RDK']
## Start Using the Rule Development Kit
-The SailPoint Rule Development Kit (RDK) is a project you can use to develop rules more quickly and easily.
+The SailPoint Rule Development Kit (RDK) is a project you can use to develop rules more quickly and easily.
In SailPoint solutions, rules serve as flexible configuration frameworks implementers can leverage to preform complex or advanced configurations. To learn more about them, refer to [Rules](../../extensibility/rules/index.md).
@@ -23,18 +23,18 @@ Learn how to use the SailPoint RDK in this guide.
## Requirements
-* [Java 11](https://www.oracle.com/java/technologies/javase/jdk11-archive-downloads.html)
-* [Apache Maven 3.9.3+](https://maven.apache.org/install.html)
- * [Mac OS installation guide](https://www.appsdeveloperblog.com/how-to-install-maven-on-mac-os/)
- * [Windows installation guide](https://phoenixnap.com/kb/install-maven-windows)
+- [Java 11](https://www.oracle.com/java/technologies/javase/jdk11-archive-downloads.html)
+- [Apache Maven 3.9.3+](https://maven.apache.org/install.html)
+ - [Mac OS installation guide](https://www.appsdeveloperblog.com/how-to-install-maven-on-mac-os/)
+ - [Windows installation guide](https://phoenixnap.com/kb/install-maven-windows)
## Clone the project
You can find the RDK and its examples in the Github repo [here](https://github.com/sailpoint-oss/rule-development-kit).
-To get started, clone the project.
+To get started, clone the project.
-To clone the project, you can run this command:
+To clone the project, you can run this command:
```bash
git clone git@github.com:sailpoint-oss/rule-development-kit.git
@@ -58,11 +58,11 @@ src/
└── log4j2.properties
```
-* **`src/main/java/`** Use this folder to develop your rules before putting them into the rule XML format. Import objects as needed from `sailpoint.*`
+- **`src/main/java/`** Use this folder to develop your rules before putting them into the rule XML format. Import objects as needed from `sailpoint.*`
-* **`src/main/resources/rules/`** Use this folder to store your rules in the XML format you would expect to upload to Identity Security Cloud (ISC).
+- **`src/main/resources/rules/`** Use this folder to store your rules in the XML format you would expect to upload to Identity Security Cloud (ISC).
-* **`src/test/java/sailpoint/`** Use this folder for test classes to test your rules.
+- **`src/test/java/sailpoint/`** Use this folder for test classes to test your rules.
## Install depedencies
@@ -230,13 +230,13 @@ public class UsernameGenerator {
## Convert the rule to XML format
-The final step required before you can test your rule is converting it to XML format. These XML files are stored under the `/src/main/resources/rules` directory in the RDK. You can find the `AttributeGenerator` template file [here](/docs/extensibility/rules/cloud-rules/account-profile-attribute-generator#template).
+The final step required before you can test your rule is converting it to XML format. These XML files are stored under the `/src/main/resources/rules` directory in the RDK. You can find the `AttributeGenerator` template file [here](/docs/extensibility/rules/cloud-rules/account-profile-attribute-generator#template).
Replace `Example Rule` with the preferred name of your rule, and add a short description.
### Copy over imports for the rule
-Copy over the imports the rule needs.
+Copy over the imports the rule needs.
```xml
@@ -260,7 +260,7 @@ import sailpoint.tools.GeneralException;
### Copy the rule logic
-Copy the logic of your rule inside the class you created earlier.
+Copy the logic of your rule inside the class you created earlier.
:::caution
@@ -499,15 +499,15 @@ Once your rule is saved in the XML format, you can begin testing.
## Testing rules
-Before submitting your rule for review, it's essential that you test it. You can use the RDK to do so.
+Before submitting your rule for review, it's essential that you test it. You can use the RDK to do so.
-By default, the RDK uses the [Mockito](https://javadoc.io/doc/org.mockito/mockito-core/latest/org/mockito/Mockito.html) library to mock objects and return mocked results for testing your rule logic.
+By default, the RDK uses the [Mockito](https://javadoc.io/doc/org.mockito/mockito-core/latest/org/mockito/Mockito.html) library to mock objects and return mocked results for testing your rule logic.
### Create your test class
-Create a new class at `/src/test/java/sailpoint` named `UsernameGeneratorTest`. This class will serve as your test class.
+Create a new class at `/src/test/java/sailpoint` named `UsernameGeneratorTest`. This class will serve as your test class.
-### Configure the logging and rule file
+### Configure the logging and rule file
Create a logger instance with the name of your test class and set the `RULE_FILENAME` to the rule you want to test.
@@ -544,7 +544,7 @@ when(identity.getStringAttribute("otherName")).thenReturn("");
### Pass the mocked objects into the interpreter
-Pass the variables you mocked so that when the rule uses these objects, they return your mocked values.
+Pass the variables you mocked so that when the rule uses these objects, they return your mocked values.
```java
i.set("log", log);
@@ -579,7 +579,7 @@ To run the test with Maven, open the terminal and in the root of the project, ru
mvn test -Dtest="UsernameGeneratorTest"
```
-Run all tests in the tests directory:
+Run all tests in the tests directory:
```bash
mvn test
@@ -596,11 +596,11 @@ When your test runs, you will see the output of your logs. These logs can help w
13:02:18.233 [main] DEBUG sailpoint.UsernameGeneratorTest - AD Create User Name | Exit from the GenerateUsername Method
13:02:18.237 [main] INFO sailpoint.UsernameGeneratorTest - Beanshell script returned: tyler.s
[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 1.912 s -- in sailpoint.UsernameGeneratorTest
-[INFO]
+[INFO]
[INFO] Results:
-[INFO]
+[INFO]
[INFO] Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
-[INFO]
+[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
diff --git a/docs/tools/sdk/_category_.json b/docs/tools/sdk/_category_.json
index 5e0e7bf42..9548d4f09 100644
--- a/docs/tools/sdk/_category_.json
+++ b/docs/tools/sdk/_category_.json
@@ -1,5 +1,5 @@
{
- "customProps": {
- "description": "Streamlined development in your language of choice"
- }
-}
\ No newline at end of file
+ "customProps": {
+ "description": "Streamlined development in your language of choice"
+ }
+}
diff --git a/docs/tools/sdk/go/creating-resources.md b/docs/tools/sdk/go/creating-resources.md
index 192b28c86..869170bce 100644
--- a/docs/tools/sdk/go/creating-resources.md
+++ b/docs/tools/sdk/go/creating-resources.md
@@ -6,7 +6,7 @@ sidebar_label: Create a resource
sidebar_position: 2
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'create']
-description: Learn how to create new resources the Golang SDK in this guide.
