diff --git a/.gitignore b/.gitignore
index 12dfb57af..2eea48391 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,6 +33,7 @@ yarn.lock
/docs/api/beta
/docs/api/iiq
/docs/api/nerm/*
+/docs/api/v2024/*
!/docs/api/nerm/authentication.md
!/docs/api/nerm/pagination-metadata-filtering.md
!/docs/api/nerm/getting-started.md
diff --git a/createApiPageMD.ts b/createApiPageMD.ts
new file mode 100644
index 000000000..6a76590a4
--- /dev/null
+++ b/createApiPageMD.ts
@@ -0,0 +1,116 @@
+import { createAuthentication } from "docusaurus-plugin-openapi-docs/src/markdown/createAuthentication";
+import { createAuthorization } from "docusaurus-plugin-openapi-docs/src/markdown/createAuthorization";
+import { createCallbacks } from "docusaurus-plugin-openapi-docs/src/markdown/createCallbacks";
+import { createContactInfo } from "docusaurus-plugin-openapi-docs/src/markdown/createContactInfo";
+import { createDeprecationNotice } from "docusaurus-plugin-openapi-docs/src/markdown/createDeprecationNotice";
+import { createDescription } from "docusaurus-plugin-openapi-docs/src/markdown/createDescription";
+import { createDownload } from "docusaurus-plugin-openapi-docs/src/markdown/createDownload";
+import { createHeading } from "docusaurus-plugin-openapi-docs/src/markdown/createHeading";
+import { createLicense } from "docusaurus-plugin-openapi-docs/src/markdown/createLicense";
+import { createLogo } from "docusaurus-plugin-openapi-docs/src/markdown/createLogo";
+import { createMethodEndpoint } from "docusaurus-plugin-openapi-docs/src/markdown/createMethodEndpoint";
+import { createParamsDetails } from "docusaurus-plugin-openapi-docs/src/markdown/createParamsDetails";
+import { createRequestBodyDetails } from "docusaurus-plugin-openapi-docs/src/markdown/createRequestBodyDetails";
+import { createRequestHeader } from "docusaurus-plugin-openapi-docs/src/markdown/createRequestHeader";
+import { createNodes } from "docusaurus-plugin-openapi-docs/src/markdown/createSchema";
+import { createStatusCodes } from "docusaurus-plugin-openapi-docs/src/markdown/createStatusCodes";
+import { createTermsOfService } from "docusaurus-plugin-openapi-docs/src/markdown/createTermsOfService";
+import { createVendorExtensions } from "docusaurus-plugin-openapi-docs/src/markdown/createVendorExtensions";
+import { createVersionBadge } from "docusaurus-plugin-openapi-docs/src/markdown/createVersionBadge";
+import { create, greaterThan, lessThan, render } from "docusaurus-plugin-openapi-docs/src/markdown/utils";
+import {
+ ContactObject,
+ LicenseObject,
+ MediaTypeObject,
+ SecuritySchemeObject,
+} from "docusaurus-plugin-openapi-docs/src/openapi/types";
+import {
+ ApiPageMetadata,
+ InfoPageMetadata,
+ SchemaPageMetadata,
+ TagPageMetadata,
+} from "docusaurus-plugin-openapi-docs/src/types";
+
+interface RequestBodyProps {
+ title: string;
+ body: {
+ content?: {
+ [key: string]: MediaTypeObject;
+ };
+ description?: string;
+ required?: boolean;
+ };
+}
+
+export function createApiPageMD({
+ title,
+ api: {
+ deprecated,
+ "x-deprecated-description": deprecatedDescription,
+ description,
+ method,
+ path,
+ extensions,
+ parameters,
+ requestBody,
+ responses,
+ callbacks,
+ },
+ infoPath,
+ frontMatter,
+}: ApiPageMetadata) {
+ return render([
+ `import ApiTabs from "@theme/ApiTabs";\n`,
+ `import DiscriminatorTabs from "@theme/DiscriminatorTabs";\n`,
+ `import MethodEndpoint from "@theme/ApiExplorer/MethodEndpoint";\n`,
+ `import SecuritySchemes from "@theme/ApiExplorer/SecuritySchemes";\n`,
+ `import MimeTabs from "@theme/MimeTabs";\n`,
+ `import ParamsItem from "@theme/ParamsItem";\n`,
+ `import ResponseSamples from "@theme/ResponseSamples";\n`,
+ `import SchemaItem from "@theme/SchemaItem";\n`,
+ `import SchemaTabs from "@theme/SchemaTabs";\n`,
+ `import Markdown from "@theme/Markdown";\n`,
+ `import Heading from "@theme/Heading";\n`,
+ `import OperationTabs from "@theme/OperationTabs";\n`,
+ `import TabItem from "@theme/TabItem";\n\n`,
+ createHeading(title),
+ createMethodEndpoint(method, path),
+ infoPath && createAuthorization(infoPath),
+ frontMatter.show_extensions
+ ? createVendorExtensions(extensions)
+ : undefined,
+ createDeprecation({ deprecated, description: deprecatedDescription }),
+ createExperimentalNotice(parameters),
+ createDescription(description),
+ requestBody || parameters ? createRequestHeader("Request") : undefined,
+ createParamsDetails({ parameters, type: "path" }),
+ createParamsDetails({ parameters, type: "query" }),
+ createParamsDetails({ parameters, type: "header" }),
+ createParamsDetails({ parameters, type: "cookie" }),
+ createRequestBodyDetails({
+ title: "Body",
+ body: requestBody,
+ } as RequestBodyProps),
+ createStatusCodes({ responses }),
+ createCallbacks({ callbacks }),
+ ]);
+}
+
+
+function createDeprecation({ deprecated, description }: { deprecated?: boolean; description?: string }) {
+ if (deprecated == true) {
+ if (description !== undefined) {
+ return `:::caution deprecated\n\n${description}\n\n:::`;
+ } else {
+ return `:::caution deprecated\n\nThis endpoint has been deprecated and may be replaced or removed in future versions of the API.\n\n:::`;
+ }
+ }
+}
+
+function createExperimentalNotice(parameters){
+ if (parameters && parameters.some(element => element.in === 'header' && element.name === 'X-SailPoint-Experimental')) {
+ return ":::warning experimental\n\nThis API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.\n\n:::\n\n";
+ }
+ // Return an empty string if the condition is not met
+ return "";
+}
\ No newline at end of file
diff --git a/docs/api/api-specifications.md b/docs/api/api-specifications.md
index 1a14f0b76..f3759c98c 100644
--- a/docs/api/api-specifications.md
+++ b/docs/api/api-specifications.md
@@ -1,4 +1,4 @@
----
+
diff --git a/docs/api/identity-security-cloud.md b/docs/api/identity-security-cloud.md
index bc7dd1ea1..0824eaecd 100644
--- a/docs/api/identity-security-cloud.md
+++ b/docs/api/identity-security-cloud.md
@@ -1,4 +1,4 @@
----
+
diff --git a/navbar.js b/navbar.js
index 09b10c65b..6d7803f3d 100644
--- a/navbar.js
+++ b/navbar.js
@@ -15,7 +15,16 @@ module.exports = {
{label: 'IdentityIQ', to: '/docs/iiq'},
],
},
-
+ {
+ type: 'dropdown',
+ label: 'API Specifications',
+ position: 'left',
+ items: [
+ {label: 'Identity Security Cloud', to: '/docs/api/v2024'},
+ {label: 'IdentityIQ', to: '/docs/api/iiq'},
+ {label: 'NERM', to: '/docs/api/nerm/v1'},
+ ],
+ },
{
type: 'dropdown',
label: 'Community',
diff --git a/package-lock.json b/package-lock.json
index c78f9e05b..025b49328 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -21,7 +21,7 @@
"autoprefixer": "^10.4.13",
"classnames": "^2.3.2",
"clsx": "^2.0.0",
- "docusaurus-plugin-openapi-docs": "^3.0.1",
+ "docusaurus-plugin-openapi-docs": "^0.0.0-761",
"docusaurus-theme-openapi-docs": "^3.0.1",
"docusaurus2-dotenv": "^1.4.0",
"esbuild-loader": "^2.20.0",
@@ -7500,9 +7500,9 @@
}
},
"node_modules/docusaurus-plugin-openapi-docs": {
- "version": "3.0.1",
- "resolved": "https://registry.npmjs.org/docusaurus-plugin-openapi-docs/-/docusaurus-plugin-openapi-docs-3.0.1.tgz",
- "integrity": "sha512-6SRqwey/TXMNu2G02mbWgxrifhpjGOjDr30N+58AR0Ytgc+HXMqlPAUIvTe+e7sOBfAtBbiNlmOWv5KSYIjf3w==",
+ "version": "0.0.0-761",
+ "resolved": "https://registry.npmjs.org/docusaurus-plugin-openapi-docs/-/docusaurus-plugin-openapi-docs-0.0.0-761.tgz",
+ "integrity": "sha512-MstupMKsGzhcBvL+kuEzp/rYDVb65JPF/vi/Ydp4pzKFbMiyGJmgsD99pCn4CZAkszlplD6EckD5kXuy877wWg==",
"dependencies": {
"@apidevtools/json-schema-ref-parser": "^11.5.4",
"@docusaurus/plugin-content-docs": "^3.0.1",
@@ -7692,6 +7692,51 @@
"node": ">=6"
}
},
+ "node_modules/docusaurus-theme-openapi-docs/node_modules/docusaurus-plugin-openapi-docs": {
+ "version": "3.0.1",
+ "resolved": "https://registry.npmjs.org/docusaurus-plugin-openapi-docs/-/docusaurus-plugin-openapi-docs-3.0.1.tgz",
+ "integrity": "sha512-6SRqwey/TXMNu2G02mbWgxrifhpjGOjDr30N+58AR0Ytgc+HXMqlPAUIvTe+e7sOBfAtBbiNlmOWv5KSYIjf3w==",
+ "dependencies": {
+ "@apidevtools/json-schema-ref-parser": "^11.5.4",
+ "@docusaurus/plugin-content-docs": "^3.0.1",
+ "@docusaurus/utils": "^3.0.1",
+ "@docusaurus/utils-validation": "^3.0.1",
+ "@redocly/openapi-core": "^1.10.5",
+ "chalk": "^4.1.2",
+ "clsx": "^1.1.1",
+ "fs-extra": "^9.0.1",
+ "json-pointer": "^0.6.2",
+ "json-schema-merge-allof": "^0.8.1",
+ "json5": "^2.2.3",
+ "lodash": "^4.17.20",
+ "mustache": "^4.2.0",
+ "openapi-to-postmanv2": "^4.21.0",
+ "postman-collection": "^4.4.0",
+ "slugify": "^1.6.5",
+ "swagger2openapi": "^7.0.8",
+ "xml-formatter": "^2.6.1"
+ },
+ "engines": {
+ "node": ">=14"
+ },
+ "peerDependencies": {
+ "react": "^16.8.4 || ^17.0.0 || ^18.0.0"
+ }
+ },
+ "node_modules/docusaurus-theme-openapi-docs/node_modules/fs-extra": {
+ "version": "9.1.0",
+ "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+ "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
+ "dependencies": {
+ "at-least-node": "^1.0.0",
+ "graceful-fs": "^4.2.0",
+ "jsonfile": "^6.0.1",
+ "universalify": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=10"
+ }
+ },
"node_modules/docusaurus2-dotenv": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/docusaurus2-dotenv/-/docusaurus2-dotenv-1.4.0.tgz",
diff --git a/package.json b/package.json
index 5c52d9dfe..2d8d41255 100644
--- a/package.json
+++ b/package.json
@@ -16,8 +16,8 @@
"clean-api-docs": "docusaurus clean-api-docs",
"gen-api-docs:version": "docusaurus gen-api-docs:version",
"clean-api-docs:version": "docusaurus clean-api-docs:version",
- "gen-api-docs-all": "docusaurus gen-api-docs idn_v3 --plugin-id idn-api && docusaurus gen-api-docs idn_beta --plugin-id idn-api && docusaurus gen-api-docs iiq --plugin-id iiq-api && docusaurus gen-api-docs nerm --plugin-id nerm-api",
- "clean-api-docs-all": "docusaurus clean-api-docs idn_v3 --plugin-id idn-api && docusaurus clean-api-docs idn_beta --plugin-id idn-api && docusaurus clean-api-docs iiq --plugin-id iiq-api && docusaurus clean-api-docs nerm --plugin-id nerm-api",
+ "gen-api-docs-all": "docusaurus gen-api-docs:version isc_versioned:all --plugin-id isc-api && docusaurus gen-api-docs isc_versioned --plugin-id isc-api && docusaurus gen-api-docs iiq --plugin-id iiq-api && docusaurus gen-api-docs nerm --plugin-id nerm-api",
+ "clean-api-docs-all": "docusaurus clean-api-docs isc_versioned --plugin-id isc-api && docusaurus clean-api-docs:version isc_versioned:all --plugin-id isc-api && docusaurus clean-api-docs iiq --plugin-id iiq-api && docusaurus clean-api-docs nerm --plugin-id nerm-api",
"rebuild-docs": "npm run clean-api-docs-all && npm run gen-api-docs-all"
},
"dependencies": {
@@ -34,7 +34,7 @@
"autoprefixer": "^10.4.13",
"classnames": "^2.3.2",
"clsx": "^2.0.0",
- "docusaurus-plugin-openapi-docs": "^3.0.1",
+ "docusaurus-plugin-openapi-docs": "^0.0.0-761",
"docusaurus-theme-openapi-docs": "^3.0.1",
"docusaurus2-dotenv": "^1.4.0",
"esbuild-loader": "^2.20.0",
diff --git a/plugins.js b/plugins.js
index 404cc7b26..377eac95e 100644
--- a/plugins.js
+++ b/plugins.js
@@ -1,3 +1,5 @@
+const {createApiPageMD} = require('./createApiPageMD');
+
module.exports = [
[
'docusaurus2-dotenv',
@@ -1619,6 +1621,52 @@ module.exports = [
},
},
],
+ [
+ 'docusaurus-plugin-openapi-docs',
+ {
+ id: 'isc-api',
+ docsPluginId: 'isc',
+ config: {
+ isc_versioned: {
+ specPath: 'static/api-specs/idn/sailpoint-api.v2024.yaml',
+ outputDir: 'docs/api/v2024',
+ sidebarOptions: {
+ groupPathsBy: 'tag',
+ categoryLinkSource: 'tag',
+ },
+ version: 'v2024',
+ label: 'v2024',
+ baseUrl: '/docs/api/v2024',
+ template: 'api.mustache',
+ markdownGenerators: {
+ createApiPageMD,
+ },
+ versions: {
+ // v2025: {
+ // specPath: 'static/api-specs/idn/sailpoint-api.v2025.yaml',
+ // outputDir: 'docs/api/v2025',
+ // label: 'v2025',
+ // baseUrl: '/docs/api/v2025',
+ // },
+ v3: {
+ specPath: 'static/api-specs/idn/sailpoint-api.v3.yaml',
+ outputDir: 'docs/api/v3',
+ downloadUrl: 'https://raw.githubusercontent.com/sailpoint-oss/api-specs/main/dereferenced/deref-sailpoint-api.v3.yaml',
+ label: 'v3',
+ baseUrl: '/docs/api/v3',
+ },
+ beta: {
+ specPath: 'static/api-specs/idn/sailpoint-api.beta.yaml',
+ outputDir: 'docs/api/beta',
+ downloadUrl: 'https://raw.githubusercontent.com/sailpoint-oss/api-specs/main/dereferenced/deref-sailpoint-api.beta.yaml',
+ label: 'Beta',
+ baseUrl: '/docs/api/beta',
+ },
+ },
+ },
+ },
+ },
+ ],
[
'docusaurus-plugin-openapi-docs',
{
@@ -1660,7 +1708,7 @@ module.exports = [
},
],
[
- "@gracefullight/docusaurus-plugin-microsoft-clarity",
- { projectId: "naher5vlxx" },
+ '@gracefullight/docusaurus-plugin-microsoft-clarity',
+ {projectId: 'naher5vlxx'},
],
];
diff --git a/sidebars.js b/sidebars.js
index a305be25c..f25eac722 100644
--- a/sidebars.js
+++ b/sidebars.js
@@ -1,3 +1,9 @@
+const versions = require('./docs/api/v2024/versions.json');
+const {
+ versionSelector,
+ versionCrumb,
+} = require('docusaurus-plugin-openapi-docs/lib/sidebars/utils');
+
const sidebars = {
openApiSidebar: [
{
@@ -9,128 +15,6 @@ const sidebars = {
id: 'docs',
},
items: [
- {
- type: 'category',
- label: 'API Specifications',
- collapsible: false,
- link: {
- type: 'doc',
- id: 'api/api-specifications',
- },
- items: [
- {
- type: 'category',
- label: 'Identity Security Cloud',
- collapsible: true,
- link: {
- type: 'doc',
- id: 'api/identity-security-cloud',
- },
- customProps: {
- description: 'ISC API specifications.',
- },
- items: [
- {
- type: 'doc',
- id: 'api/getting-started',
- },
- {
- type: 'doc',
- id: 'api/authentication',
- },
- {
- type: 'doc',
- id: 'api/authorization',
- },
- {
- type: 'doc',
- id: 'api/standard-collection-parameters',
- },
- {
- type: 'doc',
- id: 'api/rate-limit',
- },
- {
- type: 'doc',
- id: 'api/api-versioning-strategy',
- },
- {
- type: 'doc',
- id: 'api/postman-collections',
- },
- {
- type: 'doc',
- id: 'api/patch-requests',
- },
- {
- type: 'category',
- label: 'V3 APIs',
- link: {
- type: 'generated-index',
- title: 'V3 APIs',
- description:
- 'Use these APIs to interact with the IdentityNow platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
- slug: '/api/v3',
- },
- // @ts-ignore
- items: require('./docs/api/v3/sidebar.ts'),
- },
- {
- type: 'category',
- label: 'Beta APIs',
- link: {
- type: 'generated-index',
- title: 'Beta APIs',
- description:
- 'Use these APIs to interact with the IdentityNow platform to achieve repeatable, automated processes with greater scalability. These APIs are in beta and are subject to change. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
- slug: '/api/beta',
- },
- // @ts-ignore
- items: require('./docs/api/beta/sidebar.ts'),
- },
- ],
- },
- {
- type: 'category',
- label: 'NERM',
- collapsible: true,
- link: {
- type: 'doc',
- id: 'api/non-employee',
- },
- customProps: {
- description: 'NERM API specifications.',
- },
- items: [
- {
- type: 'doc',
- id: 'api/nerm/getting-started',
- },
- {
- type: 'doc',
- id: 'api/nerm/authentication',
- },
- {
- type: 'doc',
- id: 'api/nerm/pagination-metadata-filtering',
- },
- {
- type: 'category',
- label: 'NERM v1 API',
- link: {
- type: 'generated-index',
- title: 'NERM v1 API',
- description:
- 'These are the Non-employee Risk Management APIs for SailPoint. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
- slug: '/api/nerm/v1',
- },
- // @ts-ignore
- items: require('./docs/api/nerm/v1/sidebar.ts'),
- },
- ],
- },
- ],
- },
{
type: 'category',
label: 'Extensibility',
@@ -219,20 +103,6 @@ const sidebars = {
id: 'iiq',
},
items: [
- {
- type: 'category',
- label: 'API Specifications',
- collapsible: false,
- link: {
- type: 'generated-index',
- title: 'API Specifications',
- description:
- "These are the SCIM APIs for SailPoint's on-premise service, IdentityIQ. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.",
- slug: '/api/iiq',
- },
- // @ts-ignore
- items: require('./docs/api/iiq/sidebar.ts'),
- },
{
type: 'category',
label: 'Plugin Developer Guide',
@@ -255,5 +125,233 @@ const sidebars = {
],
},
],
+ iiqApiSideBar: [
+ {
+ type: 'category',
+ label: 'API Specifications',
+ collapsible: false,
+ link: {
+ type: 'generated-index',
+ title: 'API Specifications',
+ description:
+ "These are the SCIM APIs for SailPoint's on-premise service, IdentityIQ. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.",
+ slug: '/api/iiq',
+ },
+ // @ts-ignore
+ items: require('./docs/api/iiq/sidebar.ts'),
+ },
+ ],
+ nermSideBar: [
+ {
+ type: 'category',
+ label: 'NERM',
+ collapsible: true,
+ link: {
+ type: 'doc',
+ id: 'api/non-employee',
+ },
+ customProps: {
+ description: 'NERM API specifications.',
+ },
+ items: [
+ {
+ type: 'doc',
+ id: 'api/nerm/getting-started',
+ },
+ {
+ type: 'doc',
+ id: 'api/nerm/authentication',
+ },
+ {
+ type: 'doc',
+ id: 'api/nerm/pagination-metadata-filtering',
+ },
+ {
+ type: 'category',
+ label: 'NERM v1 API',
+ link: {
+ type: 'generated-index',
+ title: 'NERM v1 API',
+ description:
+ 'These are the Non-employee Risk Management APIs for SailPoint. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
+ slug: '/api/nerm/v1',
+ },
+ // @ts-ignore
+ items: require('./docs/api/nerm/v1/sidebar.ts'),
+ },
+ ],
+ },
+ ],
+ isc_2024_sidebar: [
+ {
+ type: 'html',
+ defaultStyle: true,
+ value: versionSelector(versions),
+ className: 'version-button',
+ },
+ {
+ type: 'html',
+ defaultStyle: true,
+ value: versionCrumb(`v2024`),
+ },
+ // {
+ // type: "html",
+ // defaultStyle: true,
+ // value: ` `,
+ // },
+ {
+ type: 'doc',
+ id: 'api/getting-started',
+ },
+ {
+ type: 'doc',
+ id: 'api/authentication',
+ },
+ {
+ type: 'doc',
+ id: 'api/authorization',
+ },
+ {
+ type: 'doc',
+ id: 'api/standard-collection-parameters',
+ },
+ {
+ type: 'doc',
+ id: 'api/rate-limit',
+ },
+ {
+ type: 'doc',
+ id: 'api/postman-collections',
+ },
+ {
+ type: 'doc',
+ id: 'api/patch-requests',
+ },
+ {
+ type: 'category',
+ label: 'V2024 APIs',
+ link: {
+ type: 'generated-index',
+ title: 'v2024 APIs',
+ description:
+ 'Use these APIs to interact with the IdentityNow platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
+ slug: '/api/v2024',
+ },
+ // @ts-ignore
+ items: require('./docs/api/v2024/sidebar.ts'),
+ },
+ ],
+ isc_beta_sidebar: [
+ {
+ type: 'html',
+ defaultStyle: true,
+ value: versionSelector(versions),
+ className: 'version-button',
+ },
+ {
+ type: 'html',
+ defaultStyle: true,
+ value: versionCrumb(`beta`),
+ },
+ {
+ type: 'doc',
+ id: 'api/getting-started',
+ },
+ {
+ type: 'doc',
+ id: 'api/authentication',
+ },
+ {
+ type: 'doc',
+ id: 'api/authorization',
+ },
+ {
+ type: 'doc',
+ id: 'api/standard-collection-parameters',
+ },
+ {
+ type: 'doc',
+ id: 'api/rate-limit',
+ },
+ {
+ type: 'doc',
+ id: 'api/postman-collections',
+ },
+ {
+ type: 'doc',
+ id: 'api/patch-requests',
+ },
+ {
+ type: 'category',
+ label: 'Beta APIs',
+ link: {
+ type: 'generated-index',
+ title: 'Beta APIs',
+ description:
+ 'Use these APIs to interact with the IdentityNow platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
+ slug: '/api/beta',
+ },
+ // @ts-ignore
+ items: require('./docs/api/beta/sidebar.ts'),
+ },
+ ],
+ isc_v3_sidebar: [
+ {
+ type: 'html',
+ defaultStyle: true,
+ value: versionSelector(versions),
+ className: 'version-button',
+ },
+ {
+ type: 'html',
+ defaultStyle: true,
+ value: versionCrumb(`v3`),
+ },
+ {
+ type: 'doc',
+ id: 'api/getting-started',
+ },
+ {
+ type: 'doc',
+ id: 'api/authentication',
+ },
+ {
+ type: 'doc',
+ id: 'api/authorization',
+ },
+ {
+ type: 'doc',
+ id: 'api/standard-collection-parameters',
+ },
+ {
+ type: 'doc',
+ id: 'api/rate-limit',
+ },
+ {
+ type: 'doc',
+ id: 'api/postman-collections',
+ },
+ {
+ type: 'doc',
+ id: 'api/patch-requests',
+ },
+ {
+ type: 'category',
+ label: 'V3 APIs',
+ link: {
+ type: 'generated-index',
+ title: 'V3 APIs',
+ description:
+ 'Use these APIs to interact with the IdentityNow platform to achieve repeatable, automated processes with greater scalability. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.',
+ slug: '/api/v3',
+ },
+ // @ts-ignore
+ items: require('./docs/api/v3/sidebar.ts'),
+ },
+ ],
};
module.exports = sidebars;
diff --git a/src/css/custom.css b/src/css/custom.css
index 85d5baf9a..c90b6f09e 100644
--- a/src/css/custom.css
+++ b/src/css/custom.css
@@ -6,6 +6,8 @@
/* You can override the default Infima variables here. */
+@import url('https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css');
+
.ReactModal__Overlay {
z-index: 9999;
}
@@ -285,6 +287,9 @@
--dev-sailpoint-small-logo: url('../../static/img/SailPoint-Logo-RGB-Color.png');
--ifm-font-family-base: 'Poppins';
+
+ --dev-icon-experimental: #cc27b0;
+ --dev-icon-deprecated: rgb(230, 167, 0);
}
/* For readability concerns, you should choose a lighter palette in dark mode. */
@@ -355,10 +360,15 @@
font-weight: 400;
}
+.menu__link {
+ padding-left: 13%;
+}
+
/* Sidebar Method labels */
.api-method > .menu__link {
align-items: center;
justify-content: start;
+ width: fit-content;
}
.api-method > .menu__link::before {
@@ -476,8 +486,6 @@ html[data-theme='dark'] .theme-admonition-note {
background-color: #474748;
}
-ul {
-}
.button.button--secondary {
color: white;
@@ -550,4 +558,28 @@ div[id^='discourse-comments'] {
.openapi-security__summary-container {
background: var(--ifm-pre-background);
+}
+
+.menu__list-item--experimental > .menu__link::after {
+ font-size: 20px;
+ font-family: 'Font Awesome 6 Free';
+ font-weight: 900;
+ color: var(--dev-icon-experimental);
+ text-rendering: auto;
+ -webkit-font-smoothing: antialiased;
+ content: '\f0c3';
+ position: relative;
+ right: 103%;
+}
+
+.menu__list-item--deprecated > .menu__link::after {
+ font-size: 20px;
+ font-family: 'Font Awesome 6 Free';
+ font-weight: 900;
+ color: var(--dev-icon-deprecated);
+ text-rendering: auto;
+ -webkit-font-smoothing: antialiased;
+ content: '\f071';
+ position: relative;
+ right: 103%;
}
\ No newline at end of file
diff --git a/static/api-specs/idn/sailpoint-api.v2024.yaml b/static/api-specs/idn/sailpoint-api.v2024.yaml
new file mode 100644
index 000000000..135f0ea26
--- /dev/null
+++ b/static/api-specs/idn/sailpoint-api.v2024.yaml
@@ -0,0 +1,2151 @@
+openapi: 3.0.1
+info:
+ title: Identity Security Cloud V2024 API
+ description: Use these APIs to interact with the Identity Security Cloud platform
+ to achieve repeatable, automated processes with greater scalability. We encourage
+ you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss
+ to connect with other developers using our APIs.
+ termsOfService: https://developer.sailpoint.com/discuss/tos
+ contact:
+ name: Developer Relations
+ url: https://developer.sailpoint.com/discuss/api-help
+ license:
+ name: MIT
+ url: https://opensource.org/licenses/MIT
+ version: v2024
+servers:
+- url: https://{tenant}.api.identitynow.com/v2024
+ description: This is the production API server.
+ variables:
+ tenant:
+ default: sailpoint
+ description: This is the name of your tenant, typically your company's name.
+- url: https://{apiUrl}/v2024
+ description: This is the V2024 API server.
+ variables:
+ apiUrl:
+ default: sailpoint.api.identitynow.com
+ description: This is the api url of your tenant
+tags:
+ - name: Access Model Metadata
+ description: |
+ Use this API to create and manage metadata attributes for your Access Model.
+ Access Model Metadata allows you to add contextual information to your ISC Access Model items using pre-defined metadata for risk, regulations, privacy levels, etc., or by creating your own metadata attributes to reflect the unique needs of your organization. This release of the API includes support for entitlement metadata. Support for role and access profile metadata will be introduced in a subsequent release.
+
+ Common usages for Access Model metadata include:
+
+ - Organizing and categorizing access items to make it easier for your users to search for and find the access rights they want to request, certify, or manage.
+
+ - Providing richer information about access that is being acted on to allow stakeholders to make better decisions when approving, certifying, or managing access rights.
+
+ - Identifying access that may requires additional approval requirements or be subject to more frequent review.
+ - name: Access Profiles
+ description: |
+ Use this API to implement and customize access profile functionality.
+ With this functionality in place, administrators can create access profiles and configure them for use throughout Identity Security Cloud, enabling users to get the access they need quickly and securely.
+
+ Access profiles group entitlements, which represent access rights on sources.
+
+ For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.
+
+ An administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.
+
+ When users only need Active Directory employee access, they can request access to the 'Employees' entitlement.
+
+ When users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.
+
+ Access profiles are the most important units of access in Identity Security Cloud. Identity Security Cloud uses access profiles in many features, including the following:
+
+ - Provisioning: When you use the Provisioning Service, lifecycle states and roles both grant access to users in the form of access profiles.
+
+ - Certifications: You can approve or revoke access profiles in certification campaigns, just like entitlements.
+
+ - Access Requests: You can assign access profiles to applications, and when a user requests access to the app associated with an access profile and someone approves the request, access is granted to both the application and its associated access profile.
+
+ - Roles: You can group one or more access profiles into a role to quickly assign access items based on an identity's role.
+
+ In Identity Security Cloud, administrators can use the Access drop-down menu and select Access Profiles to view, configure, and delete existing access profiles, as well as create new ones.
+ Administrators can enable and disable an access profile, and they can also make the following configurations:
+
+ - Manage Entitlements: Manage the profile's access by adding and removing entitlements.
+
+ - Access Requests: Configure access profiles to be requestable and establish an approval process for any requests that the access profile be granted or revoked.
+ Do not configure an access profile to be requestable without first establishing a secure access request approval process for the access profile.
+
+ - Multiple Account Options: Define the logic Identity Security Cloud uses to provision access to an identity with multiple accounts on the source.
+
+ Refer to [Managing Access Profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) for more information about access profiles.
+ - name: Access Request Approvals
+ description: |
+ Use this API to implement and customize access request approval functionality.
+ With this functionality in place, administrators can delegate qualified users to review users' requests for access or managers' requests to revoke team members' access to applications, entitlements, or roles.
+ This enables more qualified users to review access requests and the others to spend their time on other tasks.
+
+ In Identity Security Cloud, users can request access to applications, entitlements, and roles, and managers can request that team members' access be revoked.
+ For applications and entitlements, administrators can set access profiles to require approval from the access profile owner, the application owner, the source owner, the requesting user's manager, or a governance group for access to be granted or revoked.
+ For roles, administrators can also set roles to allow access requests and require approval from the role owner, the requesting user's manager, or a governance group for access to be granted or revoked.
+ If the administrator designates a governance group as the required approver, any governance group member can approve the requests.
+
+ When a user submits an access request, Identity Security Cloud sends the first required approver in the queue an email notification, based on the access request configuration's approval and reminder escalation configuration.
+
+ In Approvals in Identity Security Cloud, required approvers can view pending access requests under the Requested tab and approve or deny them, or the approvers can reassign the requests to different reviewers for approval.
+ If the required approver approves the request and is the only reviewer required, Identity Security Cloud grants or revokes access, based on the request.
+ If multiple reviewers are required, Identity Security Cloud sends the request to the next reviewer in the queue, based on the access request configuration's approval reminder and escalation configuration.
+ The required approver can then view any completed access requests under the Reviewed tab.
+
+ Refer to [Access Requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for more information about access request approvals.
+ - name: Access Request Identity Metrics
+ description: |
+ Use this API to implement access request identity metrics functionality.
+ With this functionality in place, access request reviewers can see relevant details about the requested access item and associated source activity.
+ This allows reviewers to see how many of the identities who share a manager with the access requester have this same type of access and how many of them have had activity in the related source.
+ This additional context about whether the access has been granted before and how often it has been used can help those approving access requests make more informed decisions.
+ - name: Access Requests
+ description: |
+ Use this API to implement and customize access request functionality.
+ With this functionality in place, users can request access to applications, entitlements, or roles, and managers can request that team members' access be revoked.
+ This allows users to get access to the tools they need quickly and securely, and it allows managers to take away access to those tools.
+
+ Identity Security Cloud's Access Request service allows end users to request access that requires approval before it can be granted to users and enables qualified users to review those requests and approve or deny them.
+
+ In the Request Center in Identity Security Cloud, users can view available applications, roles, and entitlements and request access to them.
+ If the requested tools requires approval, the requests appear as 'Pending' under the My Requests tab until the required approver approves, rejects, or cancels them.