+description: Learn how to create new resources the Golang SDK in this guide.
slug: /tools/sdk/go/create
tags: ['SDK', 'Software Development Kit']
---
diff --git a/docs/tools/sdk/go/deleting-resources.md b/docs/tools/sdk/go/deleting-resources.md
index 149b41ba1..f789238de 100644
--- a/docs/tools/sdk/go/deleting-resources.md
+++ b/docs/tools/sdk/go/deleting-resources.md
@@ -6,7 +6,7 @@ sidebar_label: Delete a resource
sidebar_position: 4
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'delete']
-description: Learn how to delete resources with the Golang SDK in this guide.
+description: Learn how to delete resources with the Golang SDK in this guide.
slug: /tools/sdk/go/delete
tags: ['SDK', 'Software Development Kit']
---
@@ -49,7 +49,7 @@ func main() {
}
```
-To run the code, run this command:
+To run the code, run this command:
```go
go run sdk.go
diff --git a/docs/tools/sdk/go/error-handling.md b/docs/tools/sdk/go/error-handling.md
index 92f7618be..a57cc1d2b 100644
--- a/docs/tools/sdk/go/error-handling.md
+++ b/docs/tools/sdk/go/error-handling.md
@@ -6,7 +6,7 @@ sidebar_label: Error Handling
sidebar_position: 8
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'error']
-description: Learn how to handle errors with the Golang SDK in this guide.
+description: Learn how to handle errors with the Golang SDK in this guide.
slug: /tools/sdk/go/error-handling
tags: ['SDK', 'Software Development Kit']
---
diff --git a/docs/tools/sdk/go/getting-started.md b/docs/tools/sdk/go/getting-started.md
index 1b7ec3490..2756c1c25 100644
--- a/docs/tools/sdk/go/getting-started.md
+++ b/docs/tools/sdk/go/getting-started.md
@@ -6,7 +6,7 @@ sidebar_label: Getting Started
sidebar_position: 1
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'start']
-description: Learn how to use the Golang SDK in this guide.
+description: Learn how to use the Golang SDK in this guide.
slug: /tools/sdk/go/getting-started
tags: ['SDK', 'Software Development Kit']
---
diff --git a/docs/tools/sdk/go/pagination.md b/docs/tools/sdk/go/pagination.md
index 70dfecc03..42bfbd361 100644
--- a/docs/tools/sdk/go/pagination.md
+++ b/docs/tools/sdk/go/pagination.md
@@ -6,7 +6,7 @@ sidebar_label: Paginate Results
sidebar_position: 5
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'paginate']
-description: Learn how to paginate results with the Golang SDK in this guide.
+description: Learn how to paginate results with the Golang SDK in this guide.
slug: /tools/sdk/go/paginate
tags: ['SDK', 'Software Development Kit']
---
diff --git a/docs/tools/sdk/go/retries.md b/docs/tools/sdk/go/retries.md
index dafe8d0ab..c7f24c0ad 100644
--- a/docs/tools/sdk/go/retries.md
+++ b/docs/tools/sdk/go/retries.md
@@ -6,12 +6,12 @@ sidebar_label: Retries
sidebar_position: 7
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'retry']
-description: Learn how to paginate results with the Golang SDK in this guide.
+description: Learn how to paginate results with the Golang SDK in this guide.
slug: /tools/sdk/go/retries
tags: ['SDK', 'Software Development Kit']
---
-The SDK uses the [go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) module to support retry logic.
+The SDK uses the [go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) module to support retry logic.
On line 17-18 of the following example, the SDK is set to retry if there is an unexpected error up to 10 times and wait 2 seconds between each retry:
diff --git a/docs/tools/sdk/go/search.md b/docs/tools/sdk/go/search.md
index 40c77a6eb..90c12558f 100644
--- a/docs/tools/sdk/go/search.md
+++ b/docs/tools/sdk/go/search.md
@@ -6,7 +6,7 @@ sidebar_label: Search
sidebar_position: 5
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'search']
-description: Learn how to search with the Golang SDK in this guide.
+description: Learn how to search with the Golang SDK in this guide.
slug: /tools/sdk/go/search
tags: ['SDK', 'Software Development Kit']
---
@@ -85,4 +85,4 @@ resp, r, err := sailpoint.PaginateSearchApi(ctx, apiClient, *search, 0, 10, 1000
The first value refers to the `initialOffset`, the starting number for the results, the second refers to the `increment`, the number of records per page, and the third refers to the `limit`, the last record that can be returned.
-For example, changing the first number to `21`, the second to `20`, and the third to `40` would configure the search to return records 21 to 40 and then stop.
\ No newline at end of file
+For example, changing the first number to `21`, the second to `20`, and the third to `40` would configure the search to return records 21 to 40 and then stop.
diff --git a/docs/tools/sdk/go/updating-resources.md b/docs/tools/sdk/go/updating-resources.md
index ef4fb6cbf..5fc4530d7 100644
--- a/docs/tools/sdk/go/updating-resources.md
+++ b/docs/tools/sdk/go/updating-resources.md
@@ -6,7 +6,7 @@ sidebar_label: Update a resource
sidebar_position: 3
sidebar_class_name: gosdk
keywords: ['go', 'golang', 'sdk', 'update']
-description: Learn how to update resources with the Golang SDK.
+description: Learn how to update resources with the Golang SDK.
slug: /tools/sdk/go/update
tags: ['SDK', 'Software Development Kit']
---
@@ -57,7 +57,7 @@ func main() {
```
-To run the code, run this command:
+To run the code, run this command:
```go
go run sdk.go
@@ -79,4 +79,4 @@ The updated WorkGroup will be returned by the SDK:
"type": "IDENTITY"
}
}
-```
\ No newline at end of file
+```
diff --git a/docs/tools/sdk/index.md b/docs/tools/sdk/index.md
index d7d8b39c4..68d5e9f7c 100644
--- a/docs/tools/sdk/index.md
+++ b/docs/tools/sdk/index.md
@@ -13,7 +13,7 @@ tags: ['SDK']
## Overview
-The SailPoint software development kits (SDKs) make it easier for developers to leverage the Identity Security Cloud (ISC) APIs, extensibility options, and connectivity while they build with their preferred coding languages.