+
+ Users can use My Requests to track and/or cancel the requests.
+
+ In My Team on the Identity Security Cloud Home, managers can submit requests to revoke their team members' access.
+ They can use the My Requests tab under Request Center to track and/or cancel the requests.
+
+ Refer to [Requesting Access](https://documentation.sailpoint.com/saas/user-help/requests/requesting_access.html) for more information about access requests.
+ - name: Account Activities
+ description: |
+ Use this API to implement account activity tracking functionality.
+ With this functionality in place, users can track source account activity in Identity Security Cloud, which greatly improves traceability in the system.
+
+ An account activity refers to a log of each action performed on a source account. This is useful for auditing the changes performed on an account throughout its life.
+ In Identity Security Cloud's Search, users can search for account activities and select the activity's row to get an overview of the activity's account action and view its progress, its involved sources, and its most basic metadata, such as the identity requesting the option and the recipient.
+
+ Account activity includes most actions Identity Security Cloud completes on source accounts. Users can search in Identity Security Cloud for the following account action types:
+
+ - Access Request: These include any access requests the source account is involved in.
+
+ - Account Attribute Updates: These include updates to a single attribute on an account on a source.
+
+ - Account State Update: These include locking or unlocking actions on an account on a source.
+
+ - Certification: These include actions removing an entitlement from an account on a source as a result of the entitlement's revocation during a certification.
+
+ - Cloud Automated `Lifecyclestate`: These include automated lifecycle state changes that result in a source account's correlated identity being assigned to a different lifecycle state.
+ Identity Security Cloud replaces the `Lifecyclestate` variable with the name of the lifecycle state it has moved the account's identity to.
+
+ - Identity Attribute Update: These include updates to a source account's correlated identity attributes as the result of a provisioning action.
+ When you update an identity attribute that also updates an identity's lifecycle state, the cloud automated `Lifecyclestate` event also displays.
+ Account Activity does not include attribute updates that occur as a result of aggregation.
+
+ - Identity Refresh: These include correlated identity refreshes that occur for an account on a source whenever the account's correlated identity profile gets a new role or updates.
+ These also include refreshes that occur whenever Identity Security Cloud assigns an application to the account's correlated identity based on the application's being assigned to All Users From Source or Specific Users From Source.
+
+ - Lifecycle State Refresh: These include the actions that took place when a lifecycle state changed. This event only occurs after a cloud automated `Lifecyclestate` change or a lifecycle state change.
+
+ - Lifecycle State Change: These include the account activities that result from an identity's manual assignment to a null lifecycle state.
+
+ - Password Change: These include password changes on sources.
+
+ Refer to [Account Activity](https://documentation.sailpoint.com/saas/help/search/index.html#account-activity) for more information about account activities.
+ - name: Account Aggregations
+ description: |
+ Use this API to implement account aggregation progress tracking functionality.
+ With this functionality in place, administrators can view in-progress account aggregations, their statuses, and their relevant details.
+
+ An account aggregation refers to the process Identity Security Cloud uses to gather and load account data from a source into Identity Security Cloud.
+
+ Whenever Identity Security Cloud is in the process of aggregating a source, it adds an entry to the Aggregation Activity Log, along with its relevant details.
+ To view aggregation activity, administrators can select the Connections drop-down menu, select Sources, and select the relevant source, select its Import Data tab, and select Account Aggregation.
+ In Account Aggregation, administrators can view the account aggregations' statuses and details in the Account Activity Log.
+
+ Refer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about account aggregations.
+ - name: Account Usages
+ description: |
+ Use this API to implement account usage insight functionality.
+ With this functionality in place, administrators can gather information and insights about how their tenants' source accounts are being used.
+ This allows organizations to get the information they need to start optimizing and securing source account usage.
+ - name: Accounts
+ description: |
+ Use this API to implement and customize account functionality.
+ With this functionality in place, administrators can manage users' access across sources in Identity Security Cloud.
+
+ In Identity Security Cloud, an account refers to a user's account on a supported source.
+ This typically includes a unique identifier for the user, a unique password, a set of permissions associated with the source and a set of attributes. Identity Security Cloud loads accounts through the creation of sources in Identity Security Cloud.
+
+ Administrators can correlate users' identities with the users' accounts on the different sources they use.
+ This allows Identity Security Cloud to govern the access of identities and all their correlated accounts securely and cohesively.
+
+ To view the accounts on a source and their correlated identities, administrators can use the Connections drop-down menu, select Sources, select the relevant source, and select its Account tab.
+
+ To view and edit source account statuses for an identity in Identity Security Cloud, administrators can use the Identities drop-down menu, select Identity List, select the relevant identity, and select its Accounts tab.
+ Administrators can toggle an account's Actions to aggregate the account, enable/disable it, unlock it, or remove it from the identity.
+
+ Accounts can have the following statuses:
+
+ - Enabled: The account is enabled. The user can access it.
+
+ - Disabled: The account is disabled, and the user cannot access it, but the identity is not disabled in Identity Security Cloud. This can occur when an administrator disables the account or when the user's lifecycle state changes.
+
+ - Locked: The account is locked. This may occur when someone has entered an incorrect password for the account too many times.
+
+ - Pending: The account is currently updating. This status typically lasts seconds.
+
+ Administrators can select the source account to view its attributes, entitlements, and the last time the account's password was changed.
+
+ Refer to [Managing User Accounts](https://documentation.sailpoint.com/saas/help/common/users/user_access.html#managing-user-accounts) for more information about accounts.
+ - name: Approvals
+ - name: Auth Profile
+ description: |
+ Auth Profile - Represents authentication configuration for an Identity Profile. This object gets created when an Identity Profile is created.
+
+ APIs can be used to retrieve and update Auth Profiles.
+ - name: Auth Users
+ description: |
+ Use this API to implement user authentication system functionality.
+ With this functionality in place, users can get a user's authentication system details, including their capabilities, and modify those capabilities.
+ The user's capabilities refer to their access to different systems, or authorization, within the tenant, like access to certifications (CERT_ADMIN) or reports (REPORT_ADMIN).
+ These capabilities also determine a user's access to the different APIs.
+ This API provides users with a way to determine a user's access and make quick and easy changes to that access.
+ - name: Branding
+ description: |
+ Use this API to implement and customize branding functionality.
+ With this functionality in place, administrators can get and manage existing branding items, and they can also create new branding items and configure them for use throughout Identity Security Cloud.
+ The Branding APIs provide administrators with a way to customize branding items.
+ This customization includes details like their colors, logos, and other information.
+ Refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) for more information about certifications.
+ - name: Certification Campaign Filters
+ description: |
+ Use this API to implement the certification campaign filter functionality. These filters can be used to create a certification campaign that includes a subset of your entitlements or users to certify.
+
+ For example, if for a certification campaign an organization wants to certify only specific users or entitlements, then those can be included/excluded on the basis of campaign filters.
+
+ For more information about creating a campaign filter, refer to [Creating a Campaign Filter](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#creating-a-campaign-filter)
+
+ You can create campaign filters using any of the following criteria types:
+
+ - Access Profile : This criteria type includes or excludes access profiles from a campaign.
+
+ - Account Attribute : This criteria type includes or excludes certification items that match a specified value in an account attribute.
+
+ - Entitlement : This criteria type includes or excludes entitlements from a campaign.
+
+ - Identity : This criteria type includes or excludes specific identities from your campaign.
+
+ - Identity Attribute : This criteria type includes or excludes identities based on whether they have an identity attribute that matches criteria you've chosen.
+
+ - Role : This criteria type includes or excludes roles, as opposed to identities.
+
+ - Source : This criteria type includes or excludes entitlements from a source you select.
+
+ For more information about these criteria types, refer to [Types of Campaign Filters](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#types-of-campaign-filters)
+
+ Once the campaign filter is created, it can be linked while creating the campaign. The generated campaign will have the items to review as per the campaign filter.
+
+ For example, An inclusion campaign filter is created with a source of Source 1, an operation of Equals, and an entitlement of Entitlement 1. When this filter is selected, only users who have Entitlement 1 are included in the campaign, and only Entitlement 1 is shown in the certification.
+ - name: Certification Campaigns
+ description: |
+ Use this API to implement certification campaign functionality.
+ With this functionality in place, administrators can create, customize, and manage certification campaigns for their organizations' use.
+ Certification campaigns provide Identity Security Cloud users with an interactive review process they can use to identify and verify access to systems.
+ Campaigns help organizations reduce risk of inappropriate access and satisfy audit requirements.
+
+ A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access.
+ These certifications serve as a way of showing that a user's access has been reviewed and approved.
+ Multiple certifications by different reviewers are often required to approve a user's access.
+ A set of multiple certifications is called a certification campaign.
+
+ For example, an organization may use a Manager Certification campaign as a way of showing that a user's access has been reviewed and approved by multiple managers.
+ Once this campaign has been completed, Identity Security Cloud would provision all the access the user needs, nothing more.
+
+ Identity Security Cloud provides two simple campaign types users can create without using search queries, Manager and Source Owner campaigns:
+
+ You can create these types of campaigns without using any search queries in Identity Security Cloud:
+
+ - ManagerCampaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access is certified by their managers.
+ You only need to provide a name and description to create one.
+
+ - Source Owner Campaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access to a source is certified by its source owners.
+ You only need to provide a name and description to create one.
+ You can specify the sources whose owners you want involved or just run it across all sources.
+
+ For more information about these campaign types, refer to [Starting a Manager or Source Owner Campaign](https://documentation.sailpoint.com/saas/help/certs/starting_campaign.html).
+
+ One useful way to create certification campaigns in Identity Security Cloud is to use a specific search and then run a campaign on the results returned by that search.
+ This allows you to be much more specific about whom you are certifying in your campaigns and what access you are certifying in your campaigns.
+ For example, you can search for all identities who are managed by "Amanda.Ross" and also have the access to the "Accounting" role and then run a certification campaign based on that search to ensure that the returned identities are appropriately certified.
+
+ You can use Identity Security Cloud search queries to create these types of campaigns:
+
+ - Identities: Use this campaign type to review and revoke access items for specific identities.
+ You can either build a search query and create a campaign certifying all identities returned by that query, or you can search for individual identities and add those identities to the certification campaign.
+
+ - Access Items: Use this campaign type to review and revoke a set of roles, access profiles, or entitlements from the identities that have them.
+ You can either build a search query and create a campaign certifying all access items returned by that query, or you can search for individual access items and add those items to the certification campaign.
+
+ - Role Composition: Use this campaign type to review a role's composition, including its title, description, and membership criteria.
+ You can either build a search query and create a campaign certifying all roles returned by that query, or you can search for individual roles and add those roles to the certification campaign.
+
+ - Uncorrelated Accounts: Use this campaign type to certify source accounts that aren't linked to an authoritative identity in Identity Security Cloud.
+ You can use this campaign type to view all the uncorrelated accounts for a source and certify them.
+
+ For more information about search-based campaigns, refer to [Starting a Campaign from Search](https://documentation.sailpoint.com/saas/help/certs/starting_search_campaign.html).
+
+ Once you have generated your campaign, it becomes available for preview.
+ An administrator can review the campaign and make changes, or if it's ready and accurate, activate it.
+
+ Once the campaign is active, organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers.
+ Those reviewers can view any of the certifications they either need to review (active) or have already reviewed (completed).
+
+ When a certification campaign is in progress, certification reviewers see the listed active certifications whose involved identities they can review.
+ Reviewers can then make decisions to grant or revoke access, as well as reassign the certification to another reviewer. If the reviewer chooses this option, they must provide a reason for reassignment in the form of a comment.
+
+ Once a reviewer has made decisions on all the certification's involved access items, he or she must "Sign Off" to complete the review process.
+ Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items.
+
+ Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase.
+ In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.
+ In this situation, the certification campaign completes once all the remediation requests are completed.
+
+ The end of a certification campaign is determined by its deadline, its completion status, or by an administrator's decision.
+
+ For more information about certifications and certification campaigns, refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html).
+ - name: Certification Summaries
+ description: |
+ Use this API to implement certification summary functionality.
+ With this functionality in place, administrators and designated certification reviewers can review summaries of identity certification campaigns and draw conclusions about the campaigns' scope, security, and effectiveness.
+ Implementing certification summary functionality improves organizations' ability to review their [certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) and helps them satisfy audit and regulatory requirements by enabling them to trace access changes and the decisions made in their review processes.
+
+ A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access.
+ These certifications serve as a way of showing that a user's access has been reviewed and approved.
+ Multiple certifications by different reviewers are often required to approve a user's access.
+ A set of multiple certifications is called a certification campaign.
+
+ For example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers.
+ Once this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more.
+
+ Certification summaries provide information about identity certification campaigns such as the identities involved, the number of decisions made, and the access changed.
+ For example, an administrator or designated certification reviewer can examine the Manager Certification campaign to get an overview of how many entitlement decisions are made in that campaign as opposed to role decisions, which identities would be affected by changes to the campaign, and how those identities' access would be affected.
+ - name: Certifications
+ description: |
+ Use this API to implement certification functionality.
+ With this functionality in place, administrators and designated certification reviewers can review users' access certifications and decide whether to approve access, revoke it, or reassign the review to another reviewer.
+ Implementing certifications improves organizations' data security by reducing inappropriate access through a distributed review process and helping them satisfy audit and regulatory requirements.
+
+ A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access.
+ These serve as a way of showing that a user's access has been reviewed and approved.
+ Multiple certifications by different reviewers are often required to approve a user's access.
+ A set of multiple certifications is called a certification campaign.
+
+ For example, an organization may use a Manager Certification as a way of showing that a user's access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user's access has been reviewed and approved by multiple managers.
+ Once this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more.
+
+ Organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers.
+ Those reviewers can select the 'Certifications' tab to view any of the certifications they either need to review or have already reviewed under the 'Active' and 'Completed' tabs, respectively.
+
+ When a certification campaign is in progress, certification reviewers will see certifications listed under 'Active,' where they can review the involved identities.
+ Under the 'Decision' column on the right, next to each access item, reviewers can select the checkmark to approve access, select the 'X' to revoke access, or they can toggle the 'More Options' menu to reassign the certification to another reviewer and provide a reason for reassignment in the form of a comment.
+
+ Once a reviewer has made decisions on all the certification's involved access items, he or she must select 'Sign Off' to complete the review process.
+ Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items.
+
+ Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.
+ In this situation, the certification campaign completes once all the remediation requests are completed.
+ - name: Configuration Hub
+ description: |
+ Upload configurations and manage object mappings between tenants.
+
+ Configuration files can be managed and deployed using Configuration Hub by uploading a JSON file which contains configuration data.
+
+ The function of object mapping allows objects with varying names and IDs to be compared. While objects are compared, a user can replace a value in the source tenant with a new value. Object mapping also helps in locating referenced objects to the source object during the drafting process.
+
+ Refer to [Uploading a Configuration File](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#uploading-a-configuration-file) for more information about uploading Configuration Files
+
+ Refer to [Mapping Objects](https://documentation.sailpoint.com/saas/help/confighub/config_hub.html#mapping-objects) for more information about object mappings.
+ - name: Connector Rule Management
+ - name: Connectors
+ description: |
+ Use this API to implement connector functionality.
+ With this functionality in place, administrators can view available connectors.
+
+ Connectors are the bridges Identity Security Cloud uses to communicate with and aggregate data from sources.
+ For example, if it is necessary to set up a connection between Identity Security Cloud and the Active Directory source, a connector can bridge the two and enable Identity Security Cloud to synchronize data between the systems.
+ This ensures account entitlements and states are correct throughout the organization.
+
+ In Identity Security Cloud, administrators can use the Connections drop-down menu and select Sources to view the available source connectors.
+
+ Refer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about the connectors available in Identity Security Cloud.
+
+ Refer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about the SaaS custom connectors that do not need VAs (virtual appliances) to communicate with their sources.
+
+ Refer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about using connectors in Identity Security Cloud.
+ - name: Custom Forms
+ description: |
+ Use this API to build and manage custom forms.
+ With this functionality in place, administrators can create and view form definitions and form instances.
+
+ Forms are composed of sections and fields. Sections split the form into logical groups of fields and fields are the data collection points within the form. Configure conditions to modify elements of the form as the responder provides input. Create form inputs to pass information from a calling feature, like a workflow, to your form.
+
+ Forms can be used within workflows as an action or as a trigger. The Form Action allows you to assign a form as a step in a running workflow, suspending the workflow until the form is submitted or times out, and the workflow resumes. The Form Submitted Trigger initiates a workflow when a form is submitted. The trigger can be configured to initiate on submission of a full form, a form element with any value, or a form element with a particular value.
+
+ Refer to [Forms](https://documentation.sailpoint.com/saas/help/forms/index.html) for more information about using forms in Identity Security Cloud.
+ - name: Custom Password Instructions
+ description: |
+ Use this API to implement custom password instruction functionality.
+ With this functionality in place, administrators can create custom password instructions to help users reset their passwords, change them, unlock their accounts, or recover their usernames.
+ This allows administrators to emphasize password policies or provide organization-specific instructions.
+
+ Administrators must first use [Update Password Org Config](https://developer.sailpoint.com/docs/api/beta/put-password-org-config/) to set `customInstructionsEnabled` to `true`.
+
+ Once they have enabled custom instructions, they can use [Create Custom Password Instructions](https://developer.sailpoint.com/docs/api/beta/create-custom-password-instructions/) to create custom page content for the specific pageId they select.
+
+ For example, an administrator can use the pageId forget-username:user-email to set the custom text for the case when users forget their usernames and must enter their emails.
+
+ Refer to [Creating Custom Instruction Text](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html#creating-custom-instruction-text) for more information about creating custom password instructions.
+ - name: Discovered Applications
+ description: |
+ Use this API to retrieve all the available discovered apps for a given tenant id.
+ - name: Entitlements
+ description: |
+ Use this API to implement and customize entitlement functionality.
+ With this functionality in place, administrators can view entitlements and configure them for use throughout Identity Security Cloud in certifications, access profiles, and roles.
+ Administrators in Identity Security Cloud can then grant users access to the entitlements or configure them so users themselves can request access to the entitlements whenever they need them.
+ With a good approval process, this entitlement functionality allows users to gain the specific access they need on sources quickly and securely.
+
+ Entitlements represent access rights on sources.
+ Entitlements are the most granular form of access in Identity Security Cloud.
+ Entitlements are often grouped into access profiles, and access profiles themselves are often grouped into roles, the broadest form of access in Identity Security Cloud.
+
+ For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.
+
+ An administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.
+
+ An administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source.
+
+ When users only need Active Directory employee access, they can request access to the 'Employees' entitlement.
+
+ When users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.
+
+ When users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both.
+
+ Administrators often use roles and access profiles within those roles to manage access so that users can gain access more quickly, but the hierarchy of access all starts with entitlements.
+
+ Anywhere entitlements appear, you can select them to find more information about the following:
+
+ - Cloud Access Details: These provide details about the cloud access entitlements on cloud-enabled sources.
+
+ - Permissions: Permissions represent individual units of read/write/admin access to a system.
+
+ - Relationships: These list each entitlement's parent and child relationships.
+
+ - Type: This is the entitlement's type. Some sources support multiple types, each with a different attribute schema.
+
+ Identity Security Cloud uses entitlements in many features, including the following:
+
+ - Certifications: Entitlements can be revoked from an identity that no longer needs them.
+
+ - Roles: Roles can group access profiles which themselves group entitlements. You can grant and revoke access on a broad level with roles. Role membership criteria can grant roles to identities based on whether they have certain entitlements or attributes.
+
+ - Access Profiles: Access profiles group entitlements.
+ They are the most important units of access in Identity Security Cloud.
+ Identity Security Cloud uses them in provisioning, certifications, and access requests, and administrators can configure them to grant very broad or very granular access.
+
+ You cannot delete entitlements directly from Identity Security Cloud.
+ Entitlements are deleted based on their inclusion in aggregations.
+
+ Refer to [Deleting Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html#deleting-entitlements) more information about deleting entitlements.
+
+ Refer to [Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html) for more information about entitlements.
+ - name: Global Tenant Security Settings
+ description: |
+ Use this API to implement and customize global tenant security settings.
+ With this functionality in place, administrators can manage the global security settings that a tenant/org has.
+ This API can be used to configure the networks and Geographies allowed to access Identity Security Cloud URLs.
+ - name: Governance Groups
+ description: |
+ Use this API to implement and customize Governance Group functionality. With this functionality in place, administrators can create Governance Groups and configure them for use throughout Identity Security Cloud.
+
+ A governance group is a group of users that can make governance decisions about access. If your organization has the Access Request or Certifications service, you can configure governance groups to review access requests or certifications. A governance group can determine whether specific access is appropriate for a user.
+
+ Refer to [Creating and Managing Governance Groups](https://documentation.sailpoint.com/saas/help/common/users/governance_groups.html) for more information about how to build Governance Groups in the visual builder in the Identity Security Cloud UI.
+ - name: IAI Access Request Recommendations
+ - name: IAI Common Access
+ - name: IAI Message Catalogs
+ - name: IAI Outliers
+ - name: IAI Peer Group Strategies
+ - name: IAI Recommendations
+ - name: IAI Role Mining
+ - name: Icons
+ description: |
+ Use this API to implement functionality related to object icons (application icons for example).
+ With this functionality in place, administrators can set or remove an icon for specific object type for use throughout Identity Security Cloud.
+ - name: Identities
+ description: |
+ Use this API to implement identity functionality.
+ With this functionality in place, administrators can synchronize an identity's attributes with its various source attributes.
+
+ Identity Security Cloud uses identities as users' authoritative accounts. Identities can own other accounts, entitlements, and attributes.
+
+ An identity has a variety of attributes, such as an account name, an email address, a job title, and more.
+ These identity attributes can be correlated with different attributes on different sources.
+ For example, the identity John.Smith can own an account in the GitHub source with the account name John-Smith-Org, and Identity Security Cloud knows they are the same person with the same access and attributes.
+
+ In Identity Security Cloud, administrators often set up these synchronizations to get triggered automatically with a change or to run on a schedule.
+ To manually synchronize attributes for an identity, administrators can use the Identities drop-down menu and select Identity List to view the list of identities.
+ They can then select the identity they want to manually synchronize and use the hamburger menu to select 'Synchronize Attributes.'
+ Doing so immediately begins the attribute synchronization and analyzes all accounts for the selected identity.
+
+ Refer to [Synchronizing Attributes](https://documentation.sailpoint.com/saas/help/provisioning/attr_sync.html) for more information about synchronizing attributes.
+ - name: Identity Attributes
+ - name: Identity History
+ - name: Identity Profiles
+ description: |
+ Use this API to implement identity profile functionality.
+ With this functionality in place, administrators can view identity profiles and their configurations.
+
+ Identity profiles represent the configurations that can be applied to identities as a way of granting them a set of security and access, as well as defining the mappings between their identity attributes and their source attributes.
+
+ In Identity Security Cloud, administrators can use the Identities drop-down menu and select Identity Profiles to view the list of identity profiles.
+ This list shows some details about each identity profile, along with its status.
+ They can select an identity profile to view its settings, its mappings between identity attributes and correlating source account attributes, and its provisioning settings.
+
+ Refer to [Creating Identity Profiles](https://documentation.sailpoint.com/saas/help/setup/identity_profiles.html) for more information about identity profiles.
+ - name: Lifecycle States
+ description: |
+ Use this API to implement and customize lifecycle state functionality.
+ With this functionality in place, administrators can create and configure custom lifecycle states for use across their organizations, which is key to controlling which users have access, when they have access, and the access they have.
+
+ A lifecycle state describes a user's status in a company. For example, two lifecycle states come by default with Identity Security Cloud: 'Active' and 'Inactive.'
+ When an active employee takes an extended leave of absence from a company, his or her lifecycle state may change to 'Inactive,' for security purposes.
+ The inactive employee would lose access to all the applications, sources, and sensitive data during the leave of absence, but when the employee returns and becomes active again, all that access would be restored.
+ This saves administrators the time that would otherwise be spent provisioning the employee's access to each individual tool, reviewing the employee's certification history, etc.
+
+ Administrators can create a variety of custom lifecycle states. Refer to [Planning New Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#planning-new-lifecycle-states) for some custom lifecycle state ideas.
+
+ Administrators must define the criteria for being in each lifecycle state, and they must define how Identity Security Cloud manages users' access to apps and sources for each lifecycle state.
+
+ In Identity Security Cloud, administrators can manage lifecycle states by going to Admin > Identities > Identity Profile, selecting the identity profile whose lifecycle states they want to manage, selecting the 'Provisioning' tab, and using the left panel to either select the lifecycle state they want to modify or create a new lifecycle state.
+
+ In the 'Provisioning' tab, administrators can make the following access changes to an identity profile's lifecycle state:
+
+ - Enable/disable the lifecycle state for the identity profile.
+
+ - Enable/disable source accounts for the identity profile's lifecycle state.
+
+ - Add existing access profiles to grant to the identity profiles in that lifecycle state.
+
+ - Create a new access profile to grant to the identity profile in that lifecycle state.
+
+ Access profiles granted in a previous lifecycle state are automatically revoked when the identity moves to a new lifecycle state.
+ To maintain access across multiple lifecycle states, administrators must grant the access profiles in each lifecycle state.
+ For example, if an administrator wants users with the 'HR Employee' identity profile to maintain their building access in both the 'Active' and 'Leave of Absence' lifecycle states, the administrator must grant the access profile for that building access to both lifecycle states.
+
+ During scheduled refreshes, Identity Security Cloud evaluates lifecycle states to determine whether their assigned identities have the access defined in the lifecycle states' access profiles.
+ If the identities are missing access, Identity Security Cloud provisions that access.
+
+ Administrators can also use the 'Provisioning' tab to configure email notifications for Identity Security Cloud to send whenever an identity with that identity profile has a lifecycle state change.
+ Refer to [Configuring Lifecycle State Notifications](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#configuring-lifecycle-state-notifications) for more information on how to do so.
+
+ An identity's lifecycle state can have four different statuses: the lifecycle state's status can be 'Active,' it can be 'Not Set,' it can be 'Not Valid,' or it 'Does Not Match Technical Name Case.'
+ Refer to [Moving Identities into Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#moving-identities-into-lifecycle-states) for more information about these different lifecycle state statuses.
+
+ Refer to [Setting Up Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html) for more information about lifecycle states.
+ - name: Managed Clients
+ description: Read and create operations for client data and statuses
+ - name: Managed Clusters
+ description: Read and create pperations for client Clusters, including Log Configuration
+ - name: Manual Discover Applications
+ description: |
+ Use this API to manually upload application names to be correlated to an ISC connector.
+ - name: Manual Discover Applications Template
+ description: |
+ Use this API to download the CSV template to send to the application discovery service.
+ - name: MFA Configuration
+ description: Configure and test multifactor authentication (MFA) methods
+ - name: MFA Controller
+ description: This API used for multifactor authentication functionality belong to gov-multi-auth service. This controller allow you to verify authentication by specified method
+ - name: Non-Employee Lifecycle Management
+ description: |
+ Use this API to implement non-employee lifecycle management functionality.
+ With this functionality in place, administrators can create non-employee records and configure them for use in their organizations.
+ This allows organizations to provide secure access to non-employees and control that access.
+
+ The 'non-employee' term refers to any consultant, contractor, intern, or other user in an organization who is not a full-time permanent employee.
+ Organizations can track non-employees' access and activity in Identity Security Cloud by creating and maintaining non-employee sources.
+ Organizations can have a maximum of 50 non-employee sources.
+
+ By using SailPoint's Non-Employee Lifecycle Management functionality, you agree to the following:
+
+ - SailPoint is not responsible for storing sensitive data.
+ You may only add account attributes to non-employee identities that are necessary for business operations and are consistent with your contractual limitations on data that may be sent or stored in Identity Security Cloud.
+
+ - You are responsible for regularly downloading your list of non-employee accounts for all the sources you create and storing this list of accounts in a managed location to maintain an authoritative system of record and backup data for these accounts.
+
+ To manage non-employees in Identity Security Cloud, administrators must create a non-employee source and add accounts to the source.
+
+ To create a non-employee source in Identity Security Cloud, administrators must use the Admin panel to go to Connections > Sources.
+ They must then specify 'Non-Employee' in the 'Source Type' field.
+ Refer to [Creating a Non-Employee Source](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#creating-a-non-employee-source) for more details about how to create non-employee sources.
+
+ To add accounts to a non-employee source in Identity Security Cloud, administrators can select the non-employee source and add the accounts.
+ They can also use the 'Manage Non-Employees' widget on their user dashboards to reach the list of sources and then select the non-employee source they want to add the accounts to.
+
+ Administrators can either add accounts individually or in bulk. Each non-employee source can have a maximum of 20,000 accounts.
+ To add accounts in bulk, they must select the 'Bulk Upload' option and upload a CSV file.
+ Refer to [Adding Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html#adding-accounts) for more details about how to add accounts to non-employee sources.
+
+ Once administrators have created the non-employee source and added accounts to it, they can create identity profiles to generate identities for the non-employee accounts and manage the non-employee identities the same way they would any other identities.
+
+ Refer to [Managing Non-Employee Sources and Accounts](https://documentation.sailpoint.com/saas/help/common/non-employee-mgmt.html) for more information about non-employee lifecycle management.
+ - name: Notifications
+ - name: OAuth Clients
+ description: |
+ Use this API to implement OAuth client functionality.
+ With this functionality in place, users with the appropriate security scopes can create and configure OAuth clients to use as a way to obtain authorization to use the Identity Security Cloud REST API.
+ Refer to [Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information about OAuth and how it works with the Identity Security Cloud REST API.
+ - name: Org Config
+ description: Operations for managing org configuration settings (eg. time zone)
+ - name: Password Configuration
+ description: |
+ Use this API to implement organization password configuration functionality.
+ With this functionality in place, organization administrators can create organization-specific password configurations.
+
+ These configurations include details like custom password instructions, as well as digit token length and duration.
+
+ Refer to [Configuring User Authentication for Password Resets](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html) for more information about organization password configuration functionality.
+ - name: Password Dictionary
+ description: |
+ Use this API to implement password dictionary functionality.
+ With this functionality in place, administrators can create password dictionaries to prevent users from using certain words or characters in their passwords.
+
+ A password dictionary is a list of words or characters that users are prevented from including in their passwords.
+ This can help protect users from themselves and force them to create passwords that are not easy to break.
+
+ A password dictionary must meet the following requirements to for the API to handle them correctly:
+
+ - It must be in .txt format.
+
+ - All characters must be UTF-8 characters.
+
+ - Each line must contain a single word or character with no spaces or whitespace characters.
+
+ - It must contain at least one line other than the locale string.
+
+ - Each line must not exceed 128 characters.
+
+ - The file must not exceed 2500 lines.
+
+ Administrators should also consider the following when they create their dictionaries:
+
+ - Lines starting with a # represent comments.
+
+ - All words in the password dictionary are case-insensitive.
+ For example, adding the word "password" to the dictionary also disallows the following: PASSWORD, Password, and PassWord.
+
+ - The dictionary uses substring matching.
+ For example, adding the word "spring" to the dictionary also disallows the following: Spring124, 345SprinG, and 8spring.
+ Users can then select 'Change Password' to update their passwords.
+
+ Administrators must do the following to create a password dictionary:
+
+ - Create the text file that will contain the prohibited password values.
+
+ - If the dictionary is not in English, they must add a locale string to the top line: locale:`languageCode`_`countryCode`
+
+ The languageCode value refers to the language's 2-letter ISO 639-1 code.
+ The countryCode value refers to the country's 2-letter ISO 3166-1 code.
+
+ Refer to this list https://docs.oracle.com/cd/E13214_01/wli/docs92/xref/xqisocodes.html to see all the available ISO 639-1 language codes and ISO 3166-1 country codes.
+
+ - Upload the .txt file to Identity Security Cloud with [Update Password Dictionary](https://developer.sailpoint.com/docs/api/v3/put-password-dictionary). Uploading a new file always overwrites the previous dictionary file.
+
+ Administrators can then specify which password policies check new passwords against the password dictionary by doing the following: In the Admin panel, they can use the Password Mgmt dropdown menu to select Policies, select the policy, and select the 'Prevent use of words in this site's password dictionary' checkbox beside it.
+
+ Refer to [Configuring Advanced Password Management Options](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html) for more information about password dictionaries.
+ - name: Password Management
+ description: |
+ Use this API to implement password management functionality.
+ With this functionality in place, users can manage their identity passwords for all their applications.
+
+ In Identity Security Cloud, users can select their names in the upper right corner of the page and use the drop-down menu to select Password Manager.
+ Password Manager lists the user's identity's applications, possibly grouped to share passwords.
+ Users can then select 'Change Password' to update their passwords.
+
+ Grouping passwords allows users to update their passwords more broadly, rather than requiring them to update each password individually.
+ Password Manager may list the applications and sources in the following groups:
+
+ - Password Group: This refers to a group of applications that share a password.
+ For example, a user can use the same password for Google Drive, Google Mail, and YouTube.
+ Updating the password for the password group updates the password for all its included applications.
+
+ - Multi-Application Source: This refers to a source with multiple applications that share a password.
+ For example, a user can have a source, G Suite, that includes the Google Calendar, Google Drive, and Google Mail applications.
+ Updating the password for the multi-application source updates the password for all its included applications.
+
+ - Applications: These are applications that do not share passwords with other applications.
+
+ An organization may require some authentication for users to update their passwords.
+ Users may be required to answer security questions or use a third-party authenticator before they can confirm their updates.
+
+ Refer to [Managing Passwords](https://documentation.sailpoint.com/saas/user-help/accounts/passwords.html) for more information about password management.
+ - name: Password Policies
+ description: |
+ Use these APIs to implement password policies functionality.
+ These APIs allow you to define the policy parameters for choosing passwords.
+
+ IdentityNow comes with a default policy that you can modify to define the password requirements your users must meet to log in to IdentityNow, such as requiring a minimum password length, including special characters, and disallowing certain patterns.
+ If you have licensed Password Management, you can create additional password policies beyond the default one to manage passwords for supported sources in your org.
+
+ In the Identity Security Cloud Admin panel, administrators can use the Password Mgmt dropdown menu to select Sync Groups.
+ Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/pwd_policies/pwd_policies.html) for more information about password policies.
+ - name: Password Sync Groups
+ description: |
+ Use this API to implement password sync group functionality.
+ With this functionality in place, administrators can group sources into password sync groups so that all their applications share the same password.
+ This allows users to update the password for all the applications in a sync group if they want, rather than updating each password individually.
+
+ A password sync group is a group of applications that shares a password.
+ Administrators create these groups by grouping the applications' sources.
+ For example, an administrator can group the ActiveDirectory, GitHub, and G Suite sources together so that all those sources' applications can also be grouped to share a password.
+ A user can then update his or her password for ActiveDirectory, GitHub, Gmail, Google Drive, and Google Calendar all at once, rather then updating each one individually.
+
+ The following are required for administrators to create a password sync group in Identity Security Cloud:
+
+ - At least two direct connect sources connected to Identity Security Cloud and configured for Password Management.
+
+ - Each authentication source in a sync group must have at least one application. Refer to [Adding and Resetting Application Passwords](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html#adding-and-resetting-application-passwords) for more information about adding applications to sources.
+
+ - At least one password policy. Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/policies.html) for more information about password policies.
+
+ In the Admin panel in Identity Security Cloud, administrators can use the Password Mgmt dropdown menu to select Sync Groups.
+ To create a sync group, administrators must provide a name, choose a password policy to be enforced across the sources in the sync group, and select the sources to include in the sync group.
+
+ Administrators can also delete sync groups in Identity Security Cloud, but they should know the following before they do:
+
+ - Passwords related to the associated sources will become independent, so changing one will not change the others anymore.
+
+ - Passwords for the sources' connected applications will also become independent.
+
+ - Password policies assigned to the sync group are then assigned directly to the associated sources.
+ To change the password policy for a source, administrators must edit it directly.
+
+ Once the password sync group has been created, users can update the password for the group in Password Manager.
+
+ Refer to [Managing Password Sync Groups](https://documentation.sailpoint.com/saas/help/pwd/sync_grps.html) for more information about password sync groups.
+ - name: Personal Access Tokens
+ description: |
+ Use this API to implement personal access token (PAT) functionality.
+ With this functionality in place, users can use PATs as an alternative to passwords for authentication in Identity Security Cloud.
+
+ PATs embed user information into the client ID and secret.
+ This replaces the API clients' need to store and provide a username and password to establish a connection, improving Identity Security Cloud organizations' integration security.
+
+ In Identity Security Cloud, users can do the following to create and manage their PATs: Select the dropdown menu under their names, select Preferences, and then select Personal Access Tokens.
+ They must then provide a description about the token's purpose.
+ They can then select 'Create Token' at the bottom of the page to generate and view the Secret and Client ID.
+
+ Refer to [Managing Personal Access Tokens](https://documentation.sailpoint.com/saas/help/common/generate_tokens.html) for more information about PATs.
+ - name: Public Identities
+ description: |
+ Use this API in conjunction with [Public Identites Config](https://developer.sailpoint.com/docs/api/v3/public-identities-config/) to enable non-administrators to view identities' publicly visible attributes.
+ With this functionality in place, non-administrators can view identity attributes other than the default attributes (email, lifecycle state, and manager), depending on which identity attributes their organization administrators have made public.
+ This can be helpful for access approvers, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks.
+ - name: Public Identities Config
+ description: |
+ Use this API to implement public identity configuration functionality.
+ With this functionality in place, administrators can make up to 5 identity attributes publicly visible so other non-administrator users can see the relevant information they need to make decisions.
+ This can be helpful for approvers making approvals, certification reviewers, managers viewing their direct reports' access, and source owners viewing their tasks.
+
+ By default, non-administrators can select an identity and view the following attributes: email, lifecycle state, and manager.
+ However, it may be helpful for a non-administrator reviewer to see other identity attributes like department, region, title, etc.
+ Administrators can use this API to make those necessary identity attributes public to non-administrators.
+
+ For example, a non-administrator deciding whether to approve another identity's request for access to the Workday application, whose access may be restricted to members of the HR department, would want to know whether the identity is a member of the HR department.
+ If an administrator has used [Update Public Identity Config](https://developer.sailpoint.com/docs/api/v3/update-public-identity-config/) to make the "department" attribute public, the approver can see the department and make a decision without requesting any more information.
+ - name: Reports Data Extraction
+ description: |
+ Use this API to implement reports lifecycle managing and monitoring.
+ With this functionality in place, users can run reports, view their results, and cancel reports in progress.
+ This can be potentially helpful for auditing purposes.
+ - name: Requestable Objects
+ description: |
+ Use this API to implement requestable object functionality.
+ With this functionality in place, administrators can determine which access items can be requested with the [Access Request APIs](https://developer.sailpoint.com/docs/api/v3/access-requests/), along with their statuses.
+ This can be helpful for administrators who are implementing and customizing access request functionality as a way of checking which items are requestable as they are created, assigned, and made available.
+ - name: Role Insights
+ - name: Roles
+ description: |
+ Use this API to implement and customize role functionality.
+ With this functionality in place, administrators can create roles and configure them for use throughout Identity Security Cloud.
+ Identity Security Cloud can use established criteria to automatically assign the roles to qualified users. This enables users to get all the access they need quickly and securely and administrators to spend their time on other tasks.
+
+ Entitlements represent the most granular level of access in Identity Security Cloud.
+ Access profiles represent the next level and often group entitlements.
+ Roles represent the broadest level of access and often group access profiles.
+
+ For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, 'Employees,' may represent the access all employees have at the organization, and a second, 'Developers,' may represent the access all developers have at the organization.
+
+ An administrator can then create a broader set of access in the form of an access profile, 'AD Developers' grouping the 'Employees' entitlement with the 'Developers' entitlement.
+
+ An administrator can then create an even broader set of access in the form of a role grouping the 'AD Developers' access profile with another profile, 'GitHub Developers,' grouping entitlements for the GitHub source.
+
+ When users only need Active Directory employee access, they can request access to the 'Employees' entitlement.
+
+ When users need both Active Directory employee and developer access, they can request access to the 'AD Developers' access profile.
+
+ When users need both the 'AD Developers' access profile and the 'GitHub Developers' access profile, they can request access to the role grouping both.
+
+ Roles often represent positions within organizations.
+ For example, an organization's accountant can access all the tools the organization's accountants need with the 'Accountant' role.
+ If the accountant switches to engineering, a qualified member of the organization can quickly revoke the accountant's 'Accountant' access and grant access to the 'Engineer' role instead, granting access to all the tools the organization's engineers need.
+
+ In Identity Security Cloud, adminstrators can use the Access drop-down menu and select Roles to view, configure, and delete existing roles, as well as create new ones.
+ Administrators can enable and disable the role, and they can also make the following configurations:
+
+ - Manage Access: Manage the role's access by adding or removing access profiles.
+
+ - Define Assignment: Define the criteria Identity Security Cloud uses to assign the role to identities.
+ Use the first option, 'Standard Criteria,' to provide specific criteria for assignment like specific account attributes, entitlements, or identity attributes.
+ Use the second, 'Identity List,' to specify the identities for assignment.
+
+ - Access Requests: Configure roles to be requestable and establish an approval process for any requests that the role be granted or revoked.
+ Do not configure a role to be requestable without establishing a secure access request approval process for that role first.
+
+ Refer to [Working with Roles](https://documentation.sailpoint.com/saas/help/access/roles.html) for more information about roles.
+ - name: Saved Search
+ description: |
+ Use this API to implement saved search functionality.
+ With saved search functionality in place, users can save search queries and then view those saved searches, as well as rerun them.
+
+ Search queries in Identity Security Cloud can grow very long and specific, which can make reconstructing them difficult or tedious, so it can be especially helpful to save search queries.
+ It also opens the possibility to configure Identity Security Cloud to run the saved queries on a schedule, which is essential to detecting user information and access changes throughout an organization's tenant and across all its sources.
+ Refer to [Scheduled Search](https://developer.sailpoint.com/docs/api/v3/scheduled-search/) for more information about running saved searches on a schedule.
+
+ In Identity Security Cloud, users can save searches under a name, and then they can access that saved search and run it again when they want.
+
+ Refer to [Managing Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html) for more information about saving searches and using them.
+ - name: Scheduled Search
+ description: |
+ Use this API to implement scheduled search functionality.
+ With scheduled search functionality in place, users can run saved search queries on their tenants on a schedule, and Identity Security Cloud emails them the search results.
+ Users can also share these search results with other users by email by adding those users as subscribers, or those users can subscribe themselves.
+
+ One of the greatest benefits of saving searches is the ability to run those searches on a schedule.
+ This is essential for organizations to constantly detect any changes to user information or access throughout their tenants and across all their sources.
+ For example, the manager Amanda Ross can schedule a saved search "manager.name:amanda.ross AND attributes.location:austin" on a schedule to regularly stay aware of changes with the Austin employees reporting to her.
+ Identity Security Cloud emails her the search results when the search runs, so she can work on other tasks instead of actively running this search.
+
+ In Identity Security Cloud, scheduling a search involves a subscription.
+ Users can create a subscription for a saved search and schedule it to run daily, weekly, or monthly (you can only use one schedule option at a time).
+ The user can add other identities as subscribers so when the scheduled search runs, the subscribers and the user all receive emails.
+
+ By default, subscriptions exclude detailed results from the emails, for security purposes.
+ Including detailed results about user access in an email may expose sensitive information.
+ However, the subscription creator can choose to include the information in the emails.
+
+ By default, Identity Security Cloud sends emails to the subscribers even when the searches do not return new results.
+ However, the subscription creator can choose to suppress these empty emails.
+
+ Users can also subscribe to saved searches that already have existing subscriptions so they receive emails when the searches run.
+ A saved search can have up to 10 subscriptions configured at a time.
+
+ The subscription creator can enable, disable, or delete the subscription.
+
+ Refer to [Subscribing to Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html#subscribing-to-saved-searches) for more information about scheduling searches and subscribing to them.
+ - name: Search
+ description: |
+ Use this API to implement search functionality.
+ With search functionality in place, users can search their tenants for nearly any information from throughout their organizations.
+
+ Identity Security Cloud enables organizations to store user data from across all their connected sources and manage the users' access, so the ability to query and filter that data is essential.
+ Its search goes through all those sources and finds the results quickly and specifically.
+
+ The search query is flexible - it can be very broad or very narrow.
+ The search only returns results for searchable objects it is filtering for.
+ The following objects are searchable: identities, roles, access profiles, entitlements, events, and account activities.
+ By default, no filter is applied, so a search for "Ad" returns both the identity "Adam.Archer" as well as the role "Administrator."
+
+ Users can further narrow their results by using Identity Security Cloud's specific syntax and punctuation to structure their queries.
+ For example, the query "attributes.location:austin AND NOT manager.name:amanda.ross" returns all results associated with the Austin location, but it excludes those associated with the manager Amanda Ross.
+ Refer to [Building a Search Query](https://documentation.sailpoint.com/saas/help/search/building-query.html) for more information about how to construct specific search queries.
+
+ Refer to [Using Search](https://documentation.sailpoint.com/saas/help/search/index.html) for more information about Identity Security Cloud's search and its different possibilities.
+
+ The search feature uses Elasticsearch as a datastore and query engine.
+ The power of Elasticsearch makes this feature suitable for ad-hoc reporting.
+ However, data from the operational databases (ex. identities, roles, events, etc) has to be ingested into Elasticsearch.
+ This ingestion process introduces a latency from when the operational data is created to when it is available in search.
+ Depending on the system load, this can take a few seconds to a few minutes.
+ Please keep this latency in mind when you use search.
+ - name: Search Attribute Configuration
+ - name: Segments
+ description: |
+ Use this API to implement and customize access request segment functionality.
+ With this functionality in place, administrators can create and manage access request segments.
+ Segments provide organizations with a way to make the access their users have even more granular - this can simply the access request process for the organization's users and improves security by reducing the risk of overprovisoning access.
+
+ Segments represent sets of identities, all grouped by specified identity attributes, who are only able to see and access the access items associated with their segments.
+ For example, administrators could group all their organization's London office employees into one segment, "London Office Employees," by their shared location.
+ The administrators could then define the access items the London employees would need, and the identities in the "London Office Employees" would then only be able to see and access those items.
+
+ In Identity Security Cloud, administrators can use the 'Access' drop-down menu and select 'Segments' to reach the 'Access Requests Segments' page.
+ This page lists all the existing access request segments, along with their statuses, enabled or disabled.
+ Administrators can use this page to create, edit, enable, disable, and delete segments.
+ To create a segment, an administrator must provide a name, define the identities grouped in the segment, and define the items the identities in the segment can access.
+ These items can be access profiles, roles, or entitlements.
+
+ When administrators use the API to create and manage segments, they use a JSON expression in the `visibilityCriteria` object to define the segment's identities and access items.
+
+ Refer to [Managing Access Request Segments](https://documentation.sailpoint.com/saas/help/requests/segments.html) for more information about segments in Identity Security Cloud.
+ - name: Service Desk Integration
+ description: |
+ Use this API to build an integration between Identity Security Cloud and a service desk ITSM (IT service management) solution.
+ Once an administrator builds this integration between Identity Security Cloud and a service desk, users can use Identity Security Cloud to raise and track tickets that are synchronized between Identity Security Cloud and the service desk.
+
+ In Identity Security Cloud, administrators can create a service desk integration (sometimes also called an SDIM, or Service Desk Integration Module) by going to Admin > Connections > Service Desk and selecting 'Create.'
+
+ To create a Generic Service Desk integration, for example, administrators must provide the required information on the General Settings page, the Connectivity and Authentication information, Ticket Creation information, Status Mapping information, and Requester Source information on the Configure page.
+ Refer to [Integrating SailPoint with Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html) for more information about the process of setting up a Generic Service Desk in Identity Security Cloud.
+
+ Administrators can create various service desk integrations, all with their own nuances.
+ The following service desk integrations are available:
+
+ - [Atlassian Cloud Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_cloud/help/integrating_jira_cloud_sd/introduction.html)
+
+ - [Atlassian Server Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_server/help/integrating_jira_server_sd/introduction.html)
+
+ - [BMC Helix ITSM Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_ITSM_sd/help/integrating_bmc_helix_itsm_sd/intro.html)
+
+ - [BMC Helix Remedyforce Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_remedyforce_sd/help/integrating_bmc_helix_remedyforce_sd/intro.html)
+
+ - [Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html)
+
+ - [ServiceNow Service Desk](https://documentation.sailpoint.com/connectors/servicenow/sdim/help/integrating_servicenow_sdim/intro.html)
+
+ - [Zendesk Service Desk](https://documentation.sailpoint.com/connectors/zendesk/help/integrating_zendesk_sd/introduction.html)
+ - name: SIM Integrations
+ description: |
+ Use this API to administer IdentityNow's Service Integration Module, or SIM integration with ServiceNow, so that it converts IdentityNow provisioning actions into tickets in ServiceNow.
+
+ ServiceNow is a software platform that supports IT service management and automates common business processes for requesting and fulfilling service requests across a business enterprise.
+
+ You must have an IdentityNow ServiceNow ServiceDesk license to use this integration. Contact your Customer Success Manager for more information.
+
+ Service Desk integration for IdentityNow and in deprecation - not available for new implementation, as of July 21st, 2021. As per SailPoint’s [support policy](https://community.sailpoint.com/t5/Connector-Directory/SailPoint-Support-Policy-for-Connectivity/ta-p/79422), all existing SailPoint IdentityNow customers using this legacy integration will be supported until July 2022.
+ - name: SOD Policies
+ description: |
+ Use this API to implement and manage "separation of duties" (SOD) policies.
+ With SOD policy functionality in place, administrators can organize the access in their tenants to prevent individuals from gaining conflicting or excessive access.
+
+ "Separation of duties" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data.
+ For example, people who record monetary transactions shouldn't be able to issue payment for those transactions.
+ Any changes to major system configurations should be approved by someone other than the person requesting the change.
+
+ Organizations can use "separation of duties" (SOD) policies to enforce and track their internal security rules throughout their tenants.
+ These SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access.
+
+ To create SOD policies in Identity Security Cloud, administrators use 'Search' and then access 'Policies'.
+ To create a policy, they must configure two lists of access items. Each access item can only be added to one of the two lists.
+ They can search for the entitlements they want to add to these access lists.
+
+ >Note: You can have a maximum of 500 policies of any type (including general policies) in your organization. In each access-based SOD policy, you can have a maximum of 50 entitlements in each access list.
+
+ Once a SOD policy is in place, if an identity has access items on both lists, a SOD violation will trigger.
+ These violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy.
+ The other users can then better help to enforce these SOD policies.
+
+ To create a subscription to a SOD policy in Identity Security Cloud, administrators use 'Search' and then access 'Layers'.
+ They can create a subscription to the policy and schedule it to run at a regular interval.
+
+ Refer to [Managing Policies](https://documentation.sailpoint.com/saas/help/sod/manage-policies.html) for more information about SOD policies.
+
+ Refer to [Subscribe to a SOD Policy](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html#subscribe-to-an-sod-policy) for more information about SOD policy subscriptions.
+ - name: SOD Violations
+ description: |
+ Use this API to check for current "separation of duties" (SOD) policy violations as well as potential future SOD policy violations.
+ With SOD violation functionality in place, administrators can get information about current SOD policy violations and predict whether an access change will trigger new violations, which helps to prevent them from occurring at all.
+
+ "Separation of duties" refers to the concept that people shouldn't have conflicting sets of access - all their access should be configured in a way that protects your organization's assets and data.
+ For example, people who record monetary transactions shouldn't be able to issue payment for those transactions.
+ Any changes to major system configurations should be approved by someone other than the person requesting the change.
+
+ Organizations can use "separation of duties" (SOD) policies to enforce and track their internal security rules throughout their tenants.
+ These SOD policies limit each user's involvement in important processes and protects the organization from individuals gaining excessive access.
+
+ Once a SOD policy is in place, if an identity has conflicting access items, a SOD violation will trigger.
+ These violations are included in SOD violation reports that other users will see in emails at regular intervals if they're subscribed to the SOD policy.
+ The other users can then better help to enforce these SOD policies.
+
+ Administrators can use the SOD violations APIs to check a set of identities for any current SOD violations, and they can use them to check whether adding an access item would potentially trigger a SOD violation.
+ This second option is a good way to prevent SOD violations from triggering at all.
+
+ Refer to [Handling Policy Violations](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html) for more information about SOD policy violations.
+ - name: Source Usages
+ description: |
+ Use this API to implement source usage insight functionality.
+ With this functionality in place, administrators can gather information and insights about how their tenants' sources are being used.
+ This allows organizations to get the information they need to start optimizing and securing source usage.
+ - name: Sources
+ description: |
+ Use this API to implement and customize source functionality.
+ With source functionality in place, organizations can use Identity Security Cloud to connect their various sources and user data sets and manage access across all those different sources in a secure, scalable way.
+
+ [Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) refer to the Identity Security Cloud representations for external applications, databases, and directory management systems that maintain their own sets of users, like Dropbox, GitHub, and Workday, for example.
+ Organizations may use hundreds, if not thousands, of different source systems, and any one employee within an organization likely has a different user record on each source, often with different permissions on many of those records.
+ Connecting these sources to Identity Security Cloud makes it possible to manage user access across them all.
+ Then, if a new hire starts at an organization, Identity Security Cloud can grant the new hire access to all the sources they need.
+ If an employee moves to a new department and needs access to new sources but no longer needs access to others, Identity Security Cloud can grant the necessary access and revoke the unnecessary access for all the employee's various sources.
+ If an employee leaves the company, Identity Security Cloud can revoke access to all the employee's various source accounts immediately.
+ These are just a few examples of the many ways that source functionality makes identity governance easier, more efficient, and more secure.
+
+ In Identity Security Cloud, administrators can create configure, manage, and edit sources, and they can designate other users as source admins to be able to do so.
+ They can also designate users as source sub-admins, who can perform the same source actions but only on sources associated with their governance groups.
+ Admins go to Connections > Sources to see a list of the existing source representations in their organizations.
+ They can create new sources or select existing ones.
+
+ To create a new source, the following must be specified: Source Name, Description, Source Owner, and Connection Type.
+ Refer to [Configuring a Source](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html#configuring-a-source) for more information about the source configuration process.
+
+ Identity Security Cloud connects with its sources either by a direct communication with the source server (connection information specific to the source must be provided) or a flat file feed, a CSV file containing all the relevant information about the accounts to be loaded in.
+ Different sources use different connectors to share data with Identity Security Cloud, and each connector's setup process is specific to that connector.
+ SailPoint has built a number of connectors to come out of the box and connect to the most common sources, and SailPoint actively maintains these connectors.
+ Refer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about these SailPoint supported connectors.
+ Refer to the following links for more information about two useful connectors:
+
+ - [JDBC Connector](https://documentation.sailpoint.com/connectors/jdbc/help/integrating_jdbc/introduction.html): This customizable connector an directly connect to databases that support JDBC (Java Database Connectivity).
+
+ - [Web Services Connector](https://documentation.sailpoint.com/connectors/webservices/help/integrating_webservices/introduction.html): This connector can directly connect to databases that support Web Services.
+
+ Refer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about SailPoint's new connectivity framework that makes it easy to build and manage custom connectors to SaaS sources.
+
+ When admins select existing sources, they can view the following information about the source:
+
+ - Associated connections (any associated identity profiles, apps, or references to the source in a transform).
+
+ - Associated user accounts. These accounts are linked to their identities - this provides a more complete picture of each user's access across sources.
+
+ - Associated entitlements (sets of access rights on sources).
+
+ - Associated access profiles (groupings of entitlements).
+
+ The user account data and the entitlements update with each data aggregation from the source.
+ Organizations generally run scheduled, automated data aggregations to ensure that their data is always in sync between their sources and their Identity Security Cloud tenants so an access change on a source is detected quickly in Identity Security Cloud.
+ Admins can view a history of these aggregations, and they can also run manual imports.
+ Refer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about manual and scheduled aggregations.
+
+ Admins can also make changes to determine which user account data Identity Security Cloud collects from the source and how it correlates that account data with identity data.
+ To define which account attributes the source shares with Identity Security Cloud, admins can edit the account schema on the source.
+ Refer to [Managing Source Account Schemas](https://documentation.sailpoint.com/saas/help/accounts/schema.html) for more information about source account schemas and how to edit them.
+ To define the mapping between the source account attributes and their correlating identity attributes, admins can edit the correlation configuration on the source.
+ Refer to [Assigning Source Accounts to Identities](https://documentation.sailpoint.com/saas/help/accounts/correlation.html) for more information about this correlation process between source accounts and identities.
+
+ Admins can also delete sources, but they must first ensure that the sources no longer have any active connections: the source must not be associated with any identity profile or any app, and it must not be referenced by any transform.
+ Refer to [Deleting Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html#deleting-sources) for more information about deleting sources.
+
+ Well organized, mapped out connections between sources and Identity Security Cloud are essential to achieving comprehensive identity access governance across all the source systems organizations need.
+ Refer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about all the different things admins can do with sources once they are connected.
+ - name: SP-Config
+ description: Import and export configuration for some objects between tenants.
+ - name: Suggested Entitlement Description
+ description: |
+ Use this API to leverage power of LLM to generate suggested entitlement description.
+ - name: Tagged Objects
+ description: |
+ Use this API to implement object tagging functionality.
+ With object tagging functionality in place, any user in an organization can use tags as a way to group objects together and find them more quickly when the user searches Identity Security Cloud.
+
+ In Identity Security Cloud, users can search their tenants for information and add tags objects they find.
+ Tagging an object provides users with a way of grouping objects together and makes it easier to find these objects in the future.
+
+ For example, if a user is searching for an entitlement that grants a risky level of access to Active Directory, it's possible that the user may have to search through hundreds of entitlements to find the correct one.
+ Once the user finds that entitlement, the user can add a tag to the entitlement, "AD_RISKY" to make it easier to find the entitlement again.
+ The user can add the same tag to multiple objects the user wants to group together for an easy future search, and the user can also do so in bulk.
+ When the user wants to find that tagged entitlement again, the user can search for "tags:AD_RISKY" to find all objects with that tag.
+
+ With the API, you can tag even more different object types than you can in Identity Security Cloud (access profiles, entitlements, identities, and roles).
+ You can use the API to tag all these objects:
+
+ - Access profiles
+
+ - Applications
+
+ - Certification campaigns
+
+ - Entitlements
+
+ - Identities
+
+ - Roles
+
+ - SOD (separation of duties) policies
+
+ - Sources
+
+ You can also use the API to directly find, create, and manage tagged objects without using search queries.
+
+ There are limits to tags:
+
+ - You can have up to 500 different tags in your tenant.
+
+ - You can apply up to 30 tags to one object.
+
+ - You can have up to 10,000 tag associations, pairings of 1 tag to 1 object, in your tenant.
+
+ Because of these limits, it is recommended that you work with your governance experts and security teams to establish a list of tags that are most expressive of governance objects and access managed by Identity Security Cloud.
+
+ These are the types of information often expressed in tags:
+
+ - Affected departments
+
+ - Compliance and regulatory categories
+
+ - Remediation urgency levels
+
+ - Risk levels
+
+ Refer to [Tagging Items in Search](https://documentation.sailpoint.com/saas/help/search/index.html?h=tags#tagging-items-in-search) for more information about tagging objects in Identity Security Cloud.
+ - name: Task Management
+ - name: Tenant
+ description: API for reading tenant details.
+ - name: Transforms
+ description: |
+ The purpose of this API is to expose functionality for the manipulation of Transform objects.
+ Transforms are a form of configurable objects which define an easy way to manipulate attribute data without having
+ to write code. These endpoints don't require API calls to other resources, audit service is used for keeping track
+ of which users have made changes to the Transforms.
+
+ Refer to [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/) for more information about transforms.
+ - name: Triggers
+ description: |
+ Event Triggers provide real-time updates to changes in Identity Security Cloud so you can take action as soon as an event occurs, rather than poll an API endpoint for updates. Identity Security Cloud provides a user interface within the admin console to create and manage trigger subscriptions. These endpoints allow for programatically creating and managing trigger subscriptions.
+
+ There are two types of event triggers:
+ * `FIRE_AND_FORGET`: This trigger type will send a payload to each subscriber without needing a response. Each trigger of this type has a limit of **50 subscriptions**.
+ * `REQUEST_RESPONSE`: This trigger type will send a payload to a subscriber and expect a response back. Each trigger of this type may only have **one subscription**.
+
+ ## Available Event Triggers
+ Production ready event triggers that are available in all tenants.
+
+ | Name | ID | Type | Trigger condition |
+ |-|-|-|-|
+ | [Access Request Dynamic Approval](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-dynamic-approval/) | idn:access-request-dynamic-approver | REQUEST_RESPONSE |After an access request is submitted. Expects the subscriber to respond with the ID of an identity or workgroup to add to the approval workflow. |
+ | [Access Request Decision](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-decision/) | idn:access-request-post-approval | FIRE_AND_FORGET | After an access request is approved. |
+ | [Access Request Submitted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-submitted/) | idn:access-request-pre-approval | REQUEST_RESPONSE | After an access request is submitted. Expects the subscriber to respond with an approval decision. |
+ | [Account Aggregation Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:account-aggregation-completed | FIRE_AND_FORGET | After an account aggregation completed, terminated, failed. |
+ | Account Attributes Changed | idn:account-attributes-changed | FIRE_AND_FORGET | After an account aggregation, and one or more account attributes have changed. |
+ | Account Correlated | idn:account-correlated | FIRE_AND_FORGET | After an account is added to an identity. |
+ | Accounts Collected for Aggregation | idn:aggregation-accounts-collected | FIRE_AND_FORGET | New, changed, and deleted accounts have been gathered during an aggregation and are being processed. |
+ | Account Uncorrelated | idn:account-uncorrelated | FIRE_AND_FORGET | After an account is removed from an identity. |
+ | Campaign Activated | idn:campaign-activated | FIRE_AND_FORGET | After a campaign is activated. |
+ | Campaign Ended | idn:campaign-ended | FIRE_AND_FORGET | After a campaign ends. |
+ | Campaign Generated | idn:campaign-generated | FIRE_AND_FORGET | After a campaign finishes generating. |
+ | Certification Signed Off | idn:certification-signed-off | FIRE_AND_FORGET | After a certification is signed off by its reviewer. |
+ | [Identity Attributes Changed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:identity-attributes-changed | FIRE_AND_FORGET | After One or more identity attributes changed. |
+ | [Identity Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-created/) | idn:identity-created | FIRE_AND_FORGET | After an identity is created. |
+ | [Provisioning Action Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/provisioning-completed/) | idn:post-provisioning | FIRE_AND_FORGET | After a provisioning action completed on a source. |
+ | [Scheduled Search](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/scheduled-search/) | idn:saved-search-complete | FIRE_AND_FORGET | After a scheduled search completed. |
+ | [Source Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-created/) | idn:source-created | FIRE_AND_FORGET | After a source is created. |
+ | [Source Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-deleted/) | idn:source-deleted | FIRE_AND_FORGET | After a source is deleted. |
+ | [Source Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-updated/) | idn:source-updated | FIRE_AND_FORGET | After configuration changes have been made to a source. |
+ | [VA Cluster Status Change](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/va-cluster-status-change/) | idn:va-cluster-status-change | FIRE_AND_FORGET | After the status of a VA cluster has changed. |
+
+ ## Early Access Event Triggers
+ Triggers that are in-development and not ready for production use. Please contact support to enable these triggers in your tenant.
+
+ | Name | ID | Type | Trigger condition |
+ |-|-|-|-|
+ | [Identity Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-deleted/) | idn:identity-deleted | FIRE_AND_FORGET | After an identity is deleted. |
+ | [Source Account Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-created/) | idn:source-account-created | FIRE_AND_FORGET | After a source account is created. |
+ | [Source Account Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-deleted/) | idn:source-account-deleted | FIRE_AND_FORGET | After a source account is deleted. |
+ | [Source Account Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-updated/) | idn:source-account-updated | FIRE_AND_FORGET | After a source account is changed. |
+ - name: UI Metadata
+ description: API for managing UI Metadata.
+ Use this API to manage metadata about your User Interface.
+
+ For example you can set the iFrameWhitelist parameter to permit another domain to encapsulate IDN within an iframe or set the usernameEmptyText to change the placeholder text for Username on your tenant's login screen.
+ - name: Vendor Connector Mappings
+ description: |
+ Use this API to manage mappings between various SaaS vendors and Identity Security Cloud (ISC) connectors.
+ - name: Work Items
+ description: |
+ Use this API to implement work item functionality.
+ With this functionality in place, users can manage their work items (tasks).
+
+ Work items refer to the tasks users see in Identity Security Cloud's Task Manager.
+ They can see the pending work items they need to complete, as well as the work items they have already completed.
+ Task Manager lists the work items along with the involved sources, identities, accounts, and the timestamp when the work item was created.
+ For example, a user may see a pending 'Create an Account' work item for the identity Fred.Astaire in GitHub for Fred's GitHub account, fred-astaire-sp.
+ Once the user completes the work item, the work item will be listed with his or her other completed work items.
+
+ To complete work items, users can use their dashboards and select the 'My Tasks' widget.
+ The widget will list any work items they need to complete, and they can select the work item from the list to review its details.
+ When they complete the work item, they can select 'Mark Complete' to add it to their list of completed work items.
+
+ Refer to [Task Manager](https://documentation.sailpoint.com/saas/user-help/task_manager.html) for more information about work items, including the different types of work items users may need to complete.
+ - name: Work Reassignment
+ description: |
+ Use this API to implement work reassignment functionality.
+
+ Work Reassignment allows access request reviews, certifications, and manual provisioning tasks assigned to a user to be reassigned to a different user. This is primarily used for:
+
+ - Temporarily redirecting work for users who are out of office, such as on vacation or sick leave
+ - Permanently redirecting work for users who should not be assigned these tasks at all, such as senior executives or service identities
+
+ Users can define reassignments for themselves, managers can add them for their team members, and administrators can configure them on any user’s behalf. Work assigned during the specified reassignment timeframes will be automatically reassigned to the designated user as it is created.
+
+ Refer to [Work Reassignment](https://documentation.sailpoint.com/saas/help/users/work_reassignment.html) for more information about this topic.
+ - name: Workflows
+ description: |
+ Workflows allow administrators to create custom automation scripts directly within Identity Security Cloud. These automation scripts respond to [event triggers](https://developer.sailpoint.com/docs/extensibility/event-triggers/#how-to-get-started-with-event-triggers) and perform a series of actions to perform tasks that are either too cumbersome or not available in the Identity Security Cloud UI. Workflows can be configured via a graphical user interface within Identity Security Cloud, or by creating and uploading a JSON formatted script to the Workflow service. The Workflows API collection provides the necessary functionality to create, manage, and test your workflows via REST.