+The SailPoint software development kits (SDKs) make it easier for developers to leverage the Identity Security Cloud (ISC) APIs, extensibility options, and connectivity while they build with their preferred coding languages.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
@@ -22,8 +22,8 @@ import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
```
-## Discuss
+## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the ISC SDKs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
\ No newline at end of file
+To learn more about the ISC SDKs and discuss them with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/isc/6).
diff --git a/docs/tools/sdk/powershell/creating-resources.md b/docs/tools/sdk/powershell/creating-resources.md
index 008becec2..e2fd8ecfb 100644
--- a/docs/tools/sdk/powershell/creating-resources.md
+++ b/docs/tools/sdk/powershell/creating-resources.md
@@ -19,7 +19,7 @@ To see a list of available create cmdlets, run this command:
Get-Command -Module PSSailpoint | where-object {$_.name -like "*New-*" } | Sort-Object Name | Get-Help | Format-Table Name, Synopsis
```
-The SDK returns this output (all beta endpoints are designated by the Beta prefix):
+The SDK returns this output (all beta endpoints are designated by the Beta prefix):
```powershell
Name Synopsis
@@ -60,10 +60,10 @@ $JSON = @"
$WorkGroup = ConvertFrom-BetaJsonToWorkgroupDto -Json $JSON
-$WorkGroup = Initialize-BetaWorkgroupDto -Name "DB Access Governance Group" -Description "Description of the Governance Group" -Owner @{
+$WorkGroup = Initialize-BetaWorkgroupDto -Name "DB Access Governance Group" -Description "Description of the Governance Group" -Owner @{
"type" = "IDENTITY"
"id" = $Identity.id
- "name" = $Identity.name
+ "name" = $Identity.name
}
New-BetaWorkgroup -WorkgroupDto $WorkGroup
@@ -86,6 +86,6 @@ memberCount 0
connectionCount 0
id a241d625-d948-4c41-839e-869b790837a1
name DB Access Governance Group
-created
-modified
+created
+modified
```
diff --git a/docs/tools/sdk/powershell/deleting-resources.md b/docs/tools/sdk/powershell/deleting-resources.md
index 4e984acd8..72362e970 100644
--- a/docs/tools/sdk/powershell/deleting-resources.md
+++ b/docs/tools/sdk/powershell/deleting-resources.md
@@ -26,7 +26,7 @@ Using the [WithHttpInfo Switch](./getting-started.md#withhttpinfo-switch) in the
```powershell
Name Value
---- -----
-Response
+Response
StatusCode 204
Headers {[Date, System.String[]], [Connection, System.String[]], [Server, System.String[]], [Vary, System.String[]]…}
```
diff --git a/docs/tools/sdk/powershell/error-handling.md b/docs/tools/sdk/powershell/error-handling.md
index 490a6e50b..e4e48d3f4 100644
--- a/docs/tools/sdk/powershell/error-handling.md
+++ b/docs/tools/sdk/powershell/error-handling.md
@@ -18,7 +18,7 @@ You can use a `try/catch` function to intercept any non success response and tak
```powershell
# Catch any non 2xx response and log the status code and error message
try {
- Get-Transforms -Filters "id eq"
+ Get-Transforms -Filters "id eq"
}
catch {
Write-Host $_.Exception.Response.StatusCode.value__
@@ -33,7 +33,7 @@ This code ensures that the `Get-AccessProfiles` cmdlet will never be called:
```powershell
# Catch any non 2xx response and log the status code and error message. Stop the script with the Exit keyword.
try {
- Get-Transforms -Filters "id eq"
+ Get-Transforms -Filters "id eq"
}
catch {
Write-Host $_.Exception.Response.StatusCode.value__
diff --git a/docs/tools/sdk/powershell/getting-started.md b/docs/tools/sdk/powershell/getting-started.md
index bd8f2d690..20a7b7bd3 100644
--- a/docs/tools/sdk/powershell/getting-started.md
+++ b/docs/tools/sdk/powershell/getting-started.md
@@ -71,42 +71,42 @@ Get-Help Get-Transforms -Detailed
```text
NAME
Get-Transforms
-
+
SYNOPSIS
List transforms
-
-
+
+
SYNTAX
Get-Transforms [[-Offset] ] [[-Limit] ] [[-Count] ] [[-Name] ] [[-Filters] ] [-WithHttpInfo] []
-
-
+
+
DESCRIPTION
Gets a list of all saved transform objects. A token with 'transforms-list read' authority is required to call this API.
-
+
PARAMETERS
-Offset
- Offset into the full result set. Usually specified with *limit* to paginate through the results. For more information, refer to [V3 API Standard Collection
+ Offset into the full result set. Usually specified with *limit* to paginate through the results. For more information, refer to [V3 API Standard Collection
Parameters](https://developer.sailpoint.com/docs/api/standard-collection-parameters).
-
+
-Limit
Max number of results to return. For more information, refer to [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/api/standard-collection-parameters).
-
+
-Count
- If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a
- performance impact, it is recommended not to send **count=true** if that value will not be used. For more information, refer to [V3 API Standard Collection
+ If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a
+ performance impact, it is recommended not to send **count=true** if that value will not be used. For more information, refer to [V3 API Standard Collection
Parameters](https://developer.sailpoint.com/docs/api/standard-collection-parameters).
-
+
-Name
Name of the transform to retrieve from the list.
-
+
-Filters
- Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/api/standard-collection-parameters#filtering-results). Filtering is
+ Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/api/standard-collection-parameters#filtering-results). Filtering is
supported for the following fields and operators: **internal**: *eq* **name**: *eq, sw*
-
+
-WithHttpInfo []
A switch that, when enabled, will return a hash table of Response, StatusCode and Headers, instead of just the Response.
-
+
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
diff --git a/docs/tools/sdk/powershell/pagination.md b/docs/tools/sdk/powershell/pagination.md
index e3b17d635..0a9c8fba0 100644
--- a/docs/tools/sdk/powershell/pagination.md
+++ b/docs/tools/sdk/powershell/pagination.md
@@ -32,7 +32,6 @@ try {
}
```
-
The `Invoke-Paginate` cmdlet takes a few paramters. The first is the cmdlet you wish to call.
The `-Function` specifies the name of the cmdlet you wish to call. This only works on list endpoints.
@@ -43,6 +42,6 @@ The `-Limit` specifies the total number of results you can return, 1000.
The `-Parameters` specifies a hashtable of additional values passed to the API endpoint. You would use this for `filters`, `sorters`, and any other query parameters.
-You can also provide an `-InitialOffset` value to specify the record number to start the request on. For example, you can provide add `-InitialOffset 10` to start getting accounts from 11 instead of 0.
+You can also provide an `-InitialOffset` value to specify the record number to start the request on. For example, you can provide add `-InitialOffset 10` to start getting accounts from 11 instead of 0.