+paths:
+ /access-profiles:
+ $ref: ./v3/paths/access-profiles.yaml
+ /access-profiles/{id}:
+ $ref: ./v3/paths/access-profile.yaml
+ /access-profiles/bulk-delete:
+ $ref: ./v3/paths/access-profile-bulk-delete.yaml
+ /access-profiles/{id}/entitlements:
+ $ref: ./v3/paths/access-profile-entitlements.yaml
+ /access-requests:
+ $ref: ./v3/paths/access-requests.yaml
+ /access-requests/cancel:
+ $ref: ./v3/paths/access-request-cancel.yaml
+ /access-request-config:
+ $ref: ./v3/paths/access-request-config.yaml
+ /access-request-status:
+ $ref: ./v3/paths/access-request-status.yaml
+ /access-request-approvals/pending:
+ $ref: ./v3/paths/pending-access-request-approvals.yaml
+ /access-request-approvals/completed:
+ $ref: ./v3/paths/completed-access-request-approvals.yaml
+ /access-request-approvals/{approvalId}/approve:
+ $ref: ./v3/paths/approve-access-request-approval.yaml
+ /access-request-approvals/{approvalId}/reject:
+ $ref: ./v3/paths/reject-access-request-approval.yaml
+ /access-request-approvals/{approvalId}/forward:
+ $ref: ./v3/paths/forward-access-request-approval.yaml
+ /access-request-approvals/approval-summary:
+ $ref: ./v3/paths/access-request-approval-summary.yaml
+ /accounts:
+ $ref: ./v3/paths/accounts.yaml
+ /accounts/{id}:
+ $ref: ./v3/paths/account.yaml
+ /accounts/{id}/entitlements:
+ $ref: ./v3/paths/accounts-id-entitlements.yaml
+ /accounts/{id}/reload:
+ $ref: ./v3/paths/accounts-id-reload.yaml
+ /accounts/{id}/enable:
+ $ref: ./v3/paths/accounts-id-enable.yaml
+ /accounts/{id}/disable:
+ $ref: ./v3/paths/accounts-id-disable.yaml
+ /accounts/{id}/unlock:
+ $ref: ./v3/paths/accounts-id-unlock.yaml
+ /account-activities:
+ $ref: ./v3/paths/account-activity-list.yaml
+ /account-activities/{id}:
+ $ref: ./v3/paths/account-activity-get-one.yaml
+ /auth-org/network-config:
+ $ref: ./v3/paths/auth-org-network-config.yaml
+ /auth-users/{id}:
+ $ref: ./v3/paths/auth-user.yaml
+ /brandings:
+ $ref: ./v3/paths/brandings.yaml
+ /brandings/{name}:
+ $ref: ./v3/paths/branding.yaml
+ /campaigns:
+ $ref: ./v3/paths/campaigns.yaml
+ /campaigns/{id}:
+ $ref: ./v3/paths/campaign.yaml
+ /campaigns/{id}/reassign:
+ $ref: ./v3/paths/campaign-admin-cert-reassign.yaml
+ /campaigns/{id}/activate:
+ $ref: ./v3/paths/campaign-activate.yaml
+ /campaigns/{id}/complete:
+ $ref: ./v3/paths/campaign-complete.yaml
+ /campaigns/delete:
+ $ref: ./v3/paths/campaigns-delete.yaml
+ /campaigns/{id}/run-remediation-scan:
+ $ref: ./v3/paths/campaign-run-remediation-scan.yaml
+ /campaigns/{id}/reports:
+ $ref: ./v3/paths/campaign-reports.yaml
+ /campaigns/{id}/run-report/{type}:
+ $ref: ./v3/paths/campaign-run-report.yaml
+ /campaigns/reports-configuration:
+ $ref: ./v3/paths/campaign-reports-configuration.yaml
+ /campaign-filters:
+ $ref: ./v3/paths/campaign-filters.yaml
+ /campaign-filters/{id}:
+ $ref: ./v3/paths/campaign-filter.yaml
+ /campaign-filters/delete:
+ $ref: ./v3/paths/campaign-filters-delete.yaml
+ /campaign-templates:
+ $ref: ./v3/paths/campaign-templates.yaml
+ /campaign-templates/{id}:
+ $ref: ./v3/paths/campaign-template.yaml
+ /campaign-templates/{id}/schedule:
+ $ref: ./v3/paths/campaign-template-schedule.yaml
+ /campaign-templates/{id}/generate:
+ $ref: ./v3/paths/campaign-template-generate.yaml
+ /certifications:
+ $ref: ./v3/paths/identity-certifications.yaml
+ /certifications/{id}:
+ $ref: ./v3/paths/identity-certification.yaml
+ /certifications/{id}/access-review-items:
+ $ref: ./v3/paths/identity-certifications-access-review-items.yaml
+ /certifications/{id}/decide:
+ $ref: ./v3/paths/identity-certifications-decide.yaml
+ /certifications/{id}/reassign:
+ $ref: ./v3/paths/identity-certifications-reassign.yaml
+ /certifications/{id}/sign-off:
+ $ref: ./v3/paths/identity-certifications-sign-off.yaml
+ /certifications/{id}/decision-summary:
+ $ref: ./v3/paths/identity-certifications-decision-summary.yaml
+ /certifications/{id}/identity-summaries:
+ $ref: ./v3/paths/identity-certifications-identity-summaries.yaml
+ /certifications/{id}/access-summaries/{type}:
+ $ref: ./v3/paths/identity-certifications-access-summaries.yaml
+ /certifications/{id}/identity-summaries/{identitySummaryId}:
+ $ref: ./v3/paths/identity-certifications-identity-summary.yaml
+ /certifications/{certificationId}/access-review-items/{itemId}/permissions:
+ $ref: ./v3/paths/identity-certifications-item-permissions.yaml
+ /certifications/{id}/reviewers:
+ $ref: ./v3/paths/certifications-reviewers.yaml
+ /certifications/{id}/reassign-async:
+ $ref: ./v3/paths/certifications-reassign-async.yaml
+ /certification-tasks/{id}:
+ $ref: ./v3/paths/certification-task.yaml
+ /certification-tasks:
+ $ref: ./v3/paths/certification-tasks.yaml
+ /configuration-hub/object-mappings/{sourceOrg}:
+ $ref: ./v3/paths/configuration-hub/object-mapping.yaml
+ /configuration-hub/object-mappings/{sourceOrg}/{objectMappingId}:
+ $ref: ./v3/paths/configuration-hub/object-mapping-delete.yaml
+ /configuration-hub/object-mappings/{sourceOrg}/bulk-create:
+ $ref: ./v3/paths/configuration-hub/object-mapping-bulk-create.yaml
+ /configuration-hub/object-mappings/{sourceOrg}/bulk-patch:
+ $ref: ./v3/paths/configuration-hub/object-mapping-bulk-update.yaml
+ /configuration-hub/backups/uploads:
+ $ref: ./v3/paths/configuration-hub/backup-uploads.yaml
+ /configuration-hub/backups/uploads/{id}:
+ $ref: ./v3/paths/configuration-hub/backup-uploads-id.yaml
+ /connectors/{scriptName}:
+ $ref: ./v3/paths/connector.yaml
+ /connectors:
+ $ref: ./v3/paths/connectors.yaml
+ /connectors/{scriptName}/source-config:
+ $ref: ./v3/paths/connectors-source-config.yaml
+ /connectors/{scriptName}/translations/{locale}:
+ $ref: ./v3/paths/connectors-translations.yaml
+ /connectors/{scriptName}/source-template:
+ $ref: ./v3/paths/connectors-source-template.yaml
+ /connectors/{scriptName}/correlation-config:
+ $ref: ./v3/paths/connectors-correlation-config.yaml
+ /identities/{identity-id}/set-lifecycle-state:
+ $ref: ./v3/paths/identity-set-lifecycle-state.yaml
+ /identity-profiles/{identity-profile-id}/lifecycle-states:
+ $ref: ./v3/paths/identity-profile-lifecycle-states.yaml
+ /identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}:
+ $ref: ./v3/paths/identity-profile-lifecycle-state.yaml
+ /identity-profiles:
+ $ref: ./v3/paths/identity-profiles.yaml
+ /identity-profiles/bulk-delete:
+ $ref: ./v3/paths/identity-profiles-bulk-delete.yaml
+ /identity-profiles/export:
+ $ref: ./v3/paths/identity-profiles-export.yaml
+ /identity-profiles/import:
+ $ref: ./v3/paths/identity-profiles-import.yaml
+ /identity-profiles/{identity-profile-id}:
+ $ref: ./v3/paths/identity-profile.yaml
+ /identity-profiles/{identity-profile-id}/default-identity-attribute-config:
+ $ref: ./v3/paths/identity-profile-default-config.yaml
+ /identity-profiles/{identity-profile-id}/process-identities:
+ $ref: ./v3/paths/identity-profile-process-identities.yaml
+ /managed-clients:
+ $ref: ./v3/paths/managed-clients.yaml
+ /managed-clients/{id}:
+ $ref: ./v3/paths/managed-client.yaml
+ /managed-clients/{id}/status:
+ $ref: ./v3/paths/managed-client-status.yaml
+ /managed-clusters:
+ $ref: ./v3/paths/managed-clusters.yaml
+ /managed-clusters/{id}:
+ $ref: ./v3/paths/managed-cluster.yaml
+ /mfa/okta-verify/config:
+ $ref: ./v3/paths/mfa-okta-config.yaml
+ /mfa/duo-web/config:
+ $ref: ./v3/paths/mfa-duo-config.yaml
+ /mfa/kba/config:
+ $ref: ./v3/paths/mfa-kba-config.yaml
+ /mfa/kba/config/answers:
+ $ref: ./v3/paths/mfa-kba-config-answers.yaml
+ /mfa/{method}/test:
+ $ref: ./v3/paths/mfa-config-test.yaml
+ /non-employee-records:
+ $ref: ./v3/paths/non-employee-records.yaml
+ /non-employee-records/{id}:
+ $ref: ./v3/paths/non-employee-record.yaml
+ /non-employee-records/bulk-delete:
+ $ref: ./v3/paths/non-employee-records-bulk-delete.yaml
+ /non-employee-requests:
+ $ref: ./v3/paths/non-employee-requests.yaml
+ /non-employee-requests/{id}:
+ $ref: ./v3/paths/non-employee-request.yaml
+ /non-employee-requests/summary/{requested-for}:
+ $ref: ./v3/paths/non-employee-request-summary-get.yaml
+ /non-employee-sources:
+ $ref: ./v3/paths/non-employee-sources.yaml
+ /non-employee-sources/{sourceId}:
+ $ref: ./v3/paths/non-employee-source.yaml
+ /non-employee-sources/{id}/non-employees/download:
+ $ref: ./v3/paths/non-employee-sources-export-non-employees.yaml
+ /non-employee-sources/{id}/non-employee-bulk-upload:
+ $ref: ./v3/paths/non-employee-sources-bulk-upload-non-employees.yaml
+ /non-employee-sources/{id}/non-employee-bulk-upload/status:
+ $ref: ./v3/paths/non-employee-sources-bulk-upload-status.yaml
+ /non-employee-sources/{id}/schema-attributes-template/download:
+ $ref: ./v3/paths/non-employee-sources-export-schema-attributes-template.yaml
+ /non-employee-approvals:
+ $ref: ./v3/paths/non-employee-approval-list.yaml
+ /non-employee-approvals/{id}:
+ $ref: ./v3/paths/non-employee-approve-get.yaml
+ /non-employee-approvals/{id}/approve:
+ $ref: ./v3/paths/non-employee-approve-request.yaml
+ /non-employee-approvals/{id}/reject:
+ $ref: ./v3/paths/non-employee-reject-request.yaml
+ /non-employee-approvals/summary/{requested-for}:
+ $ref: ./v3/paths/non-employee-approval-summary.yaml
+ /non-employee-sources/{sourceId}/schema-attributes:
+ $ref: ./v3/paths/non-employee-sources-schema-attributes.yaml
+ /non-employee-sources/{sourceId}/schema-attributes/{attributeId}:
+ $ref: ./v3/paths/non-employee-sources-schema-attribute.yaml
+ /oauth-clients:
+ $ref: ./v3/paths/oauth-clients.yaml
+ /oauth-clients/{id}:
+ $ref: ./v3/paths/oauth-client.yaml
+ /password-sync-groups:
+ $ref: ./v3/paths/password-sync-groups.yaml
+ /password-sync-groups/{id}:
+ $ref: ./v3/paths/password-sync-group.yaml
+ /password-policies/{id}:
+ $ref: ./v3/paths/password-policy.yaml
+ /password-policies:
+ $ref: ./v3/paths/password-policies.yaml
+ /personal-access-tokens:
+ $ref: ./v3/paths/personal-access-tokens.yaml
+ /personal-access-tokens/{id}:
+ $ref: ./v3/paths/personal-access-token.yaml
+ /public-identities:
+ $ref: ./v3/paths/public-identities.yaml
+ /public-identities-config:
+ $ref: ./v3/paths/public-identities-config.yaml
+ /requestable-objects:
+ $ref: ./v3/paths/requestable-object-list.yaml
+ /roles:
+ $ref: ./v3/paths/roles.yaml
+ /roles/{id}:
+ $ref: ./v3/paths/role.yaml
+ /roles/bulk-delete:
+ $ref: ./v3/paths/role-bulk-delete.yaml
+ /roles/{id}/assigned-identities:
+ $ref: ./v3/paths/role-assigned-identities.yaml
+ /saved-searches:
+ $ref: ./v3/paths/saved-searches.yaml
+ /saved-searches/{id}:
+ $ref: ./v3/paths/saved-searches-id.yaml
+ /saved-searches/{id}/execute:
+ $ref: ./v3/paths/saved-searches-execute.yaml
+ /scheduled-searches:
+ $ref: ./v3/paths/scheduled-searches.yaml
+ /scheduled-searches/{id}:
+ $ref: ./v3/paths/scheduled-searches-id.yaml
+ /scheduled-searches/{id}/unsubscribe:
+ $ref: ./v3/paths/scheduled-searches-unsubscribe.yaml
+ /search:
+ $ref: ./v3/paths/search-post.yaml
+ /search/count:
+ $ref: ./v3/paths/search-count.yaml
+ /search/aggregate:
+ $ref: ./v3/paths/search-aggregate.yaml
+ /search/{index}/{id}:
+ $ref: ./v3/paths/search-get.yaml
+ /segments:
+ $ref: ./v3/paths/segments.yaml
+ /segments/{id}:
+ $ref: ./v3/paths/segment.yaml
+ /service-desk-integrations:
+ $ref: ./v3/paths/service-desk-integrations.yaml
+ /service-desk-integrations/{id}:
+ $ref: ./v3/paths/service-desk-integration.yaml
+ /service-desk-integrations/types:
+ $ref: ./v3/paths/service-desk-integration-types.yaml
+ /service-desk-integrations/templates/{scriptName}:
+ $ref: ./v3/paths/service-desk-integration-template.yaml
+ /service-desk-integrations/status-check-configuration:
+ $ref: ./v3/paths/service-desk-integration-configuration.yaml
+ /query-password-info:
+ $ref: ./v3/paths/query-password-info.yaml
+ /set-password:
+ $ref: ./v3/paths/set-password.yaml
+ /password-change-status/{id}:
+ $ref: ./v3/paths/password-change-status.yaml
+ /password-dictionary:
+ $ref: ./v3/paths/password-dictionary.yaml
+ /password-org-config:
+ $ref: ./v3/paths/password-org-config.yaml
+ /reports/{taskResultId}/result:
+ $ref: ./v3/paths/reports-result.yaml
+ /reports/run:
+ $ref: ./v3/paths/reports-run.yaml
+ /reports/{id}/cancel:
+ $ref: ./v3/paths/reports-cancel.yaml
+ /reports/{taskResultId}:
+ $ref: ./v3/paths/reports-get-file.yaml
+ /sod-policies:
+ $ref: ./v3/paths/sod-policies.yaml
+ /sod-policies/{id}:
+ $ref: ./v3/paths/sod-policy.yaml
+ /sod-policies/{id}/evaluate:
+ $ref: ./v3/paths/sod-policy-evaluate.yaml
+ /sod-policies/{id}/schedule:
+ $ref: ./v3/paths/sod-schedule.yaml
+ /sod-policies/{id}/violation-report/run:
+ $ref: ./v3/paths/sod-report-run.yaml
+ /sod-policies/{id}/violation-report:
+ $ref: ./v3/paths/sod-violation-report.yaml
+ /sod-policies/sod-violation-report-status/{reportResultId}:
+ $ref: ./v3/paths/sod-violation-report-status.yaml
+ /sod-violations/predict:
+ $ref: ./v3/paths/sod-violations-predict.yaml
+ /sod-violations/check:
+ $ref: ./v3/paths/sod-violations-check.yaml
+ /sod-violation-report/run:
+ $ref: ./v3/paths/sod-all-report-run.yaml
+ /sod-violation-report:
+ $ref: ./v3/paths/sod-all-report-status.yaml
+ /sod-violation-report/{reportResultId}/download:
+ $ref: ./v3/paths/sod-download-default-report.yaml
+ /sod-violation-report/{reportResultId}/download/{fileName}:
+ $ref: ./v3/paths/sod-download-custom-report.yaml
+ /sources:
+ $ref: ./v3/paths/sources.yaml
+ /sources/{id}:
+ $ref: ./v3/paths/source.yaml
+ /sources/{sourceId}/provisioning-policies:
+ $ref: ./v3/paths/provisioning-policies.yaml
+ /sources/{sourceId}/provisioning-policies/{usageType}:
+ $ref: ./v3/paths/provisioning-policy.yaml
+ /sources/{sourceId}/provisioning-policies/bulk-update:
+ $ref: ./v3/paths/provisioning-policies-bulk-update.yaml
+ /sources/{sourceId}/schemas:
+ $ref: ./v3/paths/schemas.yaml
+ /sources/{sourceId}/schemas/{schemaId}:
+ $ref: ./v3/paths/schema.yaml
+ /sources/{sourceId}/source-health:
+ $ref: ./v3/paths/source-health.yaml
+ /sources/{id}/schemas/accounts:
+ $ref: ./v3/paths/source-accounts-schema.yaml
+ /sources/{id}/schemas/entitlements:
+ $ref: ./v3/paths/source-entitlements-schema.yaml
+ /sources/{sourceId}/upload-connector-file:
+ $ref: ./v3/paths/source-upload-connector-file.yaml
+ /tagged-objects:
+ $ref: ./v3/paths/tagged-objects.yaml
+ /tagged-objects/{type}:
+ $ref: ./v3/paths/tagged-objects-type.yaml
+ /tagged-objects/{type}/{id}:
+ $ref: ./v3/paths/tagged-object.yaml
+ /tagged-objects/bulk-add:
+ $ref: ./v3/paths/bulk-add-tagged-objects.yaml
+ /tagged-objects/bulk-remove:
+ $ref: ./v3/paths/bulk-remove-tagged-objects.yaml
+ /transforms:
+ $ref: ./v3/paths/transforms.yaml
+ /transforms/{id}:
+ $ref: ./v3/paths/transform.yaml
+ /work-items:
+ $ref: ./v3/paths/work-items.yaml
+ /work-items/completed:
+ $ref: ./v3/paths/work-items-completed.yaml
+ /work-items/count:
+ $ref: ./v3/paths/work-items-count.yaml
+ /work-items/completed/count:
+ $ref: ./v3/paths/work-items-completed-count.yaml
+ /work-items/summary:
+ $ref: ./v3/paths/work-items-summary.yaml
+ /work-items/{id}:
+ $ref: ./v3/paths/work-item.yaml
+ /work-items/{id}/approve/{approvalItemId}:
+ $ref: ./v3/paths/work-items-approve-approval-item.yaml
+ /work-items/{id}/reject/{approvalItemId}:
+ $ref: ./v3/paths/work-items-reject-approval-item.yaml
+ /work-items/bulk-approve/{id}:
+ $ref: ./v3/paths/work-items-bulk-approve-approval-item.yaml
+ /work-items/bulk-reject/{id}:
+ $ref: ./v3/paths/work-items-bulk-reject-approval-item.yaml
+ /work-items/{id}/submit-account-selection:
+ $ref: ./v3/paths/work-items-account-selection.yaml
+ /workflows:
+ $ref: ./v3/paths/workflows/workflows.yaml
+ /workflows/{id}:
+ $ref: ./v3/paths/workflows/workflow.yaml
+ /workflows/{id}/test:
+ $ref: ./v3/paths/workflows/workflow-test.yaml
+ /workflows/{id}/executions:
+ $ref: ./v3/paths/workflows/workflow-executions.yaml
+ /workflow-executions/{id}:
+ $ref: ./v3/paths/workflows/workflow-execution.yaml
+ /workflow-executions/{id}/history:
+ $ref: ./v3/paths/workflows/workflow-execution-history.yaml
+ /workflow-executions/{id}/cancel:
+ $ref: ./v3/paths/workflows/workflow-execution-cancel.yaml
+ /workflow-library:
+ $ref: ./v3/paths/workflows/workflow-library.yaml
+ /workflow-library/actions:
+ $ref: ./v3/paths/workflows/workflow-library-actions.yaml
+ /workflow-library/triggers:
+ $ref: ./v3/paths/workflows/workflow-library-triggers.yaml
+ /workflow-library/operators:
+ $ref: ./v3/paths/workflows/workflow-library-operators.yaml
+ /workflows/{id}/external/oauth-clients:
+ $ref: ./v3/paths/workflows/workflow-external-oauth-client.yaml
+ /workflows/execute/external/{id}:
+ $ref: ./v3/paths/workflows/workflow-external-execute.yaml
+ /workflows/execute/external/{id}/test:
+ $ref: ./v3/paths/workflows/workflow-external-execute-test.yaml
+ /source-usages/{sourceId}/status:
+ $ref: ./v3/paths/source-usage-status.yaml
+ /source-usages/{sourceId}/summaries:
+ $ref: ./v3/paths/source-usages.yaml
+ /account-usages/{accountId}/summaries:
+ $ref: ./v3/paths/account-usages.yaml
+ /identity-profiles/identity-preview:
+ $ref: ./v3/paths/identity-profiles-identity-preview.yaml
+ /work-items/{id}/forward:
+ $ref: ./v3/paths/work-item-forward.yaml
+ /accounts/search-attribute-config:
+ $ref: ./v3/paths/searchAttributeConfig.yaml
+ /accounts/search-attribute-config/{name}:
+ $ref: ./v3/paths/searchAttributeConfig-get-patch-delete.yaml
+
+ # V2024 Public Preview Endpoints (Requires: X-SailPoint-Experimental header)
+ /access-model-metadata/attributes:
+ $ref: ./v2024/paths/access-model-metadata-list.yaml
+ /access-model-metadata/attributes/{key}:
+ $ref: ./v2024/paths/access-model-metadata.yaml
+ /access-model-metadata/attributes/{key}/values:
+ $ref: ./v2024/paths/access-model-metadata-value-list.yaml
+ /access-model-metadata/attributes/{key}/values/{value}:
+ $ref: ./v2024/paths/access-model-metadata-value.yaml
+ /access-profiles/bulk-update-requestable:
+ $ref: ./v2024/paths/access-profile-bulk-update-requestable.yaml
+ /access-requests/close:
+ $ref: ./v2024/paths/access-request-close.yaml
+ /ai-access-request-recommendations:
+ $ref: ./v2024/paths/ai-access-request-recommendations.yaml
+ /ai-access-request-recommendations/ignored-items:
+ $ref: ./v2024/paths/ai-access-request-recommendations-ignored.yaml
+ /ai-access-request-recommendations/requested-items:
+ $ref: ./v2024/paths/ai-access-request-recommendations-requested.yaml
+ /ai-access-request-recommendations/viewed-items:
+ $ref: ./v2024/paths/ai-access-request-recommendations-viewed.yaml
+ /ai-access-request-recommendations/viewed-items/bulk-create:
+ $ref: ./v2024/paths/ai-access-request-recommendations-viewed-bulk-create.yaml
+ /accounts/{id}/remove:
+ $ref: ./v2024/paths/remove-account.yaml
+ /identities-accounts/{id}/enable:
+ $ref: ./v2024/paths/identity-accounts-id-enable.yaml
+ /identities-accounts/{id}/disable:
+ $ref: ./v2024/paths/identity-accounts-id-disable.yaml
+ /identities-accounts/enable:
+ $ref: ./v2024/paths/identities-accounts-enable.yaml
+ /identities-accounts/disable:
+ $ref: ./v2024/paths/identities-accounts-disable.yaml
+ /account-aggregations/{id}/status:
+ $ref: ./v2024/paths/account-aggregation-status.yaml
+ /auth-profiles:
+ $ref: ./v2024/paths/auth-profiles.yaml
+ /auth-profiles/{id}:
+ $ref: ./v2024/paths/auth-profile.yaml
+ /connector-rules:
+ $ref: ./v2024/paths/connector-rules.yaml
+ /connector-rules/{id}:
+ $ref: ./v2024/paths/connector-rule.yaml
+ /connector-rules/validate:
+ $ref: ./v2024/paths/connector-rule-validate.yaml
+ /custom-password-instructions:
+ $ref: ./v2024/paths/custom-password-instructions.yaml
+ /custom-password-instructions/{pageId}:
+ $ref: ./v2024/paths/custom-password-instruction.yaml
+ /entitlements:
+ $ref: ./v2024/paths/entitlements.yaml
+ /entitlements/{id}:
+ $ref: ./v2024/paths/ears-entitlement.yaml
+ /entitlements/{id}/parents:
+ $ref: ./v2024/paths/ears-entitlement-parents.yaml
+ /entitlements/{id}/children:
+ $ref: ./v2024/paths/ears-entitlement-children.yaml
+ /entitlements/bulk-update:
+ $ref: ./v2024/paths/ears-entitlement-bulk-update.yaml
+ /entitlements/{id}/entitlement-request-config:
+ $ref: ./v2024/paths/entitlement-request-config.yaml
+ /entitlements/reset/sources/{id}:
+ $ref: ./v2024/paths/reset-entitlements.yaml
+ /entitlements/{id}/access-model-metadata/{attributeKey}/values/{attributeValue}:
+ $ref: ./v2024/paths/entitlement-access-model-metadata.yaml
+ /entitlements/aggregate/sources/{id}:
+ $ref: ./v2024/paths/load-entitlements-by-sources.yaml
+ /generate-password-reset-token/digit:
+ $ref: ./v2024/paths/password-reset-digit-token.yaml
+ /historical-identities:
+ $ref: ./v2024/paths/historical-identities.yaml
+ /historical-identities/{id}:
+ $ref: ./v2024/paths/historical-identity.yaml
+ /historical-identities/{id}/access-items:
+ $ref: ./v2024/paths/historical-identity-access-items.yaml
+ /historical-identities/{id}/snapshots:
+ $ref: ./v2024/paths/historical-identity-snapshots.yaml
+ /historical-identities/{id}/snapshot-summary:
+ $ref: ./v2024/paths/historical-identity-snapshot-summary.yaml
+ /historical-identities/{id}/snapshots/{date}:
+ $ref: ./v2024/paths/historical-identity-snapshot-date.yaml
+ /historical-identities/{id}/snapshots/{date}/access-items:
+ $ref: ./v2024/paths/historical-identity-snapshot-date-access-items.yaml
+ /common-access:
+ $ref: ./v2024/paths/common-access.yaml
+ /common-access/update-status:
+ $ref: ./v2024/paths/common-access-update-status.yaml
+ /historical-identities/{id}/events:
+ $ref: ./v2024/paths/historical-identity-events.yaml
+ /historical-identities/{id}/start-date:
+ $ref: ./v2024/paths/historical-identity-start-date.yaml
+ /historical-identities/{id}/compare:
+ $ref: ./v2024/paths/historical-identity-compare.yaml
+ /historical-identities/{id}/compare/{access-type}:
+ $ref: ./v2024/paths/historical-identity-compare-type.yaml
+ /identities/{identityId}/synchronize-attributes:
+ $ref: ./v2024/paths/identity-synchronize-attributes.yaml
+ /identities/{identityId}/ownership:
+ $ref: ./v2024/paths/identity-ownership.yaml
+ /identities:
+ $ref: ./v2024/paths/identities.yaml
+ /identities/{id}:
+ $ref: ./v2024/paths/identity.yaml
+ /identities/process:
+ $ref: ./v2024/paths/identities-process.yaml
+ /identities/{id}/reset:
+ $ref: ./v2024/paths/identity-reset.yaml
+ /identities/{identityId}/role-assignments:
+ $ref: ./v2024/paths/identities-role-assignments.yaml
+ /identities/{identityId}/role-assignments/{assignmentId}:
+ $ref: ./v2024/paths/identities-role-assignment.yaml
+ /identity-attributes:
+ $ref: ./v2024/paths/identity-attributes.yaml
+ /identity-attributes/{name}:
+ $ref: ./v2024/paths/identity-attribute.yaml
+ /identity-attributes/bulk-delete:
+ $ref: ./v2024/paths/identity-attributes-bulk-delete.yaml
+ /mail-from-attributes:
+ $ref: ./v2024/paths/mail-from-attributes.yaml
+ /mail-from-attributes/{identity}:
+ $ref: ./v2024/paths/mail-from-attribute.yaml
+ /generic-approvals:
+ $ref: ./v2024/paths/approvals.yaml
+ /generic-approvals/{id}:
+ $ref: ./v2024/paths/approval.yaml
+ /notification-template-defaults:
+ $ref: ./v2024/paths/notification-template-defaults.yaml
+ /notification-templates:
+ $ref: ./v2024/paths/notification-templates.yaml
+ /notification-templates/{id}:
+ $ref: ./v2024/paths/notification-template.yaml
+ /notification-templates/bulk-delete:
+ $ref: ./v2024/paths/notification-templates-bulk-delete.yaml
+ /org-config:
+ $ref: ./v2024/paths/org-config.yaml
+ /org-config/valid-time-zones:
+ $ref: ./v2024/paths/org-config-valid-time-zones.yaml
+ /outlier-summaries:
+ $ref: ./v2024/paths/outlier-summaries.yaml
+ /outlier-summaries/latest:
+ $ref: ./v2024/paths/outlier-summaries-latest.yaml
+ /outliers:
+ $ref: ./v2024/paths/outliers.yaml
+ /outliers/{outlierId}/contributing-features:
+ $ref: ./v2024/paths/outliers-contributing-features.yaml
+ /outliers/{outlierId}/feature-details/{contributingFeatureName}/access-items:
+ $ref: ./v2024/paths/outliers-contributing-feature-access-items.yaml
+ /outliers/ignore:
+ $ref: ./v2024/paths/outliers-ignore.yaml
+ /outliers/unignore:
+ $ref: ./v2024/paths/outliers-unignore.yaml
+ /outliers/export:
+ $ref: ./v2024/paths/outliers-export.yaml
+ /outlier-feature-summaries/{outlierFeatureId}:
+ $ref: ./v2024/paths/outlier-feature-summaries.yaml
+ /peer-group-strategies/{strategy}/identity-outliers:
+ $ref: ./v2024/paths/peer-group-strategies.yaml
+ /notification-template-context:
+ $ref: ./v2024/paths/notification-template-context.yaml
+ /notification-preferences/{key}:
+ $ref: ./v2024/paths/notification-preferences.yaml
+ /reassignment-configurations/types:
+ $ref: ./v2024/paths/reassignment-configuration-types.yaml
+ /reassignment-configurations:
+ $ref: ./v2024/paths/reassignment-configurations.yaml
+ /reassignment-configurations/{identityId}:
+ $ref: ./v2024/paths/reassignment-configuration.yaml
+ /reassignment-configurations/{identityId}/evaluate/{configType}:
+ $ref: ./v2024/paths/reassignment-configuration-evaluate.yaml
+ /reassignment-configurations/tenant-config:
+ $ref: ./v2024/paths/tenant-configuration.yaml
+ /recommendations/request:
+ $ref: ./v2024/paths/recommendations-request.yaml
+ /recommendations/config:
+ $ref: ./v2024/paths/recommendations-config.yaml
+ /role-insights/requests:
+ $ref: ./v2024/paths/role-insights-requests.yaml
+ /role-insights/requests/{id}:
+ $ref: ./v2024/paths/role-insights-request.yaml
+ /role-insights/summary:
+ $ref: ./v2024/paths/role-insights-summary.yaml
+ /role-insights:
+ $ref: ./v2024/paths/role-insights.yaml
+ /role-insights/{insightId}:
+ $ref: ./v2024/paths/role-insight.yaml
+ /role-insights/{insightId}/entitlement-changes:
+ $ref: ./v2024/paths/role-insights-entitlement-changes.yaml
+ /role-insights/{insightId}/entitlement-changes/download:
+ $ref: ./v2024/paths/role-insights-entitlement-changes-download.yaml
+ /role-insights/{insightId}/current-entitlements:
+ $ref: ./v2024/paths/role-insights-current-entitlements.yaml
+ /role-insights/{insightId}/entitlement-changes/{entitlementId}/identities:
+ $ref: ./v2024/paths/role-insights-entitlement-changes-identities.yaml
+ /role-mining-sessions:
+ $ref: ./v2024/paths/role-mining-sessions.yaml
+ /role-mining-sessions/{sessionId}:
+ $ref: ./v2024/paths/role-mining-session.yaml
+ /role-mining-sessions/{sessionId}/status:
+ $ref: ./v2024/paths/role-mining-session-status.yaml
+ /role-mining-sessions/{sessionId}/potential-role-summaries:
+ $ref: ./v2024/paths/role-mining-session-potential-role-summaries.yaml
+ /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}:
+ $ref: ./v2024/paths/role-mining-session-potential-role-summary.yaml
+ /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/applications:
+ $ref: ./v2024/paths/role-mining-session-potential-role-applications.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularities:
+ $ref: ./v2024/paths/role-mining-potential-role-entitlement-popularities.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularity-distribution:
+ $ref: ./v2024/paths/role-mining-potential-role-entitlement-popularity-distribution.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/edit-entitlements:
+ $ref: ./v2024/paths/role-mining-potential-role-edit-entitlements.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/identities:
+ $ref: ./v2024/paths/role-mining-potential-role-identities.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export:
+ $ref: ./v2024/paths/role-mining-session-potential-role-export.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async:
+ $ref: ./v2024/paths/role-mining-session-potential-role-export-async.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}:
+ $ref: ./v2024/paths/role-mining-session-potential-role-export-status.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}/download:
+ $ref: ./v2024/paths/role-mining-session-potential-role-export-download.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/provision:
+ $ref: ./v2024/paths/role-mining-potential-role-provision.yaml
+ /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/excluded-entitlements:
+ $ref: ./v2024/paths/role-mining-potential-role-excluded-entitlements.yaml
+ /role-mining-potential-roles:
+ $ref: ./v2024/paths/role-mining-potential-role-summaries.yaml
+ /role-mining-potential-roles/{potentialRoleId}:
+ $ref: ./v2024/paths/role-mining-potential-role.yaml
+ /role-mining-potential-roles/saved:
+ $ref: ./v2024/paths/role-mining-potential-roles-draft.yaml
+ /role-mining-potential-roles/{potentialRoleId}/sources/{sourceId}/identityUsage:
+ $ref: ./v2024/paths/role-mining-potential-role-source-identity-usage.yaml
+ /roles/{id}/entitlements:
+ $ref: ./v2024/paths/role-entitlements.yaml
+ /send-test-notification:
+ $ref: ./v2024/paths/send-test-notification.yaml
+ /sim-integrations/{id}:
+ $ref: ./v2024/paths/sim-integrations.yaml
+ /sim-integrations/{id}/beforeProvisioningRule:
+ $ref: ./v2024/paths/sim-integrations-before-provisioning-rule.yaml
+ /sim-integrations:
+ $ref: ./v2024/paths/sim-integrations-value-list.yaml
+ /sp-config/export:
+ $ref: ./v2024/paths/sp-config-export.yaml
+ /sp-config/export/{id}:
+ $ref: ./v2024/paths/sp-config-export-status.yaml
+ /sp-config/export/{id}/download:
+ $ref: ./v2024/paths/sp-config-export-download.yaml
+ /sp-config/import:
+ $ref: ./v2024/paths/sp-config-import.yaml
+ /sp-config/import/{id}:
+ $ref: ./v2024/paths/sp-config-import-status.yaml
+ /sp-config/import/{id}/download:
+ $ref: ./v2024/paths/sp-config-import-download.yaml
+ /sp-config/config-objects:
+ $ref: ./v2024/paths/sp-config-objects.yaml
+ /sources/{id}/attribute-sync-config:
+ $ref: ./v2024/paths/attr-sync-config-source.yaml
+ /sources/{sourceId}/connector/check-connection:
+ $ref: ./v2024/paths/source-connector-check-connection.yaml
+ /sources/{sourceId}/connector/peek-resource-objects:
+ $ref: ./v2024/paths/source-connector-peek-resource-objects.yaml
+ /sources/{sourceId}/connector/ping-cluster:
+ $ref: ./v2024/paths/source-connector-ping-cluster.yaml
+ /sources/{sourceId}/connector/test-configuration:
+ $ref: ./v2024/paths/source-connector-test-configuration.yaml
+ /sources/{id}/connectors/source-config:
+ $ref: ./v2024/paths/source-connectors-source-config.yaml
+ /sources/{sourceId}/native-change-detection-config:
+ $ref: ./v2024/paths/native-change-detection-config.yaml
+ /sources/{id}/remove-accounts:
+ $ref: ./v2024/paths/remove-accounts.yaml
+ /sources/{id}/synchronize-attributes:
+ $ref: ./v2024/paths/source-synchronize-attributes.yaml
+ /sources/{id}/entitlement-request-config:
+ $ref: ./v2024/paths/sources-entitlement-request-config.yaml
+ /sources/{id}/load-accounts:
+ $ref: ./v2024/paths/load-accounts.yaml
+ /sources/{id}/load-uncorrelated-accounts:
+ $ref: ./v2024/paths/load-uncorrelated-accounts.yaml
+ /task-status/{id}:
+ $ref: ./v2024/paths/task-status.yaml
+ /task-status:
+ $ref: ./v2024/paths/task-status-list.yaml
+ /task-status/pending-tasks:
+ $ref: ./v2024/paths/task-status-pending.yaml
+ /tenant:
+ $ref: ./v2024/paths/tenant.yaml
+ /triggers:
+ $ref: ./v2024/paths/triggers.yaml
+ /trigger-subscriptions:
+ $ref: ./v2024/paths/trigger-subscriptions.yaml
+ /trigger-subscriptions/{id}:
+ $ref: ./v2024/paths/trigger-subscription.yaml
+ /trigger-subscriptions/validate-filter:
+ $ref: ./v2024/paths/trigger-subscriptions-validate-filter.yaml
+ /trigger-invocations/status:
+ $ref: ./v2024/paths/trigger-invocations-status.yaml
+ /trigger-invocations/{id}/complete:
+ $ref: ./v2024/paths/trigger-invocations-complete.yaml
+ /trigger-invocations/test:
+ $ref: ./v2024/paths/trigger-invocations-test.yaml
+ /ui-metadata/tenant:
+ $ref: ./v2024/paths/ui-metadata/tenant-ui-metadata.yaml
+ /verified-from-addresses:
+ $ref: ./v2024/paths/verified-from-addresses.yaml
+ /verified-from-addresses/{id}:
+ $ref: ./v2024/paths/verified-from-address.yaml
+ /verified-domains:
+ $ref: ./v2024/paths/verified-domains.yaml
+ /workgroups:
+ $ref: ./v2024/paths/workgroups/workgroups.yaml
+ /workgroups/{id}:
+ $ref: ./v2024/paths/workgroups/workgroup.yaml
+ /workgroups/bulk-delete:
+ $ref: ./v2024/paths/workgroups/workgroups-bulk-delete.yaml
+ /workgroups/{workgroupId}/connections:
+ $ref: ./v2024/paths/workgroups/connections.yaml
+ /workgroups/{workgroupId}/members:
+ $ref: ./v2024/paths/workgroups/workgroup-members.yaml
+ /workgroups/{workgroupId}/members/bulk-add:
+ $ref: ./v2024/paths/workgroups/bulk-add-workgroup-members.yaml
+ /workgroups/{workgroupId}/members/bulk-delete:
+ $ref: ./v2024/paths/workgroups/bulk-delete-workgroup-members.yaml
+ /form-definitions:
+ $ref: ./v2024/paths/form-definitions.yaml
+ /form-definitions/{formDefinitionID}:
+ $ref: ./v2024/paths/form-definition.yaml
+ /form-definitions/{formDefinitionID}/data-source:
+ $ref: ./v2024/paths/form-definition-data-source.yaml
+ /form-definitions/export:
+ $ref: ./v2024/paths/form-definitions-export.yaml
+ /form-definitions/forms-action-dynamic-schema:
+ $ref: ./v2024/paths/form-definition-forms-action-dynamic-schema.yaml
+ /form-definitions/import:
+ $ref: ./v2024/paths/form-definitions-import.yaml
+ /form-definitions/{formDefinitionID}/upload:
+ $ref: ./v2024/paths/form-definition-files.yaml
+ /form-definitions/{formDefinitionID}/file/{fileID}:
+ $ref: ./v2024/paths/form-definition-file.yaml
+ /form-instances:
+ $ref: ./v2024/paths/form-instances.yaml
+ /form-instances/{formInstanceID}:
+ $ref: ./v2024/paths/form-instance.yaml
+ /form-instances/{formInstanceID}/data-source/{formElementID}:
+ $ref: ./v2024/paths/form-instance-data-source.yaml
+ /form-instances/{formInstanceID}/file/{fileID}:
+ $ref: ./v2024/paths/form-instance-file.yaml
+ /form-definitions/predefined-select-options:
+ $ref: ./v2024/paths/form-definitions-predefined-select-options.yaml
+ /access-request-identity-metrics/{identityId}/requested-objects/{requestedObjectId}/type/{type}:
+ $ref: ./v2024/paths/access-request-identity-metrics.yaml
+ /icons/{objectType}/{objectId}:
+ $ref: ./v2024/paths/icon.yaml
+ /suggested-entitlement-description-batches/{batchId}/stats:
+ $ref: ./v2024/paths/suggested-entitlement-description-batches-stats.yaml
+ /suggested-entitlement-description-batches:
+ $ref: ./v2024/paths/suggested-entitlement-description-batches.yaml
+ /suggested-entitlement-description-approvals:
+ $ref: ./v2024/paths/suggested-entitlement-description-approvals.yaml
+ /suggested-entitlement-description-assignments:
+ $ref: ./v2024/paths/suggested-entitlement-description-assignments.yaml
+ /suggested-entitlement-descriptions:
+ $ref: ./v2024/paths/suggested-entitlement-descriptions.yaml
+ /discovered-applications:
+ $ref: "./v3/paths/discovered-applications.yaml"
+ /manual-discover-applications-template:
+ $ref: "./v3/paths/manual-discover-applications-template.yaml"
+ /manual-discover-applications:
+ $ref: "./v3/paths/manual-discover-applications.yaml"
+ /vendor-connector-mappings:
+ $ref: "./v3/paths/vendor-connector-mappings.yaml"
+security:
+- UserContextAuth: []
+components:
+ securitySchemes:
+ UserContextAuth:
+ type: oauth2
+ description: "OAuth2 Bearer token (JWT) generated using either a Personal Access\
+ \ token or through the Authorization Code flow. \nSee [Identity Security Cloud\
+ \ REST API Authentication](https://developer.sailpoint.com/docs/api/authentication/)\
+ \ for more information.\n- Directions for generating a [personal access token](https://developer.sailpoint.com/docs/api/authentication/#personal-access-tokens)\n\
+ - Directions using [client credentials flow](https://developer.sailpoint.com/docs/api/authentication/#client-credentials-grant-flow)\n\
+ - Directions for using [authorization code flow](https://developer.sailpoint.com/docs/api/authentication/#authorization-code-grant-flow)\n\
+ \nWhich authentication method should I choose? See the [guide](https://developer.sailpoint.com/docs/api/authentication/#which-oauth-20-grant-flow-should-i-use).\n\
+ \nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in\
+ \ the docs](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details).\n"
+ flows:
+ clientCredentials:
+ tokenUrl: https://tenant.api.identitynow.com/oauth/token
+ scopes:
+ sp:scopes:default: default scope
+ sp:scopes:all: access to all scopes
+ authorizationCode:
+ authorizationUrl: https://tenant.login.sailpoint.com/oauth/authorize
+ tokenUrl: https://tenant.api.identitynow.com/oauth/token
+ scopes:
+ sp:scopes:default: default scope
+ sp:scopes:all: access to all scopes
+ ApplicationOnlyAuth:
+ type: oauth2
+ description: "OAuth2 Bearer token (JWT) generated using client credentials flow.\
+ \ \nSee [Identity Security Cloud REST API Authentication](https://developer.sailpoint.com/docs/api/authentication/)\
+ \ for more information.\n- Directions using [client credentials flow](https://developer.sailpoint.com/docs/api/authentication/#client-credentials-grant-flow)\n\
+ \nWhich authentication method should I choose? See the [guide](https://developer.sailpoint.com/docs/api/authentication/#which-oauth-20-grant-flow-should-i-use).\n\
+ \nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in\
+ \ the docs](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details).\n"
+ flows:
+ clientCredentials:
+ tokenUrl: https://tenant.api.identitynow.com/oauth/token
+ scopes:
+ sp:scopes:default: default scope
+ schemas:
+ AccessRequest:
+ $ref: ./v3/schemas/AccessRequest.yaml
+ AccessRequestItem:
+ $ref: ./v3/schemas/AccessRequestItem.yaml
+ AccessProfileDocument:
+ $ref: ./v3/schemas/search/model/access/profile/AccessProfileDocument.yaml
+ AccessProfileSummary:
+ $ref: ./v3/schemas/search/model/access/AccessProfileSummary.yaml
+ AccessReviewReassignment:
+ $ref: ./v3/schemas/ReviewReassign.yaml
+ Account:
+ $ref: ./v3/schemas/Account.yaml
+ AccountActivity:
+ $ref: ./v3/schemas/AccountActivity.yaml
+ AccountActivitySearchedItem:
+ $ref: ./v3/schemas/search/model/account/activity/AccountActivityDocument.yaml
+ AccountAttributes:
+ $ref: ./v3/schemas/AccountAttributes.yaml
+ AccountsAsyncResult:
+ $ref: ./v3/schemas/AccountsAsyncResult.yaml
+ AccountToggleRequest:
+ $ref: ./v3/schemas/AccountToggleRequest.yaml
+ AccountUnlockRequest:
+ $ref: ./v3/schemas/AccountUnlockRequest.yaml
+ ApprovalItems:
+ $ref: ./v3/schemas/ApprovalItemDetails.yaml
+ Campaign:
+ $ref: ./v3/schemas/CampaignReference.yaml
+ Certification:
+ $ref: ./v3/schemas/IdentityCertificationDto.yaml
+ CertificationReference:
+ $ref: ./v3/schemas/CertificationReference.yaml
+ EntitlementDocument:
+ $ref: ./v3/schemas/search/model/entitlement/EntitlementDocument.yaml
+ EntitlementSummary:
+ $ref: ./v3/schemas/search/model/access/AccessProfileEntitlement.yaml
+ Event:
+ $ref: ./v3/schemas/search/model/event/EventDocument.yaml
+ IdentityDocument:
+ $ref: ./v3/schemas/search/model/identity/IdentityDocument.yaml
+ IdentityProfile:
+ $ref: ./v3/schemas/IdentityProfile.yaml
+ IdentityReferenceWithNameAndEmail:
+ $ref: ./v3/schemas/IdentityReferenceWithNameAndEmail.yaml
+ ProvisioningConfig:
+ $ref: ./v3/schemas/ProvisioningConfig.yaml
+ ProvisioningPolicy:
+ $ref: ./v3/schemas/ProvisioningPolicyDto.yaml
+ QueuedCheckConfigDetails:
+ $ref: ./v3/schemas/QueuedCheckConfigDetails.yaml
+ Reassignment:
+ $ref: ./v3/schemas/Reassignment.yaml
+ ReassignmentReference:
+ $ref: ./v3/schemas/ReassignReference.yaml
+ RemediationItems:
+ $ref: ./v3/schemas/RemediationItemDetails.yaml
+ RequestableObject:
+ $ref: ./v3/schemas/RequestableObject.yaml
+ RequestableObjectType:
+ $ref: ./v3/schemas/RequestableObjectType.yaml
+ RequestableObjectRequestStatus:
+ $ref: ./v3/schemas/RequestableObjectRequestStatus.yaml
+ Reviewer:
+ $ref: ./v3/schemas/Reviewer.yaml
+ RoleDocument:
+ $ref: ./v3/schemas/search/model/role/RoleDocument.yaml
+ RoleSummary:
+ $ref: ./v3/schemas/search/model/access/AccessProfileRole.yaml
+ SearchDocument:
+ $ref: ./v3/schemas/search/documents/SearchDocument.yaml
+ SavedSearch:
+ $ref: ./v3/schemas/search/saved/SavedSearch.yaml
+ Schedule:
+ $ref: ./v3/schemas/schedule/Schedule.yaml
+ ScheduledSearch:
+ $ref: ./v3/schemas/search/scheduled/ScheduledSearch.yaml
+ ServiceDeskIntegrationDto:
+ $ref: ./v3/schemas/ServiceDeskIntegrationDto.yaml
+ ServiceDeskIntegrationTemplateDto:
+ $ref: ./v3/schemas/ServiceDeskIntegrationTemplateDto.yaml
+ ServiceDeskIntegrationTemplateType:
+ $ref: ./v3/schemas/ServiceDeskIntegrationTemplateType.yaml
+ Source:
+ $ref: ./v3/schemas/Source.yaml
+ SourceHealthDto:
+ $ref: ./v3/schemas/SourceHealthDto.yaml
+ Transform:
+ $ref: ./v3/schemas/Transform.yaml
+ WorkItems:
+ $ref: ./v3/schemas/WorkItems.yaml
+ WorkItemsCount:
+ $ref: ./v3/schemas/WorkItemsCount.yaml
+ WorkItemsSummary:
+ $ref: ./v3/schemas/WorkItemsSummary.yaml
+ AccountUsage:
+ $ref: ./v3/schemas/AccountUsage.yaml
+ SourceUsage:
+ $ref: ./v3/schemas/SourceUsage.yaml
+ SourceUsageStatus:
+ $ref: ./v3/schemas/SourceUsageStatus.yaml
+ BrandingItem:
+ $ref: ./v3/schemas/BrandingItem.yaml
+ BrandingItemCreate:
+ $ref: ./v3/schemas/BrandingItemCreate.yaml
diff --git a/static/api-specs/idn/v2024/paths/access-model-metadata-list.yaml b/static/api-specs/idn/v2024/paths/access-model-metadata-list.yaml
new file mode 100644
index 000000000..677c780c6
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-model-metadata-list.yaml
@@ -0,0 +1,62 @@
+get:
+ summary: List Access Model Metadata Attributes
+ description: Get a list of Access Model Metadata Attributes
+ tags:
+ - Access Model Metadata
+ operationId: listAccessModelMetadataAttribute
+ security:
+ - UserContextAuth:
+ - idn:access-model-metadata:read
+ parameters:
+ - in: query
+ name: filters
+ schema:
+ type: string
+ example: name eq "Privacy"
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *eq*
+
+
+ **type**: *eq*
+
+
+ **status**: *eq*
+
+
+ **objectTypes**: *eq*
+
+
+ Supported composite operators: *and*'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/gov-attributes/AttributeDTO.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/access-model-metadata-value-list.yaml b/static/api-specs/idn/v2024/paths/access-model-metadata-value-list.yaml
new file mode 100644
index 000000000..e6489d73f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-model-metadata-value-list.yaml
@@ -0,0 +1,44 @@
+get:
+ summary: List Access Model Metadata Values
+ description: Get a list of Access Model Metadata Attribute Values
+ tags:
+ - Access Model Metadata
+ operationId: listAccessModelMetadataAttributeValue
+ security:
+ - UserContextAuth:
+ - idn:access-model-metadata:read
+ parameters:
+ - name: key
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute.
+ example: iscPrivacy
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/gov-attributes/AttributeValueDTO.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/access-model-metadata-value.yaml b/static/api-specs/idn/v2024/paths/access-model-metadata-value.yaml
new file mode 100644
index 000000000..39b3571f3
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-model-metadata-value.yaml
@@ -0,0 +1,49 @@
+get:
+ summary: Get Access Model Metadata Value
+ description: Get single Access Model Metadata Attribute Value
+ tags:
+ - Access Model Metadata
+ operationId: getAccessModelMetadataAttributeValue
+ security:
+ - UserContextAuth:
+ - idn:access-model-metadata:read
+ parameters:
+ - name: key
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute.
+ example: iscPrivacy
+ - name: value
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute value.
+ example: public
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/gov-attributes/AttributeValueDTO.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/access-model-metadata.yaml b/static/api-specs/idn/v2024/paths/access-model-metadata.yaml
new file mode 100644
index 000000000..9708c7b45
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-model-metadata.yaml
@@ -0,0 +1,42 @@
+get:
+ summary: Get Access Model Metadata Attribute
+ description: Get single Access Model Metadata Attribute
+ tags:
+ - Access Model Metadata
+ operationId: getAccessModelMetadataAttribute
+ security:
+ - UserContextAuth:
+ - idn:access-model-metadata:read
+ parameters:
+ - name: key
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute.
+ example: iscPrivacy
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/gov-attributes/AttributeDTO.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/access-profile-bulk-update-requestable.yaml b/static/api-specs/idn/v2024/paths/access-profile-bulk-update-requestable.yaml
new file mode 100644
index 000000000..dc9176827
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-profile-bulk-update-requestable.yaml
@@ -0,0 +1,61 @@
+post:
+ operationId: updateAccessProfilesInBulk
+ summary: Update Access Profile(s) requestable field.
+ tags:
+ - Access Profiles
+ description: "This API initiates a bulk update of field requestable for one or more\
+ \ Access Profiles.\n\n> If any of the indicated Access Profiles is exists in\
+ \ Organization,then those Access Profiles will be added in **updated**\n list\
+ \ of the response.Requestable field of these Access Profiles marked as **true**\
+ \ or **false**.\n\n> If any of the indicated Access Profiles is not does not\
+ \ exists in Organization,then those Access Profiles will be added in **notFound**\
+ \ list of the response. Access Profiles marked as **notFound** will not be updated.\n\
+ > A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is\
+ \ required to call this API. In addition, a SOURCE_SUBADMIN may only use this\
+ \ API to update Access Profiles which are associated with Sources they are able\
+ \ to administer."
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/access/AccessProfileBulkUpdateRequest.yaml
+ example:
+ - id: 464ae7bf-791e-49fd-b746-06a2e4a89635
+ requestable: false
+ responses:
+ '207':
+ description: List of updated and not updated Access Profiles.
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/access/AccessProfileBulkUpdateResponse.yaml
+ example:
+ - id: 464ae7bf-791e-49fd-b746-06a2e4a89635
+ status: '201'
+ requestable: false
+ description: Access Profile updated successfully.
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '412':
+ $ref: ../../v3/responses/412.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:access-profile:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/access-request-close.yaml b/static/api-specs/idn/v2024/paths/access-request-close.yaml
new file mode 100644
index 000000000..d0241229f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-request-close.yaml
@@ -0,0 +1,69 @@
+post:
+ operationId: closeAccessRequest
+ tags:
+ - Access Requests
+ summary: Close Access Request
+ description: 'This endpoint closes access requests that are stuck in a pending state.
+ It can be used throughout a request''s lifecycle even after the approval state,
+ unlike the [Cancel Access Request endpoint](https://developer.sailpoint.com/idn/api/v3/cancel-access-request/).
+ A token with ORG_ADMIN authority is required.
+
+
+ To find pending access requests with the UI, navigate to Search and use this query:
+ status: Pending AND "Access Request". Use the Column Chooser to select ''Tracking
+ Number'', and use the ''Download'' button to export a CSV containing the tracking
+ numbers.
+
+
+ To find pending access requests with the API, use the [List Account Activities
+ endpoint](https://developer.sailpoint.com/idn/api/v3/list-account-activities/).
+
+
+ Input the IDs from either source.
+
+
+ To track the status of endpoint requests, navigate to Search and use this query:
+ name:"Close Identity Requests". Search will include "Close Identity Requests Started"
+ audits when requests are initiated and "Close Identity Requests Completed" audits
+ when requests are completed. The completion audit will list the identity request
+ IDs that finished in error.
+
+
+ This API triggers the [Provisioning Completed event trigger](https://developer.sailpoint.com/idn/docs/event-triggers/triggers/provisioning-completed/)
+ for each access request that is closed.
+
+ '
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/CloseAccessRequest.yaml
+ example:
+ accessRequestIds:
+ - 2c90ad2a70ace7d50170acf22ca90010
+ executionStatus: Terminated
+ completionStatus: Failure
+ message: The IdentityNow Administrator manually closed this request.
+ responses:
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/access-request-identity-metrics.yaml b/static/api-specs/idn/v2024/paths/access-request-identity-metrics.yaml
new file mode 100644
index 000000000..95b11d646
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/access-request-identity-metrics.yaml
@@ -0,0 +1,61 @@
+get:
+ tags:
+ - Access Request Identity Metrics
+ summary: Return access request identity metrics
+ description: Use this API to return information access metrics.
+ operationId: getAccessRequestIdentityMetrics
+ parameters:
+ - name: identityId
+ in: path
+ description: Manager's identity ID.
+ required: true
+ schema:
+ type: string
+ example: 7025c863-c270-4ba6-beea-edf3cb091573
+ - name: requestedObjectId
+ in: path
+ description: Requested access item's ID.
+ required: true
+ schema:
+ type: string
+ example: 2db501be-f0fb-4cc5-a695-334133c52891
+ - name: type
+ in: path
+ description: Requested access item's type.
+ required: true
+ schema:
+ type: string
+ items:
+ $ref: ../../beta/schemas/AccessItemRef.yaml
+ example: ENTITLEMENT
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ security:
+ - UserContextAuth:
+ - idn:access-request-approvals:read
+ responses:
+ '200':
+ description: Summary of the resource access and source activity for the direct
+ reports of the provided manager.
+ content:
+ application/json:
+ schema:
+ type: object
+ items:
+ $ref: ../../beta/schemas/AccessRequestIdentityMetrics.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/account-aggregation-status.yaml b/static/api-specs/idn/v2024/paths/account-aggregation-status.yaml
new file mode 100644
index 000000000..7db78a118
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/account-aggregation-status.yaml
@@ -0,0 +1,60 @@
+get:
+ operationId: getAccountAggregationStatus
+ tags:
+ - Account Aggregations
+ summary: In-progress Account Aggregation status
+ description: 'This API returns the status of an *in-progress* account aggregation,
+ along with the total number of **NEW**, **CHANGED** and **DELETED** accounts found
+ since the previous aggregation, and the number of those accounts that have been
+ processed so far.
+
+
+ Accounts that have not changed since the previous aggregation are not included
+ in **totalAccounts** and **processedAccounts** counts returned by this API. This
+ is distinct from **Accounts Scanned** shown in the Aggregation UI, which indicates
+ total accounts scanned regardless of whether they changed or not.
+
+
+ Since this endpoint reports on the status of an *in-progress* account aggregation,
+ totalAccounts and processedAccounts may change between calls to this endpoint.
+
+
+ *Only available up to an hour after the aggregation completes. May respond with
+ *404 Not Found* after that.*
+
+
+ A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN or DASHBOARD authority is
+ required to call this API.'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The account aggregation id
+ example: 2c91808477a6b0c60177a81146b8110b
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: An account aggregation status object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccountAggregationStatus.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-ignored.yaml b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-ignored.yaml
new file mode 100644
index 000000000..aca183f57
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-ignored.yaml
@@ -0,0 +1,109 @@
+post:
+ operationId: addAccessRequestRecommendationsIgnoredItem
+ tags:
+ - IAI Access Request Recommendations
+ summary: Notification of Ignored Access Request Recommendations
+ description: This API ignores a recommended access request item. Once an item is
+ ignored, it will be marked as ignored=true if it is still a recommended item.
+ The consumer can decide to hide ignored recommendations.
+ requestBody:
+ description: The recommended access item to ignore for an identity.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemDto.yaml
+ responses:
+ '201':
+ description: Recommendation successfully stored as ignored.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+get:
+ operationId: getAccessRequestRecommendationsIgnoredItems
+ tags:
+ - IAI Access Request Recommendations
+ summary: List of Ignored Access Request Recommendations
+ description: This API returns the list of ignored access request recommendations.
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **access.id**: *eq, in*
+
+
+ **access.type**: *eq, in*
+
+
+ **identityId**: *eq, in*'
+ example: identityId eq "2c9180846b0a0583016b299f210c1314"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **access.id, access.type, identityId,
+ timestamp**'
+ example: access.id
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns list of ignored access request recommendations.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-requested.yaml b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-requested.yaml
new file mode 100644
index 000000000..a1a7ff826
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-requested.yaml
@@ -0,0 +1,108 @@
+post:
+ operationId: addAccessRequestRecommendationsRequestedItem
+ tags:
+ - IAI Access Request Recommendations
+ summary: Notification of Requested Access Request Recommendations
+ description: This API consumes a notification that a recommended access request
+ item was requested. This API does not actually make the request, it is just a
+ notification. This will help provide feedback in order to improve our recommendations.
+ requestBody:
+ description: The recommended access item that was requested for an identity.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemDto.yaml
+ responses:
+ '201':
+ description: Notification successfully acknowledged.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+get:
+ operationId: getAccessRequestRecommendationsRequestedItems
+ tags:
+ - IAI Access Request Recommendations
+ summary: List of Requested Access Request Recommendations
+ description: This API returns a list of requested access request recommendations.
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **access.id**: *eq, in*
+
+
+ **access.type**: *eq, in*
+
+
+ **identityId**: *eq, in*'
+ example: access.id eq "2c9180846b0a0583016b299f210c1314"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **access.id, access.type, identityId,
+ timestamp**'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns the list of requested access request recommendations.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-viewed-bulk-create.yaml b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-viewed-bulk-create.yaml
new file mode 100644
index 000000000..6ec3f9c4c
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-viewed-bulk-create.yaml
@@ -0,0 +1,46 @@
+post:
+ operationId: addAccessRequestRecommendationsViewedItems
+ tags:
+ - IAI Access Request Recommendations
+ summary: Notification of Viewed Access Request Recommendations in Bulk
+ description: This API consumes a notification that a set of recommended access request
+ item were viewed. Future recommendations with these items will be marked with
+ viewed=true. This can be useful for the consumer to determine if there are any
+ new/unviewed recommendations.
+ requestBody:
+ description: The recommended access items that were viewed for an identity.
+ required: true
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemDto.yaml
+ responses:
+ '201':
+ description: Recommendations successfully stored as viewed.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-viewed.yaml b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-viewed.yaml
new file mode 100644
index 000000000..f2b72d1e4
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations-viewed.yaml
@@ -0,0 +1,109 @@
+post:
+ operationId: addAccessRequestRecommendationsViewedItem
+ tags:
+ - IAI Access Request Recommendations
+ summary: Notification of Viewed Access Request Recommendations
+ description: This API consumes a notification that a recommended access request
+ item was viewed. Future recommendations with this item will be marked with viewed=true.
+ This can be useful for the consumer to determine if there are any new/unviewed
+ recommendations.
+ requestBody:
+ description: The recommended access that was viewed for an identity.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemDto.yaml
+ responses:
+ '201':
+ description: Recommendation successfully stored as viewed.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+get:
+ operationId: getAccessRequestRecommendationsViewedItems
+ tags:
+ - IAI Access Request Recommendations
+ summary: List of Viewed Access Request Recommendations
+ description: This API returns the list of viewed access request recommendations.
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **access.id**: *eq, in*
+
+
+ **access.type**: *eq, in*
+
+
+ **identityId**: *eq, in*'
+ example: access.id eq "2c9180846b0a0583016b299f210c1314"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **access.id, access.type, identityId,
+ timestamp**'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns list of viewed access request recommendations.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessRequestRecommendationActionItemResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/ai-access-request-recommendations.yaml b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations.yaml
new file mode 100644
index 000000000..0ed5ae8b8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ai-access-request-recommendations.yaml
@@ -0,0 +1,96 @@
+get:
+ operationId: getAccessRequestRecommendations
+ tags:
+ - IAI Access Request Recommendations
+ summary: Identity Access Request Recommendations
+ description: This API returns the access request recommendations for the specified
+ identity. The default identity is *me* which indicates the current user.
+ parameters:
+ - in: query
+ name: identity-id
+ description: Get access request recommendations for an identityId. *me* indicates
+ the current user.
+ schema:
+ type: string
+ default: me
+ required: false
+ example: 2c91808570313110017040b06f344ec9
+ - in: query
+ name: limit
+ description: Max number of results to return.
+ required: false
+ schema:
+ type: integer
+ minimum: 0
+ maximum: 15
+ default: 15
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: include-translation-messages
+ description: If *true* it will populate a list of translation messages in the
+ response.
+ schema:
+ type: boolean
+ default: false
+ required: false
+ example: false
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **access.name**: *co*
+
+
+ **access.type**: *eq, in*
+
+
+ **access.description**: *co, eq, in*'
+ example: access.name co "admin"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **access.name, access.type**
+
+
+ By default the recommendations are sorted by highest confidence first.'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of access request recommendations for the identityId
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessRequestRecommendationItemDetail.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/approval.yaml b/static/api-specs/idn/v2024/paths/approval.yaml
new file mode 100644
index 000000000..8d6aac396
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/approval.yaml
@@ -0,0 +1,85 @@
+get:
+ security:
+ - UserContextAuth:
+ - sp:approvals:read
+ operationId: getApproval
+ tags:
+ - Approvals
+ summary: Get an approval
+ description: Retrieve a single approval for a given approval ID. This endpoint is
+ for generic approvals, different than the access-request-approval endpoint and
+ does not include access-request-approvals.