To find out whether an endpoint supports pagination, refer to its documentation. Any API supporting pagination lists the optional query parameters detailed in [Paginating Results](/docs/api/standard-collection-parameters/#paginating-results).
diff --git a/docs/tools/sdk/powershell/retries.md b/docs/tools/sdk/powershell/retries.md
index e36a7f046..5b651d130 100644
--- a/docs/tools/sdk/powershell/retries.md
+++ b/docs/tools/sdk/powershell/retries.md
@@ -11,11 +11,10 @@ slug: /tools/sdk/powershell/retries
tags: ['SDK']
---
-
The SDK supports retry logic in the case of an unexpected error. You have these two retry configuration options:
-* MaximumRetryCount - How many times to retry the request. Default is 10 retries.
-* RetryIntervalSeconds - How many seconds to wait between retries. Default is 5 seconds.
+- MaximumRetryCount - How many times to retry the request. Default is 10 retries.
+- RetryIntervalSeconds - How many seconds to wait between retries. Default is 5 seconds.
The following code will tell the SDK to retry 2 times after an unexpected error and wait 3 seconds between retries.
diff --git a/docs/tools/sdk/powershell/updating-resources.md b/docs/tools/sdk/powershell/updating-resources.md
index f1ce2ddcf..4fe474d19 100644
--- a/docs/tools/sdk/powershell/updating-resources.md
+++ b/docs/tools/sdk/powershell/updating-resources.md
@@ -19,7 +19,7 @@ To see a list of available create cmdlets, run this command:
Get-Command -Module PSSailpoint | where-object {$_.name -like "*Update-*" } | Sort-Object Name | Get-Help | Format-Table Name, Synopsis
```
-The SDK returns this output (all beta endpoints are designated by the Beta prefix):
+The SDK returns this output (all beta endpoints are designated by the Beta prefix):
```powershell
Name Synopsis
diff --git a/docs/tools/sdk/typescript/creating-resources.md b/docs/tools/sdk/typescript/creating-resources.md
index 744bfa7cd..aa799e433 100644
--- a/docs/tools/sdk/typescript/creating-resources.md
+++ b/docs/tools/sdk/typescript/creating-resources.md
@@ -16,33 +16,37 @@ You can use the SDK to create new resources.
Here is an example create workgroup script from the beta APIs you can copy into your typescript project to try it out:
```typescript showLineNumbers
-import {Configuration, GovernanceGroupsBetaApi, GovernanceGroupsBetaApiCreateWorkgroupRequest, PublicIdentitiesApi} from "sailpoint-api-client"
+import {
+ Configuration,
+ GovernanceGroupsBetaApi,
+ GovernanceGroupsBetaApiCreateWorkgroupRequest,
+ PublicIdentitiesApi,
+} from 'sailpoint-api-client';
const createWorkGroup = async () => {
- let apiConfig = new Configuration()
- let identitiesApi = new PublicIdentitiesApi(apiConfig)
+ let apiConfig = new Configuration();
+ let identitiesApi = new PublicIdentitiesApi(apiConfig);
- let identity = (await identitiesApi.getPublicIdentities({limit: 1})).data[0]
+ let identity = (await identitiesApi.getPublicIdentities({limit: 1})).data[0];
- let api = new GovernanceGroupsBetaApi(apiConfig)
- let workgroup: GovernanceGroupsBetaApiCreateWorkgroupRequest = {
- workgroupDtoBeta: {
- name: "DB Access Governance Group",
- description: "Description of the Governance Group",
- owner: {
- id: identity.id,
- type: "IDENTITY",
- name: identity.name
- }
- }
- }
+ let api = new GovernanceGroupsBetaApi(apiConfig);
+ let workgroup: GovernanceGroupsBetaApiCreateWorkgroupRequest = {
+ workgroupDtoBeta: {
+ name: 'DB Access Governance Group',
+ description: 'Description of the Governance Group',
+ owner: {
+ id: identity.id,
+ type: 'IDENTITY',
+ name: identity.name,
+ },
+ },
+ };
- let val = await api.createWorkgroup(workgroup)
- console.log(val.data)
+ let val = await api.createWorkgroup(workgroup);
+ console.log(val.data);
+};
-}
-
-createWorkGroup()
+createWorkGroup();
```
Run this command to compile and run the code:
@@ -73,5 +77,5 @@ The WorkGroup will be returned by the SDK:
name: 'DB Access Governance Group',
created: null,
modified: null
-}
+}
```
diff --git a/docs/tools/sdk/typescript/deleting-resources.md b/docs/tools/sdk/typescript/deleting-resources.md
index d4d395db0..073fae0fd 100644
--- a/docs/tools/sdk/typescript/deleting-resources.md
+++ b/docs/tools/sdk/typescript/deleting-resources.md
@@ -16,23 +16,31 @@ You can use the SDK to delete resources.
Here is an example script that searches for the Workgroup created in [Create a resource](./creating-resources.md) by name and calls the delete method to remove it from your environment.
```typescript
-import {Configuration, GovernanceGroupsBetaApi, GovernanceGroupsBetaApiCreateWorkgroupRequest, GovernanceGroupsBetaApiPatchWorkgroupRequest, PublicIdentitiesApi} from "sailpoint-api-client"
+import {
+ Configuration,
+ GovernanceGroupsBetaApi,
+ GovernanceGroupsBetaApiCreateWorkgroupRequest,
+ GovernanceGroupsBetaApiPatchWorkgroupRequest,
+ PublicIdentitiesApi,
+} from 'sailpoint-api-client';
const deleteWorkgroup = async () => {
- let apiConfig = new Configuration()
- let api = new GovernanceGroupsBetaApi(apiConfig)
+ let apiConfig = new Configuration();
+ let api = new GovernanceGroupsBetaApi(apiConfig);
- let workgroup = (await api.listWorkgroups({filters: 'name eq "DB Access Governance Group"'})).data[0]
+ let workgroup = (
+ await api.listWorkgroups({filters: 'name eq "DB Access Governance Group"'})
+ ).data[0];
- if (workgroup.id !== undefined) {
- let deletionStatus = (await api.deleteWorkgroup({id: workgroup.id})).status
- console.log(deletionStatus)
- } else {
- console.log("Workgroup was not found, id is missing for delete request.")