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: ID of the approval that is to be returned
+ example: 38453251-6be2-5f8f-df93-5ce19e295837
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Approval object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Approval.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+patch:
+ security:
+ - UserContextAuth:
+ - sp:approvals:write
+ operationId: patchApproval
+ tags:
+ - Approvals
+ summary: Change an approval
+ description: Change the values of a given approval
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ApprovalDto.yaml
+ responses:
+ '200':
+ description: Approval object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Approval.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/approvals.yaml b/static/api-specs/idn/v2024/paths/approvals.yaml
new file mode 100644
index 000000000..26077881c
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/approvals.yaml
@@ -0,0 +1,70 @@
+get:
+ security:
+ - UserContextAuth:
+ - sp:approvals:read
+ operationId: getApprovals
+ tags:
+ - Approvals
+ summary: Get Approvals
+ description: "Retrieve a list of approvals, which can be filtered by requester ID,\
+ \ status, or reference type. \"Mine\" query parameter can be used and it will\
+ \ return all approvals for the current approver. This endpoint is for generic\
+ \ approvals, different than the access-request-approval endpoint and does not\
+ \ include access-request-approvals. \nAbsence of all query parameters will will\
+ \ default to mine=true."
+ parameters:
+ - in: query
+ name: mine
+ schema:
+ type: boolean
+ description: Returns the list of approvals for the current caller
+ example: 'true'
+ - in: query
+ name: requesterId
+ schema:
+ type: string
+ description: Returns the list of approvals for a given requester ID
+ example: 17e633e7d57e481569df76323169deb6a
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **status**: *eq*
+
+
+ **referenceType**: *eq*'
+ example: filters=status eq PENDING
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of Approvals
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Approval.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/attr-sync-config-source.yaml b/static/api-specs/idn/v2024/paths/attr-sync-config-source.yaml
new file mode 100644
index 000000000..167680095
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/attr-sync-config-source.yaml
@@ -0,0 +1,104 @@
+get:
+ operationId: getSourceAttrSyncConfig
+ tags:
+ - Sources
+ summary: Attribute Sync Config
+ description: 'This API returns the existing attribute synchronization configuration
+ for a source specified by the given ID. The response contains all attributes,
+ regardless of whether they enabled or not.
+
+ A token with ORG_ADMIN or HELPDESK authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:attr-sync-source-config:read
+ - idn:attr-sync-source-config:manage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: The source id
+ example: 2c9180835d191a86015d28455b4a2329
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Attribute synchronization configuration for a source
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AttrSyncSourceConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+put:
+ operationId: putSourceAttrSyncConfig
+ tags:
+ - Sources
+ summary: Update Attribute Sync Config
+ description: "Replaces the attribute synchronization configuration for the source\
+ \ specified by the given ID with the configuration provided in the request body.\
+ \ Only the \"enabled\" field of the values in the \"attributes\" array is mutable.\
+ \ Attempting to change other attributes or add new values to the \"attributes\"\
+ \ array will result in an error.\n \nA token with ORG_ADMIN authority is required\
+ \ to call this API."
+ security:
+ - UserContextAuth:
+ - idn:attr-sync-source-config:manage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: The source id
+ example: 2c9180835d191a86015d28455b4a2329
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AttrSyncSourceConfig.yaml
+ responses:
+ '200':
+ description: Updated attribute synchronization configuration for a source
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AttrSyncSourceConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/auth-profile.yaml b/static/api-specs/idn/v2024/paths/auth-profile.yaml
new file mode 100644
index 000000000..11eacb03a
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/auth-profile.yaml
@@ -0,0 +1,91 @@
+get:
+ operationId: getProfileConfig
+ tags:
+ - Auth Profile
+ summary: Get Auth Profile.
+ description: This API returns auth profile information.
+ security:
+ - UserContextAuth:
+ - sp:auth-profile:read
+ responses:
+ '200':
+ description: Auth Profile
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AuthProfile.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+patch:
+ operationId: patchProfileConfig
+ tags:
+ - Auth Profile
+ summary: Patch a specified Auth Profile
+ description: 'This API updates an existing Auth Profile. The following fields are
+ patchable:
+
+ **offNetwork**, **untrustedGeography**, **applicationId**, **applicationName**,
+ **type**'
+ parameters:
+ - name: id
+ in: path
+ description: ID of the Auth Profile to patch.
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ required: true
+ responses:
+ '200':
+ description: Responds with the Auth Profile as updated.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AuthProfile.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:auth-profile:update
diff --git a/static/api-specs/idn/v2024/paths/auth-profiles.yaml b/static/api-specs/idn/v2024/paths/auth-profiles.yaml
new file mode 100644
index 000000000..1b0505f79
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/auth-profiles.yaml
@@ -0,0 +1,35 @@
+get:
+ operationId: getProfileConfigList
+ tags:
+ - Auth Profile
+ summary: Get list of Auth Profiles.
+ description: This API returns a list of auth profiles.
+ security:
+ - UserContextAuth:
+ - sp:auth-profile:read
+ responses:
+ '200':
+ description: List of Auth Profiles
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/AuthProfileSummary.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/common-access-update-status.yaml b/static/api-specs/idn/v2024/paths/common-access-update-status.yaml
new file mode 100644
index 000000000..6ef3228b3
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/common-access-update-status.yaml
@@ -0,0 +1,39 @@
+post:
+ operationId: updateCommonAccessStatusInBulk
+ summary: Bulk update common access status
+ tags:
+ - IAI Common Access
+ description: This submits an update request to the common access application. At
+ this time there are no parameters. Requires authorization scope of iai:access-modeling:update
+ requestBody:
+ description: Confirm or deny in bulk the common access ids that are (or aren't)
+ common access
+ required: true
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/CommonAccessIDStatus.yaml
+ responses:
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/common-access.yaml b/static/api-specs/idn/v2024/paths/common-access.yaml
new file mode 100644
index 000000000..701793d34
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/common-access.yaml
@@ -0,0 +1,120 @@
+get:
+ operationId: getCommonAccess
+ summary: Get a paginated list of common access
+ tags:
+ - IAI Common Access
+ description: This endpoint returns the current common access for a customer. The
+ returned items can be filtered and sorted. Requires authorization scope of iai:access-modeling:read
+ parameters:
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **status**: *eq, sw*
+
+
+ **reviewedByUser** *eq*
+
+
+ **access.id**: *eq, sw*
+
+
+ **access.type**: *eq*
+
+
+ **access.name**: *sw, eq*
+
+
+ **access.description**: *sw, eq*'
+ example: access.type eq "ROLE"
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **access.name, status**
+
+
+ By default the common access items are sorted by name, ascending.'
+ example: access.name
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of common access for a customer.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/CommonAccessResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+post:
+ operationId: createCommonAccess
+ summary: Create common access items
+ tags:
+ - IAI Common Access
+ description: This API is used to add roles/access profiles to the list of common
+ access for a customer. Requires authorization scope of iai:access-modeling:create
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/CommonAccessItemRequest.yaml
+ responses:
+ '202':
+ description: Returns details of the common access classification request.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/CommonAccessItemResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/connector-rule-validate.yaml b/static/api-specs/idn/v2024/paths/connector-rule-validate.yaml
new file mode 100644
index 000000000..95162d949
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/connector-rule-validate.yaml
@@ -0,0 +1,45 @@
+post:
+ tags:
+ - Connector Rule Management
+ operationId: validateConnectorRule
+ summary: Validate Connector Rule
+ description: 'Returns a list of issues within the code to fix, if any.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ requestBody:
+ required: true
+ description: The code to validate
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SourceCode.yaml
+ responses:
+ '200':
+ description: The status of the code's eligibility as a connector rule
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorRuleValidationResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:rule-management-connector:read
+ - idn:rule-management-connector:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/connector-rule.yaml b/static/api-specs/idn/v2024/paths/connector-rule.yaml
new file mode 100644
index 000000000..3a91adf1a
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/connector-rule.yaml
@@ -0,0 +1,148 @@
+get:
+ tags:
+ - Connector Rule Management
+ summary: Connector-Rule by ID
+ operationId: getConnectorRule
+ description: 'Returns the connector rule specified by ID.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ parameters:
+ - name: id
+ in: path
+ description: ID of the connector rule to retrieve
+ required: true
+ style: simple
+ explode: false
+ schema:
+ type: string
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Connector rule with the given ID
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorRuleResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:rule-management-connector:read
+ - idn:rule-management-connector:manage
+put:
+ tags:
+ - Connector Rule Management
+ summary: Update a Connector Rule
+ description: 'Updates an existing connector rule with the one provided in the request
+ body. Note that the fields ''id'', ''name'', and ''type'' are immutable.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ operationId: updateConnectorRule
+ parameters:
+ - name: id
+ in: path
+ description: ID of the connector rule to update
+ required: true
+ style: simple
+ explode: false
+ schema:
+ type: string
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: The connector rule with updated data
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorRuleUpdateRequest.yaml
+ responses:
+ '200':
+ description: The updated connector rule
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorRuleResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:rule-management-connector:manage
+delete:
+ tags:
+ - Connector Rule Management
+ summary: Delete a Connector-Rule
+ description: 'Deletes the connector rule specified by the given ID.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ operationId: deleteConnectorRule
+ parameters:
+ - name: id
+ in: path
+ description: ID of the connector rule to delete
+ required: true
+ style: simple
+ explode: false
+ schema:
+ type: string
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:rule-management-connector:manage
diff --git a/static/api-specs/idn/v2024/paths/connector-rules.yaml b/static/api-specs/idn/v2024/paths/connector-rules.yaml
new file mode 100644
index 000000000..42225a5f8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/connector-rules.yaml
@@ -0,0 +1,84 @@
+get:
+ tags:
+ - Connector Rule Management
+ operationId: getConnectorRuleList
+ summary: List Connector Rules
+ description: 'Returns the list of connector rules.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ responses:
+ '200':
+ description: A list of connector rules
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/ConnectorRuleResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:rule-management-connector:read
+ - idn:rule-management-connector:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+post:
+ tags:
+ - Connector Rule Management
+ operationId: createConnectorRule
+ summary: Create Connector Rule
+ description: 'Creates a new connector rule.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ requestBody:
+ required: true
+ description: The connector rule to create
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorRuleCreateRequest.yaml
+ responses:
+ '201':
+ description: The created connector rule
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorRuleResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:rule-management-connector:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/custom-password-instruction.yaml b/static/api-specs/idn/v2024/paths/custom-password-instruction.yaml
new file mode 100644
index 000000000..1e0605ad7
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/custom-password-instruction.yaml
@@ -0,0 +1,115 @@
+get:
+ operationId: getCustomPasswordInstructions
+ tags:
+ - Custom Password Instructions
+ summary: Get Custom Password Instructions by Page ID
+ description: This API returns the custom password instructions for the specified
+ page ID. A token with ORG_ADMIN authority is required to call this API.
+ parameters:
+ - in: path
+ name: pageId
+ schema:
+ type: string
+ enum:
+ - change-password:enter-password
+ - change-password:finish
+ - flow-selection:select
+ - forget-username:user-email
+ - mfa:enter-code
+ - mfa:enter-kba
+ - mfa:select
+ - reset-password:enter-password
+ - reset-password:enter-username
+ - reset-password:finish
+ - unlock-account:enter-username
+ - unlock-account:finish
+ required: true
+ description: The page ID of custom password instructions to query.
+ example: mfa:select
+ - in: query
+ name: locale
+ schema:
+ type: string
+ description: The locale for the custom instructions, a BCP47 language tag. The
+ default value is \"default\".
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Reference to the custom password instructions.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/CustomPasswordInstruction.yaml
+ example:
+ pageId: reset-password:enter-password
+ locale: default
+ pageContent: See company password policies for details by clicking here
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteCustomPasswordInstructions
+ tags:
+ - Custom Password Instructions
+ summary: Delete Custom Password Instructions by page ID
+ description: This API delete the custom password instructions for the specified
+ page ID. A token with ORG_ADMIN authority is required to call this API.
+ parameters:
+ - in: path
+ name: pageId
+ schema:
+ type: string
+ enum:
+ - change-password:enter-password
+ - change-password:finish
+ - flow-selection:select
+ - forget-username:user-email
+ - mfa:enter-code
+ - mfa:enter-kba
+ - mfa:select
+ - reset-password:enter-password
+ - reset-password:enter-username
+ - reset-password:finish
+ - unlock-account:enter-username
+ - unlock-account:finish
+ required: true
+ description: The page ID of custom password instructions to delete.
+ example: mfa:select
+ - in: query
+ name: locale
+ schema:
+ type: string
+ description: The locale for the custom instructions, a BCP47 language tag. The
+ default value is \"default\".
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/custom-password-instructions.yaml b/static/api-specs/idn/v2024/paths/custom-password-instructions.yaml
new file mode 100644
index 000000000..f5a02c2d8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/custom-password-instructions.yaml
@@ -0,0 +1,43 @@
+post:
+ operationId: createCustomPasswordInstructions
+ tags:
+ - Custom Password Instructions
+ summary: Create Custom Password Instructions
+ description: This API creates the custom password instructions for the specified
+ page ID. A token with ORG_ADMIN authority is required to call this API.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/CustomPasswordInstruction.yaml
+ example:
+ pageId: reset-password:enter-password
+ pageContent: See company password policies for details by clicking here
+ responses:
+ '200':
+ description: Reference to the custom password instructions.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/CustomPasswordInstruction.yaml
+ example:
+ pageId: reset-password:enter-password
+ locale: default
+ pageContent: See company password policies for details by clicking here
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/ears-entitlement-bulk-update.yaml b/static/api-specs/idn/v2024/paths/ears-entitlement-bulk-update.yaml
new file mode 100644
index 000000000..e80999042
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ears-entitlement-bulk-update.yaml
@@ -0,0 +1,40 @@
+post:
+ operationId: updateEntitlementsInBulk
+ tags:
+ - Entitlements
+ summary: Bulk update an entitlement list
+ description: "This API applies an update to every entitlement of the list.\n\nThe\
+ \ number of entitlements to update is limited to 50 items maximum.\n\nThe JsonPatch\
+ \ update follows the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\
+ \ allowed operations : **{ \"op\": \"replace\", \"path\": \"/privileged\", \"\
+ value\": boolean }** **{ \"op\": \"replace\", \"path\": \"/requestable\",\"value\"\
+ : boolean }** \n\nA token with ORG_ADMIN or API authority is required to call\
+ \ this API."
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/EntitlementBulkUpdateRequest.yaml
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/ears-entitlement-children.yaml b/static/api-specs/idn/v2024/paths/ears-entitlement-children.yaml
new file mode 100644
index 000000000..c1635e266
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ears-entitlement-children.yaml
@@ -0,0 +1,136 @@
+get:
+ operationId: listEntitlementChildren
+ tags:
+ - Entitlements
+ summary: List of entitlements children
+ description: This API returns a list of all child entitlements of a given entitlement.
+ security:
+ - UserContextAuth:
+ - idn:entitlement:read
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Entitlement Id
+ example: 2c91808874ff91550175097daaec161c
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **id, name, created, modified,
+ type, attribute, value, source.id**'
+ example: name,-modified
+ required: false
+ style: form
+ explode: true
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in*
+
+
+ **name**: *eq, in, sw*
+
+
+ **type**: *eq, in*
+
+
+ **attribute**: *eq, in*
+
+
+ **value**: *eq, in, sw*
+
+
+ **source.id**: *eq, in*
+
+
+ **requestable**: *eq*
+
+
+ **created**: *gt, lt, ge, le*
+
+
+ **modified**: *gt, lt, ge, le*'
+ example: attribute eq "memberOf"
+ required: false
+ style: form
+ explode: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of entitlements children from an entitlement
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ example:
+ - sourceSchemaObjectType: group
+ attribute: memberOf
+ attributes:
+ GroupType: Security
+ sAMAccountName: LauncherTest1
+ GroupScope: Global
+ objectguid: '{01a6e70b-9705-4155-a5c6-492a9bcc8c64}'
+ objectSid: S-1-5-21-3585869415-1648031554-2909195034-1633
+ cn: LauncherTest1
+ msDS-PrincipalName: AUTOMATIONAD\LauncherTest1
+ value: CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local
+ description: some description
+ privileged: false
+ cloudGoverned: false
+ source:
+ type: SOURCE
+ id: 2c9180877504c40e0175097d5ce707c8
+ name: EndToEnd-ADSource
+ owner:
+ id: 2a2fdacca5e345f18bf7970cfbb8fec2
+ name: identity 1
+ type: IDENTITY
+ segments:
+ - 1d126fe0-45e2-4aea-bc64-a07e9344ef26
+ manuallyUpdatedFields:
+ DISPLAY_NAME: true
+ DESCRIPTION: true
+ id: 2c91808c74ff913f0175097daa9d59cd
+ name: LauncherTest1
+ created: '2020-10-08T18:33:52.029Z'
+ modified: '2021-01-19T16:53:35.707Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/ears-entitlement-parents.yaml b/static/api-specs/idn/v2024/paths/ears-entitlement-parents.yaml
new file mode 100644
index 000000000..3fd1c5ba8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ears-entitlement-parents.yaml
@@ -0,0 +1,137 @@
+get:
+ operationId: listEntitlementParents
+ tags:
+ - Entitlements
+ summary: List of entitlements parents
+ description: This API returns a list of all parent entitlements of a given entitlement.
+ security:
+ - UserContextAuth:
+ - idn:entitlement:read
+ - idn:entitlement:manage
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Entitlement Id
+ example: 2c91808c74ff913f0175097daa9d59cd
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **id, name, created, modified,
+ type, attribute, value, source.id**'
+ example: name,-modified
+ required: false
+ style: form
+ explode: true
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in*
+
+
+ **name**: *eq, in, sw*
+
+
+ **type**: *eq, in*
+
+
+ **attribute**: *eq, in*
+
+
+ **value**: *eq, in, sw*
+
+
+ **source.id**: *eq, in*
+
+
+ **requestable**: *eq*
+
+
+ **created**: *gt, lt, ge, le*
+
+
+ **modified**: *gt, lt, ge, le*'
+ example: attribute eq "memberOf"
+ required: false
+ style: form
+ explode: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of entitlements parents from an entitlement
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ example:
+ - sourceSchemaObjectType: group
+ attribute: memberOf
+ attributes:
+ GroupType: Security
+ sAMAccountName: LauncherTest1
+ GroupScope: Global
+ objectguid: '{01a6e70b-9705-4155-a5c6-492a9bcc8c64}'
+ objectSid: S-1-5-21-3585869415-1648031554-2909195034-1633
+ cn: LauncherTest1
+ msDS-PrincipalName: AUTOMATIONAD\LauncherTest1
+ value: CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local
+ description: some description
+ privileged: false
+ cloudGoverned: false
+ source:
+ type: SOURCE
+ id: 2c9180877504c40e0175097d5ce707c8
+ name: EndToEnd-ADSource
+ owner:
+ id: 2a2fdacca5e345f18bf7970cfbb8fec2
+ name: identity 1
+ type: IDENTITY
+ segments:
+ - 1d126fe0-45e2-4aea-bc64-a07e9344ef26
+ manuallyUpdatedFields:
+ DISPLAY_NAME: true
+ DESCRIPTION: true
+ id: 2c91808c74ff913f0175097daa9d59cd
+ name: LauncherTest1
+ created: '2020-10-08T18:33:52.029Z'
+ modified: '2021-01-19T16:53:35.707Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/ears-entitlement.yaml b/static/api-specs/idn/v2024/paths/ears-entitlement.yaml
new file mode 100644
index 000000000..85b8d0817
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ears-entitlement.yaml
@@ -0,0 +1,208 @@
+get:
+ operationId: getEntitlement
+ tags:
+ - Entitlements
+ summary: Get an entitlement
+ description: This API returns an entitlement by its ID.
+ security:
+ - UserContextAuth:
+ - idn:entitlement:read
+ - idn:entitlement:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The entitlement ID
+ example: 2c91808874ff91550175097daaec161c
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: An entitlement
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ example:
+ sourceSchemaObjectType: group
+ attribute: memberOf
+ attributes:
+ GroupType: Security
+ sAMAccountName: LauncherTest1
+ GroupScope: Global
+ objectguid: '{01a6e70b-9705-4155-a5c6-492a9bcc8c64}'
+ objectSid: S-1-5-21-3585869415-1648031554-2909195034-1633
+ cn: LauncherTest1
+ msDS-PrincipalName: AUTOMATIONAD\LauncherTest1
+ value: CN=LauncherTest1,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local
+ description: some description
+ privileged: false
+ cloudGoverned: false
+ source:
+ type: SOURCE
+ id: 2c9180877504c40e0175097d5ce707c8
+ name: EndToEnd-ADSource
+ owner:
+ id: 2c9180858315595501831958427e5424
+ name: Addie Smith
+ type: IDENTITY
+ segments:
+ - 1d126fe0-45e2-4aea-bc64-a07e9344ef26
+ manuallyUpdatedFields:
+ DISPLAY_NAME: true
+ DESCRIPTION: true
+ id: 2c91808c74ff913f0175097daa9d59cd
+ name: LauncherTest1
+ created: '2020-10-08T18:33:52.029Z'
+ modified: '2021-01-19T16:53:35.707Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+patch:
+ operationId: patchEntitlement
+ tags:
+ - Entitlements
+ summary: Patch an entitlement
+ description: 'This API updates an existing entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902)
+ syntax.
+
+
+ The following fields are patchable: **requestable**, **privileged**, **segments**,
+ **owner**, **name**, **description**, and **manuallyUpdatedFields**
+
+
+ When you''re patching owner, only owner type and owner id must be provided. Owner
+ name is optional, and it won''t be modified. If the owner name is provided, it
+ should correspond to the real name. The only owner type currently supported is
+ IDENTITY.
+
+
+ A token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:entitlement:manage
+ parameters:
+ - name: id
+ in: path
+ description: ID of the entitlement to patch
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121e121518
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ example:
+ - op: replace
+ path: /requestable
+ value: true
+ examples:
+ Make an entitlement requestable and privileged in one call:
+ description: This example shows how multiple fields may be updated with
+ a single patch call.
+ value:
+ - op: replace
+ path: /requestable
+ value: true
+ - op: replace
+ path: /privileged
+ value: true
+ Assign an entitlement to a segment:
+ description: This example shows how to use patch to assign an entitlement
+ to a segment by adding the segment's ID to the entitlement's segments
+ array.
+ value:
+ - op: add
+ path: /segments/-
+ value: f7b1b8a3-5fed-4fd4-ad29-82014e137e19
+ Assign an owner to an entitlement:
+ description: This example shows how to use patch to assign an owner to
+ an entitlement by adding the owner's info to the entitlement.
+ value:
+ - op: add
+ path: /owner
+ value:
+ type: IDENTITY
+ id: 2c9180858315595501831958427e5424
+ Replace an owner for an entitlement:
+ description: This example shows how to use patch to replace an entitlement's
+ owner by replacing the owner's info to the entitlement.
+ value:
+ - op: replace
+ path: /owner
+ value:
+ type: IDENTITY
+ id: 2c9180858315595501831958427e5424
+ Set entitlement manually updated fields:
+ description: 'This example shows how to set an entitlement''s manually
+ updated fields values with patch request. Values for all manually updateable
+ fields must be specified in the request. For now only two entitlement
+ fields support this: DISPLAY_NAME and DESCRIPTION.'
+ value:
+ - op: replace
+ path: /manuallyUpdatedFields
+ value:
+ DISPLAY_NAME: true
+ DESCRIPTION: true
+ Add the description for an entitlement:
+ description: This example shows how to use patch to add a description
+ for the entitlement.
+ value:
+ - op: add
+ path: /description
+ value: new description for the entitlement
+ Update the name for an entitlement:
+ description: This example shows how to use patch to update an entitlement's
+ name.
+ value:
+ - op: replace
+ path: /name
+ value: entitlement new name
+ responses:
+ '200':
+ description: Responds with the entitlement as updated.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/entitlement-access-model-metadata.yaml b/static/api-specs/idn/v2024/paths/entitlement-access-model-metadata.yaml
new file mode 100644
index 000000000..d32c1f5bc
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/entitlement-access-model-metadata.yaml
@@ -0,0 +1,108 @@
+post:
+ summary: Add metadata to an entitlement.
+ description: Add single Access Model Metadata to an entitlement.
+ tags:
+ - Entitlements
+ operationId: createAccessModelMetadataForEntitlement
+ security:
+ - UserContextAuth:
+ - idn:entitlement:update
+ parameters:
+ - name: id
+ in: path
+ required: true
+ schema:
+ type: string
+ description: The entitlement id.
+ example: 2c91808c74ff913f0175097daa9d59cd
+ - name: attributeKey
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute.
+ example: iscPrivacy
+ - name: attributeValue
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute Value.
+ example: public
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: OK
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ summary: Remove metadata from an entitlement.
+ description: Remove single Access Model Metadata from an entitlement.
+ tags:
+ - Entitlements
+ operationId: deleteAccessModelMetadataFromEntitlement
+ security:
+ - UserContextAuth:
+ - idn:entitlement:delete
+ parameters:
+ - name: id
+ in: path
+ required: true
+ schema:
+ type: string
+ description: The entitlement id.
+ example: 2c91808c74ff913f0175097daa9d59cd
+ - name: attributeKey
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute.
+ example: iscPrivacy
+ - name: attributeValue
+ in: path
+ required: true
+ schema:
+ type: string
+ description: Technical name of the Attribute Value.
+ example: public
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: OK
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/entitlement-request-config.yaml b/static/api-specs/idn/v2024/paths/entitlement-request-config.yaml
new file mode 100644
index 000000000..dd43cd340
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/entitlement-request-config.yaml
@@ -0,0 +1,121 @@
+get:
+ operationId: getEntitlementRequestConfig
+ tags:
+ - Entitlements
+ summary: Get Entitlement Request Config
+ description: This API returns the entitlement request config for a specified entitlement.
+ security:
+ - UserContextAuth:
+ - idn:entitlement:read
+ - idn:entitlement:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Entitlement Id
+ example: 2c91808874ff91550175097daaec161c
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: An Entitlement Request Config
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/EntitlementRequestConfig.yaml
+ example:
+ accessRequestConfig:
+ requestCommentRequired: true
+ denialCommentRequired: true
+ approvalSchemes:
+ - approverType: ENTITLEMENT_OWNER
+ approverId: null
+ - approverType: SOURCE_OWNER
+ approverId: null
+ - approverType: MANAGER
+ approverId: null
+ - approverType: GOVERNANCE_GROUP
+ approverId: 46c79819-a69f-49a2-becb-12c971ae66c6
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+put:
+ operationId: putEntitlementRequestConfig
+ tags:
+ - Entitlements
+ summary: Replace Entitlement Request Config
+ description: This API replaces the entitlement request config for a specified entitlement.
+ security:
+ - UserContextAuth:
+ - idn:entitlement:manage
+ parameters:
+ - name: id
+ in: path
+ description: Entitlement ID
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121e121518
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/EntitlementRequestConfig.yaml
+ responses:
+ '200':
+ description: Responds with the entitlement request config as updated.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/EntitlementRequestConfig.yaml
+ example:
+ accessRequestConfig:
+ requestCommentRequired: true
+ denialCommentRequired: true
+ approvalSchemes:
+ - approverType: ENTITLEMENT_OWNER
+ approverId: null
+ - approverType: SOURCE_OWNER
+ approverId: null
+ - approverType: MANAGER
+ approverId: null
+ - approverType: GOVERNANCE_GROUP
+ approverId: 46c79819-a69f-49a2-becb-12c971ae66c6
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/entitlements.yaml b/static/api-specs/idn/v2024/paths/entitlements.yaml
new file mode 100644
index 000000000..b37298b43
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/entitlements.yaml
@@ -0,0 +1,150 @@
+get:
+ operationId: listEntitlements
+ tags:
+ - Entitlements
+ summary: Gets a list of entitlements.
+ security:
+ - UserContextAuth:
+ - idn:entitlement:read
+ - idn:entitlement:manage
+ description: 'This API returns a list of entitlements.
+
+
+ This API can be used in one of the two following ways: either getting entitlements
+ for a specific **account-id**, or getting via use of **filters** (those two options
+ are exclusive).
+
+
+ Any authenticated token can call this API.'
+ parameters:
+ - in: query
+ name: account-id
+ schema:
+ type: string
+ description: The account ID. If specified, returns only entitlements associated
+ with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**,
+ **for-segment-ids**, or **include-unsegmented** param(s).
+ example: ef38f94347e94562b5bb8424a56397d8
+ required: false
+ - in: query
+ name: segmented-for-identity
+ schema:
+ type: string
+ description: 'If present and not empty, additionally filters Entitlements to those
+ which are assigned to the Segment(s) which are visible to the Identity with
+ the specified ID. By convention, the value **me** can stand in for the current
+ user''s Identity ID.
+
+ Cannot be specified with the **account-id** or **for-segment-ids** param(s).
+ It is also illegal to specify a value that refers to a different user''s Identity.'
+ example: me
+ required: false
+ - in: query
+ name: for-segment-ids
+ schema:
+ type: string
+ format: comma-separated
+ description: 'If present and not empty, additionally filters Access Profiles to
+ those which are assigned to the Segment(s) with the specified IDs.
+
+ Cannot be specified with the **account-id** or **segmented-for-identity** param(s).'
+ example: 041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649
+ required: false
+ - in: query
+ name: include-unsegmented
+ schema:
+ type: boolean
+ default: true
+ description: Whether or not the response list should contain unsegmented Entitlements.
+ If **for-segment-ids** and **segmented-for-identity** are both absent or empty,
+ specifying **include-unsegmented=false** results in an error.
+ example: true
+ required: false
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **id, name, created, modified,
+ type, attribute, value, source.id, requestable**'
+ example: name,-modified
+ required: false
+ style: form
+ explode: true
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in*
+
+
+ **name**: *eq, in, sw*
+
+
+ **type**: *eq, in*
+
+
+ **attribute**: *eq, in*
+
+
+ **value**: *eq, in, sw*
+
+
+ **source.id**: *eq, in*
+
+
+ **requestable**: *eq*
+
+
+ **created**: *gt, lt, ge, le*
+
+
+ **modified**: *gt, lt, ge, le*
+
+
+ **owner.id**: *eq, in*'
+ example: attribute eq "memberOf"
+ required: false
+ style: form
+ explode: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of entitlements
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/form-definition-data-source.yaml b/static/api-specs/idn/v2024/paths/form-definition-data-source.yaml
new file mode 100644
index 000000000..cba6e846d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definition-data-source.yaml
@@ -0,0 +1,211 @@
+post:
+ tags:
+ - Custom Forms
+ summary: Preview form definition data source.
+ operationId: showPreviewDataSource
+ parameters:
+ - name: formDefinitionID
+ in: path
+ description: Form definition ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormDefinitionID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormDefinitionID
+ - name: limit
+ in: query
+ description: 'Limit
+
+
+ Integer specifying the maximum number of records to return in a single API call.
+ The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).
+
+ If it is not specified, a default limit is used.'
+ schema:
+ type: integer
+ format: int64
+ maxLength: 250
+ minLength: 0
+ default: 10
+ x-go-name: Limit
+ example: 10
+ required: false
+ x-go-name: Limit
+ - name: filters
+ in: query
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **value**: *eq, ne, in*
+
+
+ Supported composite operators: *not*
+
+
+ Only a single *not* may be used, and it can only be used with the `in` operator.
+ The `not` composite operator must be used in front of the field. For example,
+ the following is valid: `not value in ("ID01")`'
+ schema:
+ type: string
+ x-go-name: Filters
+ example: value eq "ID01"
+ required: false
+ x-go-name: Filters
+ - name: query
+ in: query
+ description: String that is passed to the underlying API to filter other (non-ID)
+ fields. For example, for access profile data sources, this string will be
+ passed to the access profile api and used with a "starts with" filter against several
+ fields.
+ schema:
+ type: string
+ x-go-name: Query
+ example: ac
+ required: false
+ x-go-name: Query
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: Body is the request payload to create a form definition dynamic schema
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormElementPreviewRequest.yaml
+ required: false
+ responses:
+ '200':
+ description: Returns a preview of a form definition data source
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/PreviewDataSourceResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
diff --git a/static/api-specs/idn/v2024/paths/form-definition-file.yaml b/static/api-specs/idn/v2024/paths/form-definition-file.yaml
new file mode 100644
index 000000000..600f6f014
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definition-file.yaml
@@ -0,0 +1,543 @@
+get:
+ tags:
+ - Custom Forms
+ summary: Download definition file by fileId.
+ operationId: getFileFromS3
+ parameters:
+ - name: formDefinitionID
+ in: path
+ description: 'FormDefinitionID
+
+
+ Form definition ID'
+ required: true
+ example: 00000000-0000-0000-0000-000000000000
+ schema:
+ type: string
+ x-go-name: FormDefinitionID
+ x-go-name: FormDefinitionID
+ - name: fileID
+ in: path
+ description: 'FileID
+
+
+ String specifying the hashed name of the uploaded file we are retrieving.'
+ required: true
+ example: 00000031N0J7R2B57M8YG73J7M.png
+ schema:
+ type: string
+ x-go-name: FileID
+ x-go-name: FileID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a file that is referred to by fileID and associated with
+ the formDefinitionID
+ content:
+ application/json:
+ schema:
+ type: string
+ format: binary
+ image/jpeg:
+ schema:
+ type: string
+ format: binary
+ image/png:
+ schema:
+ type: string
+ format: binary
+ application/octet-stream:
+ schema:
+ type: string
+ format: binary
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '503':
+ description: An external service is not available
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
diff --git a/static/api-specs/idn/v2024/paths/form-definition-files.yaml b/static/api-specs/idn/v2024/paths/form-definition-files.yaml
new file mode 100644
index 000000000..feb6d6e34
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definition-files.yaml
@@ -0,0 +1,237 @@
+post:
+ tags:
+ - Custom Forms
+ summary: Upload new form definition file.
+ description: Parameter `{formDefinitionID}` should match a form definition ID.
+ operationId: createFormDefinitionFileRequest
+ parameters:
+ - name: formDefinitionID
+ in: path
+ description: 'FormDefinitionID
+
+
+ String specifying FormDefinitionID'
+ required: true
+ example: 00000000-0000-0000-0000-000000000000
+ schema:
+ type: string
+ x-go-name: FormDefinitionID
+ x-go-name: FormDefinitionID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ required:
+ - file
+ properties:
+ file:
+ type: string
+ description: File specifying the multipart
+ format: binary
+ x-go-name: File
+ encoding:
+ file:
+ contentType: image/png, image/jpeg
+ required: true
+ responses:
+ '201':
+ description: Returns a new form definition file
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormDefinitionFileUploadResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '413':
+ description: An error with payload size too large
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '415':
+ description: An error with unsupported media type
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '503':
+ description: An external service is not available
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
diff --git a/static/api-specs/idn/v2024/paths/form-definition-forms-action-dynamic-schema.yaml b/static/api-specs/idn/v2024/paths/form-definition-forms-action-dynamic-schema.yaml
new file mode 100644
index 000000000..c9ed67aa7
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definition-forms-action-dynamic-schema.yaml
@@ -0,0 +1,155 @@
+post:
+ tags:
+ - Custom Forms
+ summary: Generate JSON Schema dynamically.
+ operationId: createFormDefinitionDynamicSchema
+ requestBody:
+ description: Body is the request payload to create a form definition dynamic schema
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormDefinitionDynamicSchemaRequest.yaml
+ example:
+ id: sp:forms
+ attributes:
+ formDefinitionId: 00000000-0000-0000-0000-000000000000
+ description: AnotherDescription
+ type: action
+ versionNumber: 1
+ required: false
+ responses:
+ '200':
+ description: Returns a form elements dynamic schema
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormDefinitionDynamicSchemaResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/form-definition.yaml b/static/api-specs/idn/v2024/paths/form-definition.yaml
new file mode 100644
index 000000000..96e0534e3
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definition.yaml
@@ -0,0 +1,462 @@
+get:
+ tags:
+ - Custom Forms
+ summary: Return a form definition.
+ description: Parameter `{formDefinitionID}` should match a form definition ID.
+ operationId: getFormDefinitionByKey
+ parameters:
+ - name: formDefinitionID
+ in: path
+ description: Form definition ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormDefinitionID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormDefinitionID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a form definition
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormDefinitionResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+delete:
+ tags:
+ - Custom Forms
+ summary: Deletes a form definition.
+ description: Parameter `{formDefinitionID}` should match a form definition ID.
+ operationId: deleteFormDefinition
+ parameters:
+ - name: formDefinitionID
+ in: path
+ description: Form definition ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormDefinitionID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormDefinitionID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ description: Returns an empty body
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Nil.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+patch:
+ tags:
+ - Custom Forms
+ summary: Patch a form definition.
+ description: Parameter `{formDefinitionID}` should match a form definition ID.
+ operationId: patchFormDefinition
+ parameters:
+ - name: formDefinitionID
+ in: path
+ description: Form definition ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormDefinitionID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormDefinitionID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: 'Body is the request payload to patch a form definition, check: https://jsonpatch.com'
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Patch.yaml
+ example:
+ - op: replace
+ path: /description
+ value: test-description
+ required: false
+ responses:
+ '200':
+ description: Returns the form definition updated
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormDefinitionResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
diff --git a/static/api-specs/idn/v2024/paths/form-definitions-export.yaml b/static/api-specs/idn/v2024/paths/form-definitions-export.yaml
new file mode 100644
index 000000000..685d8d589
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definitions-export.yaml
@@ -0,0 +1,207 @@
+get:
+ tags:
+ - Custom Forms
+ summary: List form definitions by tenant.
+ description: No parameters required.
+ operationId: exportFormDefinitionsByTenant
+ parameters:
+ - name: offset
+ in: query
+ description: 'Offset
+
+
+ Integer specifying the offset of the first result from the beginning of the
+ collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).
+
+ The offset value is record-based, not page-based, and the index starts at 0.'
+ schema:
+ type: integer
+ format: int64
+ default: 0
+ x-go-name: Offset
+ example: 0
+ required: false
+ x-go-name: Offset
+ - name: limit
+ in: query
+ description: 'Limit
+
+
+ Integer specifying the maximum number of records to return in a single API call.
+ The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).
+
+ If it is not specified, a default limit is used.'
+ schema:
+ type: integer
+ format: int64
+ maxLength: 250
+ minLength: 0
+ default: 250
+ x-go-name: Limit
+ example: 250
+ required: false
+ x-go-name: Limit
+ - name: filters
+ in: query
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *eq, gt, sw, in*
+
+
+ **description**: *eq, gt, sw, in*
+
+
+ **created**: *eq, gt, sw, in*
+
+
+ **modified**: *eq, gt, sw, in*'
+ schema:
+ type: string
+ x-go-name: Filters
+ example: name sw "my form"
+ required: false
+ x-go-name: Filters
+ - name: sorters
+ in: query
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, description, created,
+ modified**'
+ schema:
+ type: string
+ default: name
+ x-go-name: Sorters
+ example: name
+ required: false
+ x-go-name: Sorters
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a list of form definition objects by tenant used by SP-Config
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ type: object
+ properties:
+ object:
+ $ref: ../../beta/schemas/forms/FormDefinitionResponse.yaml
+ self:
+ type: string
+ x-go-name: Self
+ version:
+ type: integer
+ format: int8
+ x-go-name: Version
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
diff --git a/static/api-specs/idn/v2024/paths/form-definitions-import.yaml b/static/api-specs/idn/v2024/paths/form-definitions-import.yaml
new file mode 100644
index 000000000..11f922587
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definitions-import.yaml
@@ -0,0 +1,258 @@
+post:
+ tags:
+ - Custom Forms
+ summary: Import form definitions from export.
+ operationId: importFormDefinitions
+ requestBody:
+ description: Body is the request payload to import form definitions
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ type: object
+ properties:
+ object:
+ $ref: ../../beta/schemas/forms/FormDefinitionResponse.yaml
+ self:
+ type: string
+ x-go-name: Self
+ version:
+ type: integer
+ format: int8
+ x-go-name: Version
+ example:
+ - version: 1
+ self:
+ name: All fields not required
+ id: 05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa
+ type: FORM_DEFINITION
+ object:
+ id: 05ed4edb-d0a9-41d9-ad0c-2f6e486ec4aa
+ name: All fields not required
+ description: description
+ owner:
+ type: IDENTITY
+ id: 3447d8ec2602455ab6f1e8408a0f0150
+ usedBy:
+ - type: WORKFLOW
+ id: 5008594c-dacc-4295-8fee-41df60477304
+ - type: WORKFLOW
+ id: 97e75a75-c179-4fbc-a2da-b5fa4aaa8743
+ formInput:
+ - type: STRING
+ label: input1
+ description: A single dynamic scalar value (i.e. number, string, date,
+ etc) that can be passed into the form for use in conditional logic
+ formElements:
+ - id: '3069272797630701'
+ elementType: SECTION
+ config:
+ label: First Section
+ formElements:
+ - id: '3069272797630700'
+ elementType: TEXT
+ key: firstName
+ config:
+ label: First Name
+ - id: '3498415402897539'
+ elementType: TEXT
+ key: lastName
+ config:
+ label: Last Name
+ formConditions:
+ - ruleOperator: AND
+ rules:
+ - sourceType: INPUT
+ source: Department
+ operator: EQ
+ valueType: STRING
+ value: Sales
+ effects:
+ - effectType: HIDE
+ config:
+ element: '2614088730489570'
+ created: '2022-10-04T19:27:04.456Z'
+ modified: '2022-11-16T20:45:02.172Z'
+ required: false
+ responses:
+ '202':
+ description: Returns statuses of those form definition objects imported
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ errors:
+ type: array
+ items:
+ type: object
+ properties:
+ detail:
+ type: object
+ additionalProperties:
+ type: object
+ x-go-name: Detail
+ key:
+ type: string
+ x-go-name: Key
+ text:
+ type: string
+ x-go-name: Text
+ x-go-name: Errors
+ importedObjects:
+ type: array
+ items:
+ type: object
+ properties:
+ object:
+ $ref: ../../beta/schemas/forms/FormDefinitionResponse.yaml
+ self:
+ type: string
+ x-go-name: Self
+ version:
+ type: integer
+ format: int8
+ x-go-name: Version
+ x-go-name: ImportedObjects
+ infos:
+ type: array
+ items:
+ type: object
+ properties:
+ detail:
+ type: object
+ additionalProperties:
+ type: object
+ x-go-name: Detail
+ key:
+ type: string
+ x-go-name: Key
+ text:
+ type: string
+ x-go-name: Text
+ x-go-name: Infos
+ warnings:
+ type: array
+ items:
+ type: object
+ properties:
+ detail:
+ type: object
+ additionalProperties:
+ type: object
+ x-go-name: Detail
+ key:
+ type: string
+ x-go-name: Key
+ text:
+ type: string
+ x-go-name: Text
+ x-go-name: Warnings
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/form-definitions-predefined-select-options.yaml b/static/api-specs/idn/v2024/paths/form-definitions-predefined-select-options.yaml
new file mode 100644
index 000000000..f98a00365
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definitions-predefined-select-options.yaml
@@ -0,0 +1,119 @@
+get:
+ tags:
+ - Custom Forms
+ summary: List predefined select options.
+ description: No parameters required.
+ operationId: searchPreDefinedSelectOptions
+ responses:
+ '200':
+ description: Returns a list of available predefined select options
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/ListPredefinedSelectOptionsResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/form-definitions.yaml b/static/api-specs/idn/v2024/paths/form-definitions.yaml
new file mode 100644
index 000000000..8373140c0
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-definitions.yaml
@@ -0,0 +1,327 @@
+get:
+ tags:
+ - Custom Forms
+ summary: Export form definitions by tenant.
+ description: No parameters required.
+ operationId: searchFormDefinitionsByTenant
+ parameters:
+ - name: offset
+ in: query
+ description: 'Offset
+
+
+ Integer specifying the offset of the first result from the beginning of the
+ collection. The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).
+
+ The offset value is record-based, not page-based, and the index starts at 0.'
+ schema:
+ type: integer
+ format: int64
+ default: 0
+ x-go-name: Offset
+ example: 250
+ required: false
+ x-go-name: Offset
+ - name: limit
+ in: query
+ description: 'Limit
+
+
+ Integer specifying the maximum number of records to return in a single API call.
+ The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).
+
+ If it is not specified, a default limit is used.'
+ schema:
+ type: integer
+ format: int64
+ maxLength: 250
+ minLength: 0
+ default: 250
+ x-go-name: Limit
+ example: 250
+ required: false
+ x-go-name: Limit
+ - name: filters
+ in: query
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *eq, gt, sw, in*
+
+
+ **description**: *eq, gt, sw, in*
+
+
+ **created**: *eq, gt, sw, in*
+
+
+ **modified**: *eq, gt, sw, in*'
+ schema:
+ type: string
+ x-go-name: Filters
+ example: name sw "my form"
+ required: false
+ x-go-name: Filters
+ - name: sorters
+ in: query
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, description, created,
+ modified**'
+ schema:
+ type: string
+ default: name
+ x-go-name: Sorters
+ example: name
+ required: false
+ x-go-name: Sorters
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a list of form definitions by tenant
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/ListFormDefinitionsByTenantResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+post:
+ tags:
+ - Custom Forms
+ summary: Creates a form definition.
+ operationId: createFormDefinition
+ requestBody:
+ description: Body is the request payload to create form definition request
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/CreateFormDefinitionRequest.yaml
+ example:
+ name: my form
+ description: my form description
+ owner:
+ type: IDENTITY
+ id: 00000000-0000-0000-0000-000000000000
+ required: false
+ responses:
+ '201':
+ description: Returns a new form definition
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormDefinitionResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/form-instance-data-source.yaml b/static/api-specs/idn/v2024/paths/form-instance-data-source.yaml
new file mode 100644
index 000000000..fbec04d4a
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-instance-data-source.yaml
@@ -0,0 +1,217 @@
+get:
+ tags:
+ - Custom Forms
+ summary: Retrieves dynamic data by element.
+ description: 'Parameter `{formInstanceID}` should match a form instance ID.
+
+ Parameter `{formElementID}` should match a form element ID at the data source
+ configuration.'
+ operationId: searchFormElementDataByElementID
+ parameters:
+ - name: formInstanceID
+ in: path
+ description: Form instance ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormInstanceID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormInstanceID
+ - name: formElementID
+ in: path
+ description: Form element ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormElementID
+ example: 1
+ x-go-name: FormElementID
+ - name: limit
+ in: query
+ description: 'Limit
+
+
+ Integer specifying the maximum number of records to return in a single API call.
+ The standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).
+
+ If it is not specified, a default limit is used.'
+ schema:
+ type: integer
+ format: int64
+ maxLength: 250
+ minLength: 0
+ default: 250
+ x-go-name: Limit
+ example: 250
+ required: false
+ x-go-name: Limit
+ - name: filters
+ in: query
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **value**: *eq, ne, in*
+
+
+ Supported composite operators: *not*
+
+
+ Only a single *not* may be used, and it can only be used with the `in` operator.
+ The `not` composite operator must be used in front of the field. For example,
+ the following is valid: `not value in ("ID01")`'
+ schema:
+ type: string
+ x-go-name: Filters
+ example: value eq "ID01"
+ required: false
+ x-go-name: Filters
+ - name: query
+ in: query
+ description: String that is passed to the underlying API to filter other (non-ID)
+ fields. For example, for access profile data sources, this string will be
+ passed to the access profile api and used with a "starts with" filter against several
+ fields.
+ schema:
+ type: string
+ x-go-name: Query
+ example: support
+ required: false
+ x-go-name: Query
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Retrieves dynamic data to aid in correctly completing a valid form
+ by form element ID from data source configuration
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/ListFormElementDataByElementIDResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth: []
diff --git a/static/api-specs/idn/v2024/paths/form-instance-file.yaml b/static/api-specs/idn/v2024/paths/form-instance-file.yaml
new file mode 100644
index 000000000..ace18305b
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-instance-file.yaml
@@ -0,0 +1,543 @@
+get:
+ tags:
+ - Custom Forms
+ summary: Download instance file by fileId.
+ operationId: getFormInstanceFile
+ parameters:
+ - name: formInstanceID
+ in: path
+ description: 'FormInstanceID
+
+
+ Form instance ID'
+ required: true
+ example: 00000000-0000-0000-0000-000000000000
+ schema:
+ type: string
+ x-go-name: FormInstanceID
+ x-go-name: FormInstanceID
+ - name: fileID
+ in: path
+ description: 'FileID
+
+
+ String specifying the hashed name of the uploaded file we are retrieving.'
+ required: true
+ example: 00000031N0J7R2B57M8YG73J7M.png
+ schema:
+ type: string
+ x-go-name: FileID
+ x-go-name: FileID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a file that is referred to by fileID and associated with
+ the formInstanceID
+ content:
+ application/json:
+ schema:
+ type: string
+ format: binary
+ image/jpeg:
+ schema:
+ type: string
+ format: binary
+ image/png:
+ schema:
+ type: string
+ format: binary
+ application/octet-stream:
+ schema:
+ type: string
+ format: binary
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '503':
+ description: An external service is not available
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/jpeg:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ image/png:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ application/octet-stream:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
diff --git a/static/api-specs/idn/v2024/paths/form-instance.yaml b/static/api-specs/idn/v2024/paths/form-instance.yaml
new file mode 100644
index 000000000..0ab0f718a
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-instance.yaml
@@ -0,0 +1,338 @@
+get:
+ tags:
+ - Custom Forms
+ summary: Returns a form instance.
+ description: Parameter `{formInstanceID}` should match a form instance ID.
+ operationId: getFormInstanceByKey
+ parameters:
+ - name: formInstanceID
+ in: path
+ description: Form instance ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormInstanceID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormInstanceID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a form instance by its key
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormInstanceResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth: []
+patch:
+ tags:
+ - Custom Forms
+ summary: Patch a form instance.
+ description: Parameter `{formInstanceID}` should match a form instance ID.
+ operationId: patchFormInstance
+ parameters:
+ - name: formInstanceID
+ in: path
+ description: Form instance ID
+ required: true
+ schema:
+ type: string
+ x-go-name: FormInstanceID
+ example: 00000000-0000-0000-0000-000000000000
+ x-go-name: FormInstanceID
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: 'Body is the request payload to patch a form instance, check: https://jsonpatch.com'
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Patch.yaml
+ example:
+ - op: replace
+ path: /state
+ value: SUBMITTED
+ - op: replace
+ path: /formData
+ value:
+ a-key-1: a-value-1
+ a-key-2: true
+ a-key-3: 1
+ required: false
+ responses:
+ '200':
+ description: Returns the form instance updated
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormInstanceResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '404':
+ description: An error with the item not found
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '409':
+ description: An error with the request property conflicts with stored
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth: []
+ x-codegen-request-body-name: Body
diff --git a/static/api-specs/idn/v2024/paths/form-instances.yaml b/static/api-specs/idn/v2024/paths/form-instances.yaml
new file mode 100644
index 000000000..0c69714ea
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/form-instances.yaml
@@ -0,0 +1,254 @@
+get:
+ tags:
+ - Custom Forms
+ summary: List form instances by tenant.
+ description: No parameters required.
+ operationId: searchFormInstancesByTenant
+ responses:
+ '200':
+ description: Returns a list of form instances by tenant
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/ListFormInstancesByTenantResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+post:
+ tags:
+ - Custom Forms
+ summary: Creates a form instance.
+ operationId: createFormInstance
+ requestBody:
+ description: Body is the request payload to create a form instance
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/CreateFormInstanceRequest.yaml
+ example:
+ expire: '2023-06-20T15:57:55.332882Z'
+ formDefinitionId: 00000000-0000-0000-0000-000000000000
+ recipients:
+ - type: IDENTITY
+ id: an-identity-id
+ createdBy:
+ type: WORKFLOW_EXECUTION
+ id: a-workflow-execution-id
+ required: false
+ responses:
+ '201':
+ description: Returns a new form instance
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/FormInstanceResponse.yaml
+ '400':
+ description: An error with the request occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '401':
+ description: An error with the authorization occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '403':
+ description: An error with the user permissions occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ '429':
+ description: Too many requests
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/forms/Error.yaml
+ '500':
+ description: An internal server error occurred
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ detailCode:
+ type: string
+ x-go-name: DetailCode
+ messages:
+ type: array
+ items:
+ $ref: ../../beta/schemas/forms/ErrorMessage.yaml
+ x-go-name: Messages
+ statusCode:
+ type: integer
+ format: int64
+ x-go-name: StatusCode
+ trackingId:
+ type: string
+ x-go-name: TrackingID
+ security:
+ - UserContextAuth:
+ - sp:forms:manage
+ x-codegen-request-body-name: Body
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/historical-identities.yaml b/static/api-specs/idn/v2024/paths/historical-identities.yaml
new file mode 100644
index 000000000..3371c74a9
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identities.yaml
@@ -0,0 +1,61 @@
+get:
+ operationId: listHistoricalIdentities
+ summary: Lists all the identities
+ description: This gets the list of identities for the customer. This list end point
+ does not support count=true request param. The total count of identities would
+ never be returned even if the count param is specified in the request Requires
+ authorization scope of 'idn:identity-history:read'
+ security:
+ - UserContextAuth:
+ - idn:identity-history:read
+ tags:
+ - Identity History
+ parameters:
+ - in: query
+ name: starts-with-query
+ schema:
+ type: string
+ description: This param is used for starts-with search for first, last and display
+ name of the identity
+ example: Ada
+ - in: query
+ name: is-deleted
+ schema:
+ type: boolean
+ description: Indicates if we want to only list down deleted identities or not.
+ example: true
+ - in: query
+ name: is-active
+ schema:
+ type: boolean
+ description: Indicates if we want to only list active or inactive identities.
+ example: true
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of identities for the customer.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/IdentityListItem.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-access-items.yaml b/static/api-specs/idn/v2024/paths/historical-identity-access-items.yaml
new file mode 100644
index 000000000..57b4dc101
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-access-items.yaml
@@ -0,0 +1,102 @@
+get:
+ operationId: listIdentityAccessItems
+ tags:
+ - Identity History
+ summary: Gets a list of access items for the identity filtered by item type
+ description: 'This method retrieves a list of access item for the identity filtered
+ by the access item type Requires authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: query
+ name: type
+ schema:
+ type: string
+ description: The type of access item for the identity. If not provided, it defaults
+ to account
+ example: account
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The list of access items.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ oneOf:
+ - $ref: ../../beta/schemas/AccessItemAccessProfileResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemAccountResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemAppResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemEntitlementResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemRoleResponse.yaml
+ examples:
+ Access Profile:
+ description: An access profile response
+ value:
+ - accessType: accessProfile
+ id: 2c918087763e69d901763e72e97f006f
+ name: sample
+ sourceName: DataScienceDataset
+ sourceId: 2793o32dwd
+ description: AccessProfile - Workday/Citizenship access
+ displayName: Dr. Arden Rogahn MD
+ entitlementCount: 12
+ appDisplayName: AppName
+ Account:
+ description: An account response
+ value:
+ - accessType: account
+ id: 2c918087763e69d901763e72e97f006f
+ nativeIdentity: dr.arden.ogahn.d
+ sourceName: DataScienceDataset
+ sourceId: 2793o32dwd
+ entitlementCount: 12
+ displayName: Dr. Arden Rogahn MD
+ App:
+ description: An app response
+ value:
+ - accessType: app
+ id: 2c918087763e69d901763e72e97f006f
+ name: appName
+ Entitlement:
+ description: An entitlement event
+ value:
+ - accessType: entitlement
+ id: 2c918087763e69d901763e72e97f006f
+ attribute: groups
+ value: Upward mobility access
+ type: group
+ sourceName: DataScienceDataset
+ sourceId: 2793o32dwd
+ description: Entitlement - Workday/Citizenship access
+ displayName: Dr. Arden Rogahn MD
+ Role:
+ description: A role response
+ value:
+ - accessType: role
+ id: 2c918087763e69d901763e72e97f006f
+ name: sample
+ description: Role - Workday/Citizenship access
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-compare-type.yaml b/static/api-specs/idn/v2024/paths/historical-identity-compare-type.yaml
new file mode 100644
index 000000000..2166ae340
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-compare-type.yaml
@@ -0,0 +1,72 @@
+get:
+ operationId: compareIdentitySnapshotsAccessType
+ tags:
+ - Identity History
+ summary: Gets a list of differences of specific accessType for the given identity
+ between 2 snapshots
+ description: 'This method gets a list of differences of specific accessType for
+ the given identity between 2 snapshots Requires authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: path
+ name: accessType
+ schema:
+ type: string
+ required: true
+ description: The specific type which needs to be compared
+ example: role
+ - in: query
+ name: access-associated
+ schema:
+ type: boolean
+ description: Indicates if added or removed access needs to be returned. true -
+ added, false - removed, null - both added & removed
+ example: '2007-03-01T13:00:00Z'
+ - in: query
+ name: snapshot1
+ schema:
+ type: string
+ description: The snapshot 1 of identity
+ example: '2008-03-01T13:00:00Z'
+ - in: query
+ name: snapshot2
+ schema:
+ type: string
+ description: The snapshot 2 of identity
+ example: '2009-03-01T13:00:00Z'
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A list of events for the identity
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/AccessItemDiff.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-compare.yaml b/static/api-specs/idn/v2024/paths/historical-identity-compare.yaml
new file mode 100644
index 000000000..94f2d2e59
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-compare.yaml
@@ -0,0 +1,67 @@
+get:
+ operationId: compareIdentitySnapshots
+ tags:
+ - Identity History
+ summary: Gets a difference of count for each access item types for the given identity
+ between 2 snapshots
+ description: 'This method gets a difference of count for each access item types
+ for the given identity between 2 snapshots Requires authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: query
+ name: snapshot1
+ schema:
+ type: string
+ description: The snapshot 1 of identity
+ example: '2007-03-01T13:00:00Z'
+ - in: query
+ name: snapshot2
+ schema:
+ type: string
+ description: The snapshot 2 of identity
+ example: '2008-03-01T13:00:00Z'
+ - in: query
+ name: accessItemTypes
+ schema:
+ type: array
+ items:
+ type: string
+ description: 'An optional list of access item types (app, account, entitlement,
+ etc...) to return. If null or empty, all access items types are returned '
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A IdentityCompare object with difference details for each access
+ item type
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/IdentityCompareResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-events.yaml b/static/api-specs/idn/v2024/paths/historical-identity-events.yaml
new file mode 100644
index 000000000..2bb0bbfd4
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-events.yaml
@@ -0,0 +1,203 @@
+get:
+ operationId: getHistoricalIdentityEvents
+ tags:
+ - Identity History
+ summary: Lists all events for the given identity
+ description: 'This method retrieves all access events for the identity Requires
+ authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: query
+ name: from
+ schema:
+ type: string
+ description: The optional instant until which access events are returned
+ example: '2024-03-01T13:00:00Z'
+ - in: query
+ name: eventTypes
+ schema:
+ type: array
+ items:
+ type: string
+ description: An optional list of event types to return. If null or empty, all
+ events are returned
+ example:
+ - AccessAddedEvent
+ - AccessRemovedEvent
+ - in: query
+ name: accessItemTypes
+ schema:
+ type: array
+ items:
+ type: string
+ description: An optional list of access item types (app, account, entitlement,
+ etc...) to return. If null or empty, all access items types are returned
+ example:
+ - entitlement
+ - account
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The list of events for the identity
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ anyOf:
+ - $ref: ../../beta/schemas/AccessItemAssociated.yaml
+ - $ref: ../../beta/schemas/AccessItemRemoved.yaml
+ - $ref: ../../beta/schemas/AttributesChanged.yaml
+ - $ref: ../../beta/schemas/AccessRequested.yaml
+ - $ref: ../../beta/schemas/IdentityCertified.yaml
+ - $ref: ../../beta/schemas/AccountStatusChanged.yaml
+ examples:
+ AccessItemAssociated:
+ description: An Access item associated event
+ value:
+ - accessItem:
+ id: 8c190e6787aa4ed9a90bd9d5344523fb
+ accessType: account
+ nativeIdentity: 127999
+ sourceName: JDBC Entitlements Source
+ entitlementCount: 0
+ displayName: Sample Name
+ eventType: AccessItemAssociated
+ identityId: 8a80828f643d484f01643e14202e206f
+ dt: '2019-03-08T22:37:33.901Z'
+ governanceEvent:
+ name: Access Request 58
+ dt: '2019-03-08T22:37:33.901Z'
+ type: accessRequest
+ governanceId: 2c91808a77ff216301782327a50f09e1
+ owners:
+ - id: bc693f07e7b645539626c25954c58554
+ displayName: Jon Snow
+ reviewers:
+ - id: bc693f07e7b645539626c25954c58554
+ displayName: Jon Snow
+ decisionMaker:
+ id: bc693f07e7b645539626c25954c58554
+ displayName: Jon Snow
+ AccessItemRemoved:
+ description: An Access item removed event
+ value:
+ - accessItem:
+ id: 8c190e6787aa4ed9a90bd9d5344523fb
+ accessType: account
+ nativeIdentity: 127999
+ sourceName: JDBC Entitlements Source
+ entitlementCount: 0
+ displayName: Sample Name
+ eventType: AccessItemRemoved
+ identityId: 8a80828f643d484f01643e14202e206f
+ dt: '2019-03-08T22:37:33.901Z'
+ governanceEvent:
+ name: Manager Certification for Jon Snow
+ dt: '2019-03-08T22:37:33.901Z'
+ type: certification
+ governanceId: 2c91808a77ff216301782327a50f09bf
+ owners:
+ - id: bc693f07e7b645539626c25954c58554
+ displayName: Jon Snow
+ reviewers:
+ - id: bc693f07e7b645539626c25954c58554
+ displayName: Jon Snow
+ decisionMaker:
+ id: bc693f07e7b645539626c25954c58554
+ displayName: Jon Snow
+ AttributesChanged:
+ description: An attribute changed event
+ value:
+ - attributeChanges:
+ - name: firstname
+ previousValue: adam
+ newValue: zampa
+ eventType: AttributesChanged
+ identityId: 8a80828f643d484f01643e14202e206f
+ dt: '2019-03-08T22:37:33.901Z'
+ AccessRequested:
+ description: An access requested event
+ value:
+ accessRequest:
+ requesterId: 2c91808a77ff216301782327a50f09bf
+ requestName: Bing C
+ items:
+ - operation: Add
+ accessItemType: role
+ name: Role-1
+ decision: APPROVED
+ description: The role descrition
+ sourceId: 8a80828f643d484f01643e14202e206f
+ sourceName: Source1
+ approvalInfos:
+ - name: John Snow
+ id: 8a80828f643d484f01643e14202e2000
+ status: Approved
+ eventType: AccessRequested
+ identityId: 8a80828f643d484f01643e14202e206f
+ dt: '2019-03-08T22:37:33.901Z'
+ IdentityCertified:
+ description: An identity certified event
+ value:
+ - certification:
+ id: 2c91808a77ff216301782327a50f09bf
+ name: Cert name
+ signedDate: '2019-03-08T22:37:33.901Z'
+ certifiers:
+ - id: 8a80828f643d484f01643e14202e206f
+ displayName: John Snow
+ reviewers:
+ - id: 8a80828f643d484f01643e14202e206f
+ displayName: Daenerys Targaryen
+ signer:
+ id: 8a80828f643d484f01643e14202e206f
+ displayName: Tyrion Lannister
+ eventType: IdentityCertified
+ identityId: 8a80828f643d484f01643e14202e206f
+ dt: '2019-03-08T22:37:33.901Z'
+ AccountStatusChanged:
+ description: An account status changed event
+ value:
+ - account:
+ id: 2c91808a77ff216301782327a50f09bf
+ nativeIdentity: 127999
+ displayName: Sample Name
+ sourceId: 8a80828f643d484f01643e14202e206f
+ sourceName: JDBC Entitlements Source
+ entitlementCount: 0
+ accessType: account
+ statusChange:
+ previousStatus: ENABLED
+ newStatus: DISABLED
+ eventType: AccountStatusChanged
+ identityId: 8a80828f643d484f01643e14202e206f
+ dt: '2019-03-08T22:37:33.901Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-snapshot-date-access-items.yaml b/static/api-specs/idn/v2024/paths/historical-identity-snapshot-date-access-items.yaml
new file mode 100644
index 000000000..24de0691b
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-snapshot-date-access-items.yaml
@@ -0,0 +1,109 @@
+get:
+ operationId: listIdentitySnapshotAccessItems
+ tags:
+ - Identity History
+ summary: Gets the list of identity access items at a given date filterd by item
+ type
+ description: 'This method retrieves the list of identity access items at a given
+ date filterd by item type Requires authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: path
+ name: date
+ schema:
+ type: string
+ required: true
+ description: The specified date
+ example: '2007-03-01T13:00:00Z'
+ - in: query
+ name: type
+ schema:
+ type: string
+ description: The access item type
+ example: account
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The identity object.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ oneOf:
+ - $ref: ../../beta/schemas/AccessItemAccessProfileResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemAccountResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemAppResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemEntitlementResponse.yaml
+ - $ref: ../../beta/schemas/AccessItemRoleResponse.yaml
+ examples:
+ Access Item AccessProfile Response:
+ description: An access profile response
+ value:
+ - type: accessProfile
+ id: 2c918087763e69d901763e72e97f006f
+ name: sample
+ sourceName: DataScienceDataset
+ sourceId: 2793o32dwd
+ description: AccessProfile - Workday/Citizenship access
+ displayName: Dr. Arden Rogahn MD
+ entitlementCount: 12
+ appDisplayName: AppName
+ Access Item Account Response:
+ description: An account response
+ value:
+ - type: account
+ id: 2c918087763e69d901763e72e97f006f
+ nativeIdentity: dr.arden.ogahn.d
+ sourceName: DataScienceDataset
+ sourceId: 2793o32dwd
+ entitlementCount: 12
+ displayName: Dr. Arden Rogahn MD
+ Access Item App Response:
+ description: An app response
+ value:
+ - type: app
+ id: 2c918087763e69d901763e72e97f006f
+ name: appName
+ Access Item Entitlement Response:
+ description: An entitlement event
+ value:
+ - type: entitlement
+ id: 2c918087763e69d901763e72e97f006f
+ attribute: groups
+ value: Upward mobility access
+ entitlementType: entitlement
+ sourceName: DataScienceDataset
+ sourceId: 2793o32dwd
+ description: Entitlement - Workday/Citizenship access
+ displayName: Dr. Arden Rogahn MD
+ Access Item Role Response:
+ description: A role response
+ value:
+ - type: role
+ id: 2c918087763e69d901763e72e97f006f
+ name: sample
+ description: Role - Workday/Citizenship access
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-snapshot-date.yaml b/static/api-specs/idn/v2024/paths/historical-identity-snapshot-date.yaml
new file mode 100644
index 000000000..8c645d3e6
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-snapshot-date.yaml
@@ -0,0 +1,47 @@
+get:
+ operationId: getIdentitySnapshot
+ tags:
+ - Identity History
+ summary: Gets an identity snapshot at a given date
+ description: 'This method retrieves a specified identity snapshot at a given date
+ Requires authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: path
+ name: date
+ schema:
+ type: string
+ description: The specified date
+ example: '2007-03-01T13:00:00Z'
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The identity object.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentityHistoryResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-snapshot-summary.yaml b/static/api-specs/idn/v2024/paths/historical-identity-snapshot-summary.yaml
new file mode 100644
index 000000000..b98a2c299
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-snapshot-summary.yaml
@@ -0,0 +1,65 @@
+get:
+ operationId: getIdentitySnapshotSummary
+ tags:
+ - Identity History
+ summary: Gets the summary for the event count for a specific identity
+ description: 'This method gets the summary for the event count for a specific identity
+ by month/day Requires authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: query
+ name: before
+ schema:
+ type: string
+ description: The date before which snapshot summary is required
+ example: '2007-03-01T13:00:00Z'
+ - in: query
+ name: interval
+ schema:
+ type: string
+ enum:
+ - day
+ - month
+ description: The interval indicating day or month. Defaults to month if not specified
+ - in: query
+ name: time-zone
+ schema:
+ type: string
+ description: The time zone. Defaults to UTC if not provided
+ example: UTC
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A summary list of identity changes in date histogram format.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/MetricResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-snapshots.yaml b/static/api-specs/idn/v2024/paths/historical-identity-snapshots.yaml
new file mode 100644
index 000000000..9389ca4c0
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-snapshots.yaml
@@ -0,0 +1,60 @@
+get:
+ operationId: listIdentitySnapshots
+ tags:
+ - Identity History
+ summary: Lists all the snapshots for the identity
+ description: 'This method retrieves all the snapshots for the identity Requires
+ authorization scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - in: query
+ name: start
+ schema:
+ type: string
+ description: The specified start date
+ example: '2007-03-01T13:00:00Z'
+ - in: query
+ name: interval
+ schema:
+ type: string
+ enum:
+ - day
+ - month
+ description: The interval indicating the range in day or month for the specified
+ interval-name
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A list of identity summary for each snapshot.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/IdentitySnapshotSummaryResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity-start-date.yaml b/static/api-specs/idn/v2024/paths/historical-identity-start-date.yaml
new file mode 100644
index 000000000..59bdadc64
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity-start-date.yaml
@@ -0,0 +1,41 @@
+get:
+ operationId: getIdentityStartDate
+ tags:
+ - Identity History
+ summary: Gets the start date of the identity
+ description: 'This method retrieves start date of the identity Requires authorization
+ scope of ''idn:identity-history:read'' '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The start date of the identity
+ content:
+ application/json:
+ schema:
+ type: string
+ example: '2017-03-01T13:00:00.000Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/historical-identity.yaml b/static/api-specs/idn/v2024/paths/historical-identity.yaml
new file mode 100644
index 000000000..85346197d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/historical-identity.yaml
@@ -0,0 +1,43 @@
+get:
+ operationId: getHistoricalIdentity
+ tags:
+ - Identity History
+ summary: Get latest snapshot of identity
+ description: This method retrieves a specified identity Requires authorization scope
+ of 'idn:identity-history:read'
+ security:
+ - UserContextAuth:
+ - idn:identity-history:read
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id
+ example: 8c190e6787aa4ed9a90bd9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The identity object.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentityHistoryResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/icon.yaml b/static/api-specs/idn/v2024/paths/icon.yaml
new file mode 100644
index 000000000..268d908ac
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/icon.yaml
@@ -0,0 +1,119 @@
+put:
+ operationId: setIcon
+ tags:
+ - Icons
+ summary: Update an icon
+ description: This API endpoint updates an icon by object type and object id. A token
+ with ORG_ADMIN authority is required to call this API.