- }
-}
+ if (workgroup.id !== undefined) {
+ let deletionStatus = (await api.deleteWorkgroup({id: workgroup.id})).status;
+ console.log(deletionStatus);
+ } else {
+ console.log('Workgroup was not found, id is missing for delete request.');
+ }
+};
-deleteWorkgroup()
+deleteWorkgroup();
```
Run this command to compile and run the code:
diff --git a/docs/tools/sdk/typescript/error-handling.md b/docs/tools/sdk/typescript/error-handling.md
index c9bdb794e..5f183aa14 100644
--- a/docs/tools/sdk/typescript/error-handling.md
+++ b/docs/tools/sdk/typescript/error-handling.md
@@ -18,10 +18,10 @@ The first method is to use a `catch` function to intercept any unsuccessful resp
```typescript showLineNumbers
// Catch any non 2xx response and log the error message and metadata
let transforms = await api.listTransforms().catch(function (error) {
- console.log(error.response.data);
- console.log(error.response.status);
- console.log(error.response.headers);
-})
+ console.log(error.response.data);
+ console.log(error.response.status);
+ console.log(error.response.headers);
+});
```
The second method is to define which HTTP status codes should throw an error for a given request using the `validateStatus` option. This gives you an opportunity to recover from a bad request without exiting the program.
@@ -30,17 +30,31 @@ If you don't want the program to exit for 4xx response codes, you can use this c
```typescript showLineNumbers
// Resolve only if the status code is less than 500
-let transforms = await api.listTransforms({filters: 'id eq'}, {validateStatus: function (status) { return status < 500 }})
+let transforms = await api.listTransforms(
+ {filters: 'id eq'},
+ {
+ validateStatus: function (status) {
+ return status < 500;
+ },
+ },
+);
if (transforms.status === 200) {
- console.log(transforms)
-} else if (transforms.status === 400 ) {
- console.log("The filter is invalid. Continuing execution.")
+ console.log(transforms);
+} else if (transforms.status === 400) {
+ console.log('The filter is invalid. Continuing execution.');
}
```
If you don't want the program to exit for any error response, you can use this configuration:
```typescript
-await api.listTransforms({}, {validateStatus: function (status) { return true }})
+await api.listTransforms(
+ {},
+ {
+ validateStatus: function (status) {
+ return true;
+ },
+ },
+);
```
diff --git a/docs/tools/sdk/typescript/getting-started.md b/docs/tools/sdk/typescript/getting-started.md
index 4b1d425f0..22fa2d1de 100644
--- a/docs/tools/sdk/typescript/getting-started.md
+++ b/docs/tools/sdk/typescript/getting-started.md
@@ -20,23 +20,23 @@ To make sure that your SDK is connecting to the APIs you need, you can specify t
### List Transforms in your tenant
```typescript
-import {Configuration, TransformsApi} from "sailpoint-api-client"
+import {Configuration, TransformsApi} from 'sailpoint-api-client';
-const getTransforms = async() => {
- // Initialize configuration, this requests a token using your configured credentials
- // to be able to call out to APIs
- let apiConfig = new Configuration()
+const getTransforms = async () => {
+ // Initialize configuration, this requests a token using your configured credentials
+ // to be able to call out to APIs
+ let apiConfig = new Configuration();
- // Initialize the TransformsApi, this creates an instance of the TransformsApi.
- // The configuration object is passed in so that the API can add your token to the request
- let api = new TransformsApi(apiConfig)
+ // Initialize the TransformsApi, this creates an instance of the TransformsApi.
+ // The configuration object is passed in so that the API can add your token to the request
+ let api = new TransformsApi(apiConfig);
- // Call out to your tenant to get the list of transforms.
- let transforms = await api.listTransforms()
- console.log(transforms)
-}
+ // Call out to your tenant to get the list of transforms.
+ let transforms = await api.listTransforms();
+ console.log(transforms);
+};
-getTransforms()
+getTransforms();
```
To compile the file, first run the `tsc src/index.ts` command. This command creates a corresponding `index.js` file you can use to run the SDK.
@@ -50,16 +50,19 @@ Using the same SDK function, you can list your transforms but limit the results
Refer to [List Transforms](https://developer.sailpoint.com/docs/api/v3/list-transforms) for all its supported query parameters.
```typescript
-import {Configuration, TransformsApi} from "sailpoint-api-client"
+import {Configuration, TransformsApi} from 'sailpoint-api-client';
-const getTransforms = async() => {
- let apiConfig = new Configuration()
- let api = new TransformsApi(apiConfig)
- let transforms = await api.listTransforms({limit: 10, filters: 'name sw "Test"'})
- console.log(transforms)
-}
+const getTransforms = async () => {
+ let apiConfig = new Configuration();
+ let api = new TransformsApi(apiConfig);
+ let transforms = await api.listTransforms({
+ limit: 10,
+ filters: 'name sw "Test"',
+ });
+ console.log(transforms);
+};
-getTransforms()
+getTransforms();
```
Run this command to compile and run the code:
diff --git a/docs/tools/sdk/typescript/pagination.md b/docs/tools/sdk/typescript/pagination.md
index e17694143..3694d90a4 100644
--- a/docs/tools/sdk/typescript/pagination.md
+++ b/docs/tools/sdk/typescript/pagination.md
@@ -16,18 +16,23 @@ By default, your requests will return a maximum of 250 records. To return more,
Pagination is implemented with the SDK in the following code block on line 7:
```typescript showLineNumbers
-import {Configuration, AccountsApi, Paginator} from "sailpoint-api-client"
+import {Configuration, AccountsApi, Paginator} from 'sailpoint-api-client';
const getPaginatedAccounts = async () => {
- let apiConfig = new Configuration()
- let api = new AccountsApi(apiConfig)
-
- const val = await Paginator.paginate(api, api.listAccounts, {limit: 1000}, 250)
+ let apiConfig = new Configuration();
+ let api = new AccountsApi(apiConfig);
- console.log(val)
-}
+ const val = await Paginator.paginate(
+ api,
+ api.listAccounts,
+ {limit: 1000},
+ 250,
+ );
-getPaginatedAccounts()
+ console.log(val);
+};
+
+getPaginatedAccounts();
```
Run this command to compile and run the code:
diff --git a/docs/tools/sdk/typescript/retries.md b/docs/tools/sdk/typescript/retries.md
index a808bd40f..18cf6546c 100644
--- a/docs/tools/sdk/typescript/retries.md
+++ b/docs/tools/sdk/typescript/retries.md
@@ -14,28 +14,30 @@ tags: ['SDK']
The SDK supports retry logic in the case of an unexpected error. You are able to configure the number of retries and the delay between retries. This logic is implemented in lines 7-12:
```typescript showLineNumbers
-import {Configuration, axiosRetry, AccountsApi, Paginator} from "sailpoint-api-client"
+import {
+ Configuration,
+ axiosRetry,
+ AccountsApi,
+ Paginator,
+} from 'sailpoint-api-client';
const getPaginatedAccounts = async () => {
+ let apiConfig = new Configuration();
+ apiConfig.retriesConfig = {
+ retries: 4,
+ retryDelay: axiosRetry.exponentialDelay,
+ onRetry(retryCount, error, requestConfig) {
+ console.log(`retrying due to request error, try number ${retryCount}`);
+ },
+ };
+ let api = new AccountsApi(apiConfig);
-
- let apiConfig = new Configuration()
- apiConfig.retriesConfig = {
- retries: 4,
- retryDelay: axiosRetry.exponentialDelay,
- onRetry(retryCount, error, requestConfig) {
- console.log(`retrying due to request error, try number ${retryCount}`)
- },
- }
- let api = new AccountsApi(apiConfig)
-
- const val = await Paginator.paginate(api, api.listAccounts, {limit: 100}, 10)
+ const val = await Paginator.paginate(api, api.listAccounts, {limit: 100}, 10);
- console.log(val)
+ console.log(val);
+};
-}
-
-getPaginatedAccounts()
+getPaginatedAccounts();
```
Run this command to compile and run the code:
diff --git a/docs/tools/sdk/typescript/search.md b/docs/tools/sdk/typescript/search.md
index ec089c0c1..c6e6a1e82 100644
--- a/docs/tools/sdk/typescript/search.md
+++ b/docs/tools/sdk/typescript/search.md
@@ -15,25 +15,22 @@ To try using the ISC [search functionality](/docs/api/v3/search-post) along with
```typescript
const search = async () => {
- let apiConfig = new Configuration()
- let api = new SearchApi(apiConfig)
- let search: Search = {
- indices: [
- "identities"
- ],
- query: {
- query: "*"
- },
- sort: ["-name"]
- }
- const val = await Paginator.paginateSearchApi(api, search, 100, 1000)
+ let apiConfig = new Configuration();
+ let api = new SearchApi(apiConfig);
+ let search: Search = {
+ indices: ['identities'],
+ query: {
+ query: '*',
+ },
+ sort: ['-name'],
+ };
+ const val = await Paginator.paginateSearchApi(api, search, 100, 1000);
- for (const result of val.data) {
- const castedResult: IdentityDocument = result
- console.log(castedResult.name)
- }
-
-}
+ for (const result of val.data) {
+ const castedResult: IdentityDocument = result;
+ console.log(castedResult.name);
+ }
+};
```
Run this command to compile and run the code:
@@ -44,6 +41,6 @@ tsc src/index.ts && node src/index.js
This example returns 1000 identities, 100 at a time, and sorts them in descending order by name. You can also change the search pagination by changing "100" and "1000", respectively.
-The two main ways you can manipulate this example are to change the `indices` or the `query`. For example, if you add `"access profiles"` to the indices, the SDK will search access profiles too. If you change the query to "a*", the search will return all records starting with the letter "a".
+The two main ways you can manipulate this example are to change the `indices` or the `query`. For example, if you add `"access profiles"` to the indices, the SDK will search access profiles too. If you change the query to "a\*", the search will return all records starting with the letter "a".
You can also change the sorting logic in the brackets next to `sort`.
diff --git a/docs/tools/sdk/typescript/updating-resources.md b/docs/tools/sdk/typescript/updating-resources.md
index 623bf13f6..2e42a483d 100644
--- a/docs/tools/sdk/typescript/updating-resources.md
+++ b/docs/tools/sdk/typescript/updating-resources.md
@@ -16,31 +16,41 @@ You can use the SDK to update resources.
Here is an example update WorkGroup script which will update the description for the Workgroup created in [Create a Resource](./creating-resources.md):
```typescript
-import {Configuration, GovernanceGroupsBetaApi, GovernanceGroupsBetaApiCreateWorkgroupRequest, GovernanceGroupsBetaApiPatchWorkgroupRequest, PublicIdentitiesApi} from "sailpoint-api-client"
+import {
+ Configuration,
+ GovernanceGroupsBetaApi,
+ GovernanceGroupsBetaApiCreateWorkgroupRequest,
+ GovernanceGroupsBetaApiPatchWorkgroupRequest,
+ PublicIdentitiesApi,
+} from 'sailpoint-api-client';
const updateWorkGroup = async () => {
- let apiConfig = new Configuration()
- let api = new GovernanceGroupsBetaApi(apiConfig)
+ let apiConfig = new Configuration();
+ let api = new GovernanceGroupsBetaApi(apiConfig);
- let workgroup = (await api.listWorkgroups({filters: 'name eq "DB Access Governance Group"'})).data[0]
+ let workgroup = (
+ await api.listWorkgroups({filters: 'name eq "DB Access Governance Group"'})
+ ).data[0];
- if (workgroup.id !== undefined) {
- let updatedWorkgroup: GovernanceGroupsBetaApiPatchWorkgroupRequest = {
- id: workgroup.id,
- jsonPatchOperationBeta: [{
- op: "replace",
- path: "/description",
- value: "This is an updated description for the workgroup."
- }]
- }
- let val = await api.patchWorkgroup(updatedWorkgroup)
- console.log(val.data)
- } else {
- console.log("Workgroup was not found, id is missing for patch request.")
- }
-}
+ if (workgroup.id !== undefined) {
+ let updatedWorkgroup: GovernanceGroupsBetaApiPatchWorkgroupRequest = {
+ id: workgroup.id,
+ jsonPatchOperationBeta: [
+ {
+ op: 'replace',
+ path: '/description',
+ value: 'This is an updated description for the workgroup.',
+ },
+ ],
+ };
+ let val = await api.patchWorkgroup(updatedWorkgroup);
+ console.log(val.data);
+ } else {
+ console.log('Workgroup was not found, id is missing for patch request.');
+ }
+};
-updateWorkGroup()
+updateWorkGroup();
```
Run this command to compile and run the code:
diff --git a/docs/tools/ui-development-kit/error-handling.md b/docs/tools/ui-development-kit/error-handling.md
index dc0de8fad..3af51d463 100644
--- a/docs/tools/ui-development-kit/error-handling.md
+++ b/docs/tools/ui-development-kit/error-handling.md
@@ -11,18 +11,17 @@ slug: /tools/ui-development-kit/error-handling
tags: ['UI', 'Error']
---
-Ideally, everything in your custom UIs will work smoothly, but you will likely encounter errors at some point when you're implementing a page. If you provide an invalid filter or sorter, the list accounts endpoint will return a 400 error, for example.
-You can handle this error by adding a `try catch` block to the server side of the accounts list page.
+Ideally, everything in your custom UIs will work smoothly, but you will likely encounter errors at some point when you're implementing a page. If you provide an invalid filter or sorter, the list accounts endpoint will return a 400 error, for example. You can handle this error by adding a `try catch` block to the server side of the accounts list page.
If any of your backend calls result in a server error or bad request, you also want to handle those errors.
-Read this guide to learn how to use the UI Development Kit to handle errors.
+Read this guide to learn how to use the UI Development Kit to handle errors.
## 400 Bad Request
If you provide an invalid filter or sorter, the [List Accounts Endpoint](https://developer.sailpoint.com/docs/api/v3/list-accounts) returns a 400 error. This example awaits the response and doesn't exit the program when a 4xx level status is received. If a 4xx level status is received, the user is redirected to an error page.
-Refer to this code block to learn how to implement error handling for invalid filters or sorters:
+Refer to this code block to learn how to implement error handling for invalid filters or sorters:
```typescript
import {createConfiguration} from '$lib/sailpoint/sdk.js';
@@ -80,7 +79,7 @@ export const load = async ({url, locals}) => {
You can update the code block to handle more than just the 400 level statuses. You can see the highlighted code changes to handle any error response from the API call. You can send back an error to the user with the status, a detailed message, the details about the parameters used that caused the error, and the error response from the API.
-Refer to this code block to learn how to implement error handling for other non-400 errors:
+Refer to this code block to learn how to implement error handling for other non-400 errors:
```typescript
import {createConfiguration} from '$lib/sailpoint/sdk.js';
@@ -136,8 +135,8 @@ export const load = async ({url, locals}) => {
};
```
-## Discuss
+## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the ISC UI Development Kit and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/identity-security-cloud/6).
\ No newline at end of file
+To learn more about the ISC UI Development Kit and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/identity-security-cloud/6).
diff --git a/docs/tools/ui-development-kit/index.md b/docs/tools/ui-development-kit/index.md
index c81c13dda..098613b2e 100644
--- a/docs/tools/ui-development-kit/index.md
+++ b/docs/tools/ui-development-kit/index.md
@@ -5,7 +5,7 @@ pagination_label: UDK
sidebar_label: UI Development Kit
sidebar_position: 4
sidebar_class_name: rudk
-keywords: ['UI', 'development','kit']
+keywords: ['UI', 'development', 'kit']
description: Develop custom user interfaces.
slug: /tools/ui-development-kit
tags: ['UI']
@@ -41,11 +41,11 @@ git clone git@github.com:sailpoint-oss/ui-development-kit.git
This project is built on [Svelte-Kit](https://kit.svelte.dev/) and ultimately builds an [Electron](https://www.electronjs.org/) application.
-Setting up the project is simple. The environment and application building process are configured so you can start creating custom UIs immediately. However, it is still helpful to understand the project structure.
+Setting up the project is simple. The environment and application building process are configured so you can start creating custom UIs immediately. However, it is still helpful to understand the project structure.
-Most of your activity will involve the `src` folder, such as adding new pages, routes, and sidebar items. You can learn more about these processes in [Getting Started](./getting-started.mdx).
+Most of your activity will involve the `src` folder, such as adding new pages, routes, and sidebar items. You can learn more about these processes in [Getting Started](./getting-started.mdx).
-This is the project structure:
+This is the project structure:
```bash
.
@@ -73,7 +73,7 @@ This is the project structure:
## Run the application for local development
-To run and develop the project locally, follow these steps:
+To run and develop the project locally, follow these steps:
1. In the root of the project run this command to install dependencies:
@@ -89,10 +89,10 @@ npm run dev
## Get started
-To start learning how to use the UI Development Kit and explore its possibilities, refer to [Getting Started](./getting-started.mdx).
+To start learning how to use the UI Development Kit and explore its possibilities, refer to [Getting Started](./getting-started.mdx).
-## Discuss
+## Discuss
-The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
+The most valuable resource for ISC developers is the SailPoint Developer Community itself, where ISC users and experts all over the world come together to ask questions and provide solutions.
-To learn more about the ISC UI Development Kit and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/identity-security-cloud/6).
\ No newline at end of file
+To learn more about the ISC UI Development Kit and discuss it with SailPoint Developer Community members, go to the [SailPoint Developer Community Forum](https://developer.sailpoint.com/discuss/c/identity-security-cloud/6).
diff --git a/docusaurus.config.js b/docusaurus.config.js
index 838cbee06..6353d5e51 100644
--- a/docusaurus.config.js
+++ b/docusaurus.config.js
@@ -79,15 +79,25 @@ const config = {
prism: {
theme: lightCodeTheme,
darkTheme: darkCodeTheme,
- additionalLanguages: ['http', 'java', 'ruby', 'php', 'csharp', 'powershell', 'bash', 'go', 'python'],
+ additionalLanguages: [
+ 'http',
+ 'java',
+ 'ruby',
+ 'php',
+ 'csharp',
+ 'powershell',
+ 'bash',
+ 'go',
+ 'python',
+ ],
},
mermaid: {
options: {
er: {
- layoutDirection: 'RL'
- }
+ layoutDirection: 'RL',
+ },
},
- }
+ },
}),
plugins: plugins,
diff --git a/sidebars.js b/sidebars.js
index abc654639..1d97501de 100644
--- a/sidebars.js
+++ b/sidebars.js
@@ -27,7 +27,7 @@ const sidebars = {
id: 'api/identity-security-cloud',
},
customProps: {
- description: "ISC API specifications."
+ description: 'ISC API specifications.',
},
items: [
{
@@ -95,7 +95,7 @@ const sidebars = {
id: 'api/non-employee',
},
customProps: {
- description: "NERM API specifications."
+ description: 'NERM API specifications.',
},
items: [
{
@@ -228,26 +228,26 @@ const sidebars = {
},
// @ts-ignore
items: require('./docs/api/iiq/sidebar.js'),
- },
+ },
{
- type: 'category',
- label: 'Plugin Developer Guide',
- link: {
- type: 'doc',
- id: 'plugin-developer-guide',
+ type: 'category',
+ label: 'Plugin Developer Guide',
+ link: {
+ type: 'doc',
+ id: 'plugin-developer-guide',
+ },
+ items: [
+ {
+ type: 'autogenerated',
+ dirName: 'iiq/plugin-developer-guide',
},
- items: [
- {
- type: 'autogenerated',
- dirName: 'iiq/plugin-developer-guide',
- },
- ],
- },
- {
- type: 'link',
- label: 'Product Documentation',
- href: 'https://documentation.sailpoint.com/#identityiq',
- },
+ ],
+ },
+ {
+ type: 'link',
+ label: 'Product Documentation',
+ href: 'https://documentation.sailpoint.com/#identityiq',
+ },
],
},
],
diff --git a/src/components/GitHubLink.js b/src/components/GitHubLink.js
index e337b2a98..0a6c6d35e 100644
--- a/src/components/GitHubLink.js
+++ b/src/components/GitHubLink.js
@@ -1,4 +1,4 @@
-import React, { useEffect, useState } from 'react';
+import React, {useEffect, useState} from 'react';
import useBaseUrl from '@docusaurus/useBaseUrl';
export default function GitHubPublicFileComponent({children, source}) {
const [fileContent, setFileContent] = useState('');
@@ -6,9 +6,7 @@ export default function GitHubPublicFileComponent({children, source}) {
useEffect(() => {
const fetchFileContent = async () => {
try {
- const response = await fetch(
- source
- );
+ const response = await fetch(source);
if (response.ok) {
const content = await response.text();
@@ -25,9 +23,8 @@ export default function GitHubPublicFileComponent({children, source}) {
}, []);
return (
-
-
+
);
-};
+}
diff --git a/src/components/MermaidViewer.js b/src/components/MermaidViewer.js
index f58c415f6..1de01bf1e 100644
--- a/src/components/MermaidViewer.js
+++ b/src/components/MermaidViewer.js
@@ -1,89 +1,165 @@
import React from 'react';
-import mermaid from 'mermaid'
+import mermaid from 'mermaid';
import useBaseUrl from '@docusaurus/useBaseUrl';
import styles from './styles.module.css';
-export default function MermaidViewer({ children, diagram }) {
+export default function MermaidViewer({children, diagram}) {
mermaid.contentLoaded();
const [width, setWidth] = React.useState(0);
- const [mermaidCursorStart, setMermaidCursorStart] = React.useState({ cursor: 'grab', clickX: 0, clickY: 0, offsetX: 0, offsetY: 0 });
- const [mermaidCursorMoving, setMermaidCursorMoving] = React.useState({ x: 0, y: 0 });
+ const [mermaidCursorStart, setMermaidCursorStart] = React.useState({
+ cursor: 'grab',
+ clickX: 0,
+ clickY: 0,
+ offsetX: 0,
+ offsetY: 0,
+ });
+ const [mermaidCursorMoving, setMermaidCursorMoving] = React.useState({
+ x: 0,
+ y: 0,
+ });
const [mermaidRender, setMermaidRender] = React.useState(false);
function increaseWidth(e) {
- setWidth(width + 300)
+ setWidth(width + 300);
}
function decreaseWidth(e) {
- setWidth(width - 300)
+ setWidth(width - 300);
}
function resetWidth(e) {
- setWidth(0)
- setMermaidCursorStart({ cursor: 'grab', clickX: e.screenX, clickY: e.screenY, offsetX: 0, offsetY: 0 })
- setMermaidCursorMoving({ x: 0, y: 0 })
+ setWidth(0);
+ setMermaidCursorStart({
+ cursor: 'grab',
+ clickX: e.screenX,
+ clickY: e.screenY,
+ offsetX: 0,
+ offsetY: 0,
+ });
+ setMermaidCursorMoving({x: 0, y: 0});
}
function setMouseDown(e) {
if (e.screenX) {
- setMermaidCursorStart({ cursor: 'grabbing', clickX: e.screenX, clickY: e.screenY, offsetX: mermaidCursorMoving.x, offsetY: mermaidCursorMoving.y })
- setMermaidCursorMoving({ x: mermaidCursorMoving.x, y: mermaidCursorMoving.y })
+ setMermaidCursorStart({
+ cursor: 'grabbing',
+ clickX: e.screenX,
+ clickY: e.screenY,
+ offsetX: mermaidCursorMoving.x,
+ offsetY: mermaidCursorMoving.y,
+ });
+ setMermaidCursorMoving({
+ x: mermaidCursorMoving.x,
+ y: mermaidCursorMoving.y,
+ });
} else {
- setMermaidCursorStart({ cursor: 'grabbing', clickX: e.changedTouches[0].screenX, clickY: e.changedTouches[0].screenY, offsetX: mermaidCursorMoving.x, offsetY: mermaidCursorMoving.y })
- setMermaidCursorMoving({ x: mermaidCursorMoving.x, y: mermaidCursorMoving.y })
+ setMermaidCursorStart({
+ cursor: 'grabbing',
+ clickX: e.changedTouches[0].screenX,
+ clickY: e.changedTouches[0].screenY,
+ offsetX: mermaidCursorMoving.x,
+ offsetY: mermaidCursorMoving.y,
+ });
+ setMermaidCursorMoving({
+ x: mermaidCursorMoving.x,
+ y: mermaidCursorMoving.y,
+ });
}
-
}
function setMouseUp(e) {
- setMermaidCursorStart({ cursor: 'grab', clickX: 0, clickY: 0 })
+ setMermaidCursorStart({cursor: 'grab', clickX: 0, clickY: 0});
}
function drag(e) {
if (mermaidCursorStart.cursor === 'grabbing') {
if (e.screenX) {
- setMermaidCursorMoving({ x: mermaidCursorStart.clickX - e.screenX + mermaidCursorStart.offsetX, y: mermaidCursorStart.clickY - e.screenY + mermaidCursorStart.offsetY })
+ setMermaidCursorMoving({
+ x: mermaidCursorStart.clickX - e.screenX + mermaidCursorStart.offsetX,
+ y: mermaidCursorStart.clickY - e.screenY + mermaidCursorStart.offsetY,
+ });
} else {
- setMermaidCursorMoving({ x: mermaidCursorStart.clickX - e.changedTouches[0].screenX + mermaidCursorStart.offsetX, y: mermaidCursorStart.clickY - e.changedTouches[0].screenY + mermaidCursorStart.offsetY })
+ setMermaidCursorMoving({
+ x:
+ mermaidCursorStart.clickX -
+ e.changedTouches[0].screenX +
+ mermaidCursorStart.offsetX,
+ y:
+ mermaidCursorStart.clickY -
+ e.changedTouches[0].screenY +
+ mermaidCursorStart.offsetY,
+ });
}
-
-
}
}
-
React.useEffect(() => {
let canceled = false;
setTimeout(() => {
if (!canceled) {
- setMermaidRender(true)
+ setMermaidRender(true);
}
}, 100);
return () => {
canceled = true;
};
- })
-
+ });
let renderedDiagram;
let loadingIndicator;
if (mermaidRender === true) {
- loadingIndicator =
- renderedDiagram =
})
+