+ parameters:
+ - in: path
+ name: objectType
+ schema:
+ type: string
+ required: true
+ description: Object type. Available options ['application']
+ example: application
+ - in: path
+ name: objectId
+ schema:
+ type: string
+ required: true
+ description: Object id.
+ example: a291e870-48c3-4953-b656-fb5ce2a93169
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ required:
+ - image
+ properties:
+ image:
+ type: string
+ format: binary
+ description: file with icon. Allowed mime-types ['image/png', 'image/jpeg']
+ example: \x00\x00\x00\x02
+ security:
+ - UserContextAuth:
+ - idn:icons:manage
+ responses:
+ '200':
+ description: Icon updated
+ content:
+ application/json:
+ schema:
+ type: object
+ properties:
+ icon:
+ type: string
+ description: url to file with icon
+ example: ''
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteIcon
+ tags:
+ - Icons
+ summary: Delete an icon
+ description: This API endpoint delete an icon by object type and object id. A token
+ with ORG_ADMIN authority is required to call this API.
+ parameters:
+ - in: path
+ name: objectType
+ schema:
+ type: string
+ required: true
+ description: Object type. Available options ['application']
+ example: application
+ - in: path
+ name: objectId
+ schema:
+ type: string
+ required: true
+ description: Object id.
+ example: a291e870-48c3-4953-b656-fb5ce2a93169
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ security:
+ - UserContextAuth:
+ - idn:icons:manage
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identities-accounts-disable.yaml b/static/api-specs/idn/v2024/paths/identities-accounts-disable.yaml
new file mode 100644
index 000000000..abd1e3843
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identities-accounts-disable.yaml
@@ -0,0 +1,55 @@
+post:
+ operationId: disableAccountsForIdentities
+ tags:
+ - Accounts
+ summary: Disable IDN Accounts for Identities
+ description: This API submits tasks to disable IDN account for each identity provided
+ in the request body.
+ externalDocs:
+ description: Learn more about disabling identities here
+ url: https://documentation.sailpoint.com/saas/help/common/users/user_access.html#disabling-user-identities
+ security:
+ - UserContextAuth:
+ - idn:accounts-state:manage
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentitiesAccountsBulkRequest.yaml
+ responses:
+ '207':
+ description: Bulk response details.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/BulkIdentitiesAccountsResponse.yaml
+ example:
+ - id: 2c9180858082150f0180893dbaf553fe
+ statusCode: 404
+ message: Referenced identity "2c9180858082150f0180893dbaf553fe" was
+ not found.
+ - id: 2c91808384203c2d018437e631158308
+ statusCode: 202
+ message: null
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/identities-accounts-enable.yaml b/static/api-specs/idn/v2024/paths/identities-accounts-enable.yaml
new file mode 100644
index 000000000..4126c01cf
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identities-accounts-enable.yaml
@@ -0,0 +1,55 @@
+post:
+ operationId: enableAccountsForIdentities
+ tags:
+ - Accounts
+ summary: Enable IDN Accounts for Identities
+ description: This API submits tasks to enable IDN account for each identity provided
+ in the request body.
+ externalDocs:
+ description: Learn more about enabling identities here
+ url: https://documentation.sailpoint.com/saas/help/common/users/user_access.html#enabling-user-identities
+ security:
+ - UserContextAuth:
+ - idn:accounts-state:manage
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentitiesAccountsBulkRequest.yaml
+ responses:
+ '207':
+ description: Bulk response details.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/BulkIdentitiesAccountsResponse.yaml
+ example:
+ - id: 2c9180858082150f0180893dbaf553fe
+ statusCode: 404
+ message: Referenced identity "2c9180858082150f0180893dbaf553fe" was
+ not found.
+ - id: 2c91808384203c2d018437e631158308
+ statusCode: 202
+ message: null
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/identities-process.yaml b/static/api-specs/idn/v2024/paths/identities-process.yaml
new file mode 100644
index 000000000..368c0ad48
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identities-process.yaml
@@ -0,0 +1,60 @@
+post:
+ operationId: startIdentityProcessing
+ tags:
+ - Identities
+ summary: Process a list of identityIds
+ description: "This operation should not be used to schedule your own identity processing\
+ \ or to perform system wide identity refreshes. The system will use a combination\
+ \ of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing)\
+ \ and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing)\
+ \ that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep\
+ \ your identities synchronized. \n\nThis endpoint will perform the following tasks:\n\
+ 1. Calculate identity attributes, including applying or running any rules or transforms\
+ \ (e.g. calculate Lifecycle State at a point-in-time it's expected to change).\n\
+ 2. Evaluate role assignments, leading to assignment of new roles and removal of\
+ \ existing roles.\n3. Enforce provisioning for any assigned accesses that haven't\
+ \ been fulfilled (e.g. failure due to source health).\n4. Recalculate manager\
+ \ relationships.\n5. Potentially clean-up identity processing errors, assuming\
+ \ the error has been resolved.\n\nA token with ORG_ADMIN or HELPDESK authority\
+ \ is required to call this API.\n"
+ externalDocs:
+ description: Learn more about manually processing identities here
+ url: https://documentation.sailpoint.com/saas/help/setup/identity_processing.html
+ security:
+ - UserContextAuth:
+ - idn:identity:manage
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ProcessIdentitiesRequest.yaml
+ responses:
+ '202':
+ description: Object containing the DTO type TASK_RESULT and the job id for the
+ task
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/TaskResultResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/identities-role-assignment.yaml b/static/api-specs/idn/v2024/paths/identities-role-assignment.yaml
new file mode 100644
index 000000000..e457af74d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identities-role-assignment.yaml
@@ -0,0 +1,50 @@
+get:
+ operationId: getRoleAssignment
+ tags:
+ - Identities
+ summary: Role assignment details
+ security:
+ - UserContextAuth:
+ - idn:identity:read
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ required: true
+ description: Identity Id
+ example: ef38f94347e94562b5bb8424a56397d8
+ - in: path
+ name: assignmentId
+ schema:
+ type: string
+ required: true
+ description: Assignment Id
+ example: 1cbb0705b38c4226b1334eadd8874086
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A role assignment object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleAssignmentDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identities-role-assignments.yaml b/static/api-specs/idn/v2024/paths/identities-role-assignments.yaml
new file mode 100644
index 000000000..58bbf99b9
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identities-role-assignments.yaml
@@ -0,0 +1,64 @@
+get:
+ operationId: getRoleAssignments
+ tags:
+ - Identities
+ summary: List role assignments
+ description: This returns either a list of Role Assignments when querying with either
+ a Role Id or Role Name, or a list of Role Assignment References if querying with
+ only identity Id.
+ security:
+ - UserContextAuth:
+ - idn:identity:read
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ required: true
+ description: Identity Id to get the role assignments for
+ example: ef38f94347e94562b5bb8424a56397d8
+ - in: query
+ name: roleId
+ schema:
+ type: string
+ required: false
+ description: Role Id to filter the role assignments with
+ example: e7697a1e96d04db1ac7b0f4544915d2c
+ - in: query
+ name: roleName
+ schema:
+ type: string
+ required: false
+ description: Role name to filter the role assignments with
+ example: Engineer
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A role assignment object
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ anyOf:
+ - $ref: ../../beta/schemas/RoleAssignmentRef.yaml
+ - $ref: ../../beta/schemas/RoleAssignmentDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identities.yaml b/static/api-specs/idn/v2024/paths/identities.yaml
new file mode 100644
index 000000000..63e0f2bfc
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identities.yaml
@@ -0,0 +1,112 @@
+get:
+ operationId: listIdentities
+ tags:
+ - Identities
+ summary: List Identities
+ description: This API returns a list of identities.
+ security:
+ - UserContextAuth:
+ - idn:identity:read
+ - idn:identity:manage
+ parameters:
+ - in: query
+ name: filters
+ schema:
+ type: string
+ required: false
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in*
+
+
+ **name**: *eq, sw*
+
+
+ **alias**: *eq, sw*
+
+
+ **firstname**: *eq, sw*
+
+
+ **lastname**: *eq, sw*
+
+
+ **email**: *eq, sw*
+
+
+ **cloudStatus**: *eq*
+
+
+ **processingState**: *eq*
+
+
+ **correlated**: *eq*
+
+
+ **protected**: *eq*'
+ example: id eq "6c9079b270a266a60170a2779fcb0006" or correlated eq false
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ required: false
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, alias, cloudStatus**'
+ example: name,-cloudStatus
+ - in: query
+ name: defaultFilter
+ schema:
+ type: string
+ enum:
+ - CORRELATED_ONLY
+ - NONE
+ default: CORRELATED_ONLY
+ required: false
+ description: 'Adds additional filter to filters query parameter.
+
+
+ CORRELATED_ONLY adds correlated=true and returns only identities that are correlated.
+
+
+ NONE does not add any and returns all identities that satisfy filters query
+ parameter.'
+ example: NONE
+ - $ref: ../../v3/parameters/count.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of identities.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Identity.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity-accounts-id-disable.yaml b/static/api-specs/idn/v2024/paths/identity-accounts-id-disable.yaml
new file mode 100644
index 000000000..606a95526
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-accounts-id-disable.yaml
@@ -0,0 +1,43 @@
+post:
+ operationId: disableAccountForIdentity
+ tags:
+ - Accounts
+ summary: Disable IDN Account for Identity
+ description: This API submits a task to disable IDN account for a single identity.
+ externalDocs:
+ description: Learn more about disabling identities here
+ url: https://documentation.sailpoint.com/saas/help/common/users/user_access.html#disabling-user-identities
+ security:
+ - UserContextAuth:
+ - idn:accounts-state:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id.
+ example: 2c91808384203c2d018437e631158309
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity-accounts-id-enable.yaml b/static/api-specs/idn/v2024/paths/identity-accounts-id-enable.yaml
new file mode 100644
index 000000000..b5c7164f4
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-accounts-id-enable.yaml
@@ -0,0 +1,43 @@
+post:
+ operationId: enableAccountForIdentity
+ tags:
+ - Accounts
+ summary: Enable IDN Account for Identity
+ description: This API submits a task to enable IDN account for a single identity.
+ externalDocs:
+ description: Learn more about enabling identities here
+ url: https://documentation.sailpoint.com/saas/help/common/users/user_access.html#enabling-user-identities
+ security:
+ - UserContextAuth:
+ - idn:accounts-state:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The identity id.
+ example: 2c91808384203c2d018437e631158309
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity-attribute.yaml b/static/api-specs/idn/v2024/paths/identity-attribute.yaml
new file mode 100644
index 000000000..b21da093b
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-attribute.yaml
@@ -0,0 +1,137 @@
+get:
+ operationId: getIdentityAttribute
+ tags:
+ - Identity Attributes
+ summary: Get Identity Attribute
+ description: This gets an identity attribute for a given technical name.
+ security:
+ - UserContextAuth:
+ - idn:identity-profile-attribute:read
+ parameters:
+ - in: path
+ name: name
+ schema:
+ type: string
+ description: The attribute's technical name.
+ required: true
+ example: displayName
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The identity attribute with the given name
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttribute.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+put:
+ operationId: putIdentityAttribute
+ tags:
+ - Identity Attributes
+ summary: Update Identity Attribute
+ description: This updates an existing identity attribute. Making an attribute searchable
+ requires that the `system`, `standard`, and `multi` properties be set to false.
+ security:
+ - UserContextAuth:
+ - idn:identity-profile-attribute:create
+ parameters:
+ - in: path
+ name: name
+ schema:
+ type: string
+ description: The attribute's technical name.
+ required: true
+ example: displayName
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttribute.yaml
+ responses:
+ '200':
+ description: The identity attribute was updated successfully
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttribute.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteIdentityAttribute
+ tags:
+ - Identity Attributes
+ summary: Delete Identity Attribute
+ description: This deletes an identity attribute with the given name. The `system`
+ and `standard` properties must be set to false before you can delete an identity
+ attribute.
+ security:
+ - UserContextAuth:
+ - idn:identity-profile-attribute:delete
+ parameters:
+ - in: path
+ name: name
+ schema:
+ type: string
+ description: The attribute's technical name.
+ required: true
+ example: displayName
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity-attributes-bulk-delete.yaml b/static/api-specs/idn/v2024/paths/identity-attributes-bulk-delete.yaml
new file mode 100644
index 000000000..3454fa853
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-attributes-bulk-delete.yaml
@@ -0,0 +1,42 @@
+delete:
+ operationId: deleteIdentityAttributesInBulk
+ tags:
+ - Identity Attributes
+ summary: Bulk delete Identity Attributes
+ description: Use this API to bulk delete identity attributes for a given set of
+ names. Attributes that are currently mapped in an identity profile cannot be deleted. The
+ `system` and `standard` properties must be set to 'false' before you can delete
+ an identity attribute.
+ security:
+ - UserContextAuth:
+ - idn:identity-profile-attribute-bulk:delete
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttributeNames.yaml
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/identity-attributes.yaml b/static/api-specs/idn/v2024/paths/identity-attributes.yaml
new file mode 100644
index 000000000..6c3408686
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-attributes.yaml
@@ -0,0 +1,105 @@
+get:
+ operationId: listIdentityAttributes
+ tags:
+ - Identity Attributes
+ summary: List Identity Attributes
+ description: Use this API to get a collection of identity attributes.
+ security:
+ - UserContextAuth:
+ - idn:identity-profile-attribute-list:read
+ parameters:
+ - in: query
+ name: includeSystem
+ schema:
+ type: boolean
+ default: false
+ description: Include 'system' attributes in the response.
+ required: false
+ example: false
+ - in: query
+ name: includeSilent
+ schema:
+ type: boolean
+ default: false
+ description: Include 'silent' attributes in the response.
+ required: false
+ example: false
+ - in: query
+ name: searchableOnly
+ schema:
+ type: boolean
+ default: false
+ description: Include only 'searchable' attributes in the response.
+ required: false
+ example: false
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of identity attributes.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttribute.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+post:
+ operationId: createIdentityAttribute
+ tags:
+ - Identity Attributes
+ summary: Create Identity Attribute
+ description: Use this API to create a new identity attribute.
+ security:
+ - UserContextAuth:
+ - idn:identity-profile-attribute:create
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttribute.yaml
+ responses:
+ '201':
+ description: The identity attribute was created successfully.
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/identity-attributes/IdentityAttribute.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/identity-ownership.yaml b/static/api-specs/idn/v2024/paths/identity-ownership.yaml
new file mode 100644
index 000000000..d33e8753b
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-ownership.yaml
@@ -0,0 +1,57 @@
+get:
+ operationId: getIdentityOwnershipDetails
+ summary: Get ownership details
+ tags:
+ - Identities
+ description: "Use this API to return an identity's owned objects that will cause\
+ \ problems for deleting the identity. \nUse this API as a checklist of objects\
+ \ that you need to reassign to a different identity before you can delete the\
+ \ identity. \nFor a full list of objects owned by an identity, use the [Search\
+ \ API](https://developer.sailpoint.com/docs/api/v3/search-post/). When you search\
+ \ for identities, the returned identities have a property, `owns`, that contains\
+ \ a more comprehensive list of identity's owned objects."
+ security:
+ - UserContextAuth:
+ - idn:identity:read
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ required: true
+ description: Identity ID.
+ example: ff8081814d2a8036014d701f3fbf53fa
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Identity's ownership association details.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentityOwnershipAssociationDetails.yaml
+ example:
+ associationDetails:
+ associationType: ROLE_OWNER
+ entities:
+ - id: b660a232f05b4e04812ca974b3011e0f
+ name: Gaston.800ddf9640a
+ type: ROLE
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity-profiles-identity-preview.yaml b/static/api-specs/idn/v2024/paths/identity-profiles-identity-preview.yaml
new file mode 100644
index 000000000..27267a145
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-profiles-identity-preview.yaml
@@ -0,0 +1,48 @@
+post:
+ operationId: generateIdentityPreview
+ tags:
+ - Identity Profiles
+ summary: Generate Identity Profile Preview
+ description: 'This generates a non-persisted IdentityDetails object that will represent
+ as the preview of the identities attribute when the given policy''s attribute
+ config is applied.
+
+ A token with ORG_ADMIN authority is required to call this API to generate an identity
+ preview.'
+ requestBody:
+ description: Identity Preview request body.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentityPreviewRequest.yaml
+ responses:
+ '200':
+ description: Object representing the preview object with all of the identity
+ attributes using the current mappings.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentityPreviewResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:identity-profile:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/identity-reset.yaml b/static/api-specs/idn/v2024/paths/identity-reset.yaml
new file mode 100644
index 000000000..3ea0b6381
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-reset.yaml
@@ -0,0 +1,43 @@
+post:
+ operationId: resetIdentity
+ tags:
+ - Identities
+ summary: Reset an identity
+ description: Use this endpoint to reset a user's identity if they have forgotten
+ their authentication information like their answers to knowledge-based questions.
+ Resetting an identity de-registers the user and removes any elevated user levels
+ they have.
+ security:
+ - UserContextAuth:
+ - idn:identity:update
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ required: true
+ description: Identity Id
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ description: Accepted. The reset request accepted and is in progress.
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity-synchronize-attributes.yaml b/static/api-specs/idn/v2024/paths/identity-synchronize-attributes.yaml
new file mode 100644
index 000000000..1d88fdc54
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity-synchronize-attributes.yaml
@@ -0,0 +1,48 @@
+post:
+ operationId: synchronizeAttributesForIdentity
+ tags:
+ - Identities
+ summary: Attribute synchronization for single identity.
+ description: This end-point performs attribute synchronization for a selected identity.
+ The endpoint can be called once in 10 seconds per identity. A token with ORG_ADMIN
+ or API authority is required to call this API.
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ required: true
+ description: The Identity id
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ description: An Identity Sync job
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentitySyncJob.yaml
+ example:
+ id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3dfc
+ status: IN_PROGRESS
+ payload:
+ type: SYNCHRONIZE_IDENTITY_ATTRIBUTES
+ dataJson: '{"identityId":"2c918083746f642c01746f990884012a"}'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/identity.yaml b/static/api-specs/idn/v2024/paths/identity.yaml
new file mode 100644
index 000000000..ef4201a80
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/identity.yaml
@@ -0,0 +1,98 @@
+get:
+ operationId: getIdentity
+ tags:
+ - Identities
+ summary: Identity Details
+ description: This API returns a single identity using the Identity ID.
+ security:
+ - UserContextAuth:
+ - idn:identity:read
+ - idn:identity:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Identity Id
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: An identity object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Identity.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteIdentity
+ tags:
+ - Identities
+ summary: Delete identity
+ description: The API returns successful response if the requested identity was deleted.
+ security:
+ - UserContextAuth:
+ - idn:identity:delete
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Identity Id
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ description: Client Error - Returned if the request is invalid. It may indicate
+ that the specified identity is marked as protected and cannot be deleted.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/IdentityAssociationDetails.yaml
+ example:
+ message: Identity is the owner of following resources
+ associationDetails:
+ associationType: CAMPAIGN_OWNER
+ entities:
+ - id: b660a232f05b4e04812ca974b3011e0f
+ name: Gaston.800ddf9640a
+ type: CAMPAIGN_CAMPAIGNER
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/load-accounts.yaml b/static/api-specs/idn/v2024/paths/load-accounts.yaml
new file mode 100644
index 000000000..5b79777ef
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/load-accounts.yaml
@@ -0,0 +1,61 @@
+post:
+ tags:
+ - Sources
+ summary: Account Aggregation
+ operationId: importAccounts
+ description: "Starts an account aggregation on the specified source. \nIf the target\
+ \ source is a delimited file source, then the CSV file needs to be included in\
+ \ the request body.\nYou will also need to set the Content-Type header to `multipart/form-data`.\n\
+ A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required\
+ \ to call this API."
+ security:
+ - UserContextAuth:
+ - idn:sources:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Source Id
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ file:
+ type: string
+ format: binary
+ description: The CSV file containing the source accounts to aggregate.
+ disableOptimization:
+ type: string
+ example: 'true'
+ description: Use this flag to reprocess every account whether or not
+ the data has changed.
+ responses:
+ '202':
+ description: Aggregate Accounts Task
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/LoadAccountsTask.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/load-entitlements-by-sources.yaml b/static/api-specs/idn/v2024/paths/load-entitlements-by-sources.yaml
new file mode 100644
index 000000000..8acde3376
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/load-entitlements-by-sources.yaml
@@ -0,0 +1,65 @@
+post:
+ tags:
+ - Entitlements
+ summary: Aggregate Entitlements
+ deprecated: true
+ operationId: importEntitlementsBySource
+ description: 'Starts an entitlement aggregation on the specified source. Though
+ this endpoint has been deprecated, you can find its Beta equivalent [here](https://developer.sailpoint.com/docs/api/beta/import-entitlements).
+
+
+ If the target source is a direct connection, then the request body must be empty.
+ You will also need to make sure the Content-Type header is not set. If you set
+ the Content-Type header without specifying a body, then you will receive a 500
+ error.
+
+
+ If the target source is a delimited file source, then the CSV file needs to be
+ included in the request body. You will also need to set the Content-Type header
+ to `multipart/form-data`.'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Source Id
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ csvFile:
+ type: string
+ format: binary
+ description: The CSV file containing the source entitlements to aggregate.
+ responses:
+ '202':
+ description: Aggregate Entitlements Task
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/LoadEntitlementTask.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:entitlements:manage
diff --git a/static/api-specs/idn/v2024/paths/load-uncorrelated-accounts.yaml b/static/api-specs/idn/v2024/paths/load-uncorrelated-accounts.yaml
new file mode 100644
index 000000000..7136e4734
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/load-uncorrelated-accounts.yaml
@@ -0,0 +1,52 @@
+post:
+ tags:
+ - Sources
+ summary: Process Uncorrelated Accounts
+ operationId: importUncorrelatedAccounts
+ description: File is required for upload. You will also need to set the Content-Type
+ header to `multipart/form-data`
+ security:
+ - UserContextAuth:
+ - idn:sources:manage
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Source Id
+ example: 75dbec1ebe154d5785da27b95e1dd5d7
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ file:
+ type: string
+ format: binary
+ responses:
+ '202':
+ description: Uncorrelated Accounts Task
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/LoadUncorrelatedAccountsTask.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/mail-from-attribute.yaml b/static/api-specs/idn/v2024/paths/mail-from-attribute.yaml
new file mode 100644
index 000000000..ed187b112
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/mail-from-attribute.yaml
@@ -0,0 +1,43 @@
+get:
+ security:
+ - UserContextAuth:
+ - sp:notification-mail-from-attributes:read
+ operationId: getMailFromAttributes
+ tags:
+ - Notifications
+ summary: Get MAIL FROM Attributes
+ description: Retrieve MAIL FROM attributes for a given AWS SES identity.
+ parameters:
+ - in: query
+ name: id
+ required: true
+ schema:
+ type: string
+ description: Returns the MX and TXT record to be put in your DNS, as well as the
+ MAIL FROM domain status
+ example: bobsmith@sailpoint.com
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: MAIL FROM Attributes object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/MailFromAttributes.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/mail-from-attributes.yaml b/static/api-specs/idn/v2024/paths/mail-from-attributes.yaml
new file mode 100644
index 000000000..57b887ed8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/mail-from-attributes.yaml
@@ -0,0 +1,45 @@
+put:
+ security:
+ - UserContextAuth:
+ - sp:notification-mail-from-attributes:write
+ operationId: putMailFromAttributes
+ tags:
+ - Notifications
+ summary: Change MAIL FROM domain
+ description: Change the MAIL FROM domain of an AWS SES email identity and provide
+ the MX and TXT records to be placed in the caller's DNS
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/MailFromAttributesDto.yaml
+ example:
+ identity: BobSmith@sailpoint.com
+ mailFromDomain: example.sailpoint.com
+ responses:
+ '200':
+ description: MAIL FROM Attributes required to verify the change
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/MailFromAttributes.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/native-change-detection-config.yaml b/static/api-specs/idn/v2024/paths/native-change-detection-config.yaml
new file mode 100644
index 000000000..98bd1f879
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/native-change-detection-config.yaml
@@ -0,0 +1,142 @@
+get:
+ operationId: getNativeChangeDetectionConfig
+ tags:
+ - Sources
+ summary: Native Change Detection Configuration
+ security:
+ - UserContextAuth:
+ - idn:sources:read
+ description: 'This API returns the existing native change detection configuration
+ for a source specified by the given ID.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: The source id
+ example: 2c9180835d191a86015d28455b4a2329
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Native change detection configuration for a source
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/NativeChangeDetectionConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+put:
+ operationId: putNativeChangeDetectionConfig
+ tags:
+ - Sources
+ summary: Update Native Change Detection Configuration
+ security:
+ - UserContextAuth:
+ - idn:sources:update
+ description: "Replaces the native change detection configuration for the source\
+ \ specified by the given ID with the configuration provided in the request body.\n\
+ \ \nA token with ORG_ADMIN authority is required to call this API."
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: The source id
+ example: 2c9180835d191a86015d28455b4a2329
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/NativeChangeDetectionConfig.yaml
+ responses:
+ '200':
+ description: Updated native change detection configuration for a source
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/NativeChangeDetectionConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteNativeChangeDetectionConfig
+ tags:
+ - Sources
+ summary: Delete Native Change Detection Configuration
+ description: 'Deletes the native change detection configuration for the source specified
+ by the given ID.
+
+ A token with API, or ORG_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:sources:update
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: The source id
+ example: 2c9180835d191a86015d28455b4a2329
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/notification-preferences.yaml b/static/api-specs/idn/v2024/paths/notification-preferences.yaml
new file mode 100644
index 000000000..e88181a73
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/notification-preferences.yaml
@@ -0,0 +1,39 @@
+get:
+ operationId: listNotificationPreferences
+ tags:
+ - Notifications
+ summary: List Notification Preferences for tenant.
+ description: Returns a list of notification preferences for tenant.
+ security:
+ - UserContextAuth:
+ - idn:notification-preferences:read
+ responses:
+ '200':
+ description: Return preference for the given notification key.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/PreferencesDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/notification-template-context.yaml b/static/api-specs/idn/v2024/paths/notification-template-context.yaml
new file mode 100644
index 000000000..6c4437a81
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/notification-template-context.yaml
@@ -0,0 +1,39 @@
+get:
+ operationId: getNotificationsTemplateContext
+ tags:
+ - Notifications
+ summary: Get Notification Template Context
+ description: "The notification service maintains metadata to construct the notification\
+ \ templates or supply any information during the event propagation. The data-store\
+ \ where this information is retrieved is called \"Global Context\" (a.k.a. notification\
+ \ template context). It defines a set of attributes\n that will be available per\
+ \ tenant (organization)."
+ security:
+ - UserContextAuth:
+ - idn:notification-templates:read
+ responses:
+ '200':
+ description: Notification template context attributes for a specific tenant.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/NotificationTemplateContext.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/notification-template-defaults.yaml b/static/api-specs/idn/v2024/paths/notification-template-defaults.yaml
new file mode 100644
index 000000000..d21d482a7
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/notification-template-defaults.yaml
@@ -0,0 +1,59 @@
+get:
+ operationId: listNotificationTemplateDefaults
+ tags:
+ - Notifications
+ summary: List Notification Template Defaults
+ description: This lists the default templates used for notifications, such as emails
+ from IdentityNow.
+ security:
+ - UserContextAuth:
+ - idn:notification-template-defaults:read
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ example: key eq "cloud_manual_work_item_summary"
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **key**: *eq, in, sw*
+
+
+ **medium**: *eq, sw*
+
+
+ **locale**: *eq, sw*'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A list of the default template objects
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/TemplateDtoDefault.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/notification-template.yaml b/static/api-specs/idn/v2024/paths/notification-template.yaml
new file mode 100644
index 000000000..b1209d8d2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/notification-template.yaml
@@ -0,0 +1,43 @@
+get:
+ operationId: getNotificationTemplate
+ tags:
+ - Notifications
+ summary: Get Notification Template By Id
+ description: This gets a template that you have modified for your site by Id.
+ parameters:
+ - name: id
+ in: path
+ description: Id of the Notification Template
+ required: true
+ style: simple
+ explode: false
+ schema:
+ type: string
+ example: c17bea3a-574d-453c-9e04-4365fbf5af0b
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A template object for your site
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/TemplateDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/notification-templates-bulk-delete.yaml b/static/api-specs/idn/v2024/paths/notification-templates-bulk-delete.yaml
new file mode 100644
index 000000000..ad18e4844
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/notification-templates-bulk-delete.yaml
@@ -0,0 +1,40 @@
+post:
+ operationId: deleteNotificationTemplatesInBulk
+ tags:
+ - Notifications
+ summary: Bulk Delete Notification Templates
+ description: This lets you bulk delete templates that you previously created for
+ your site. Since this is a beta feature, please contact support to enable usage.
+ security:
+ - UserContextAuth:
+ - idn:notification-templates:delete
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/TemplateBulkDeleteDto.yaml
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/notification-templates.yaml b/static/api-specs/idn/v2024/paths/notification-templates.yaml
new file mode 100644
index 000000000..74a533200
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/notification-templates.yaml
@@ -0,0 +1,104 @@
+get:
+ operationId: listNotificationTemplates
+ tags:
+ - Notifications
+ summary: List Notification Templates
+ description: This lists the templates that you have modified for your site.
+ security:
+ - UserContextAuth:
+ - idn:notification-templates:read
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **key**: *eq, in, sw*
+
+
+ **medium**: *eq, sw*
+
+
+ **locale**: *eq, sw*'
+ example: medium eq "EMAIL"
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A list of template objects for your site
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/TemplateDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+post:
+ operationId: createNotificationTemplate
+ tags:
+ - Notifications
+ summary: Create Notification Template
+ description: "This creates a template for your site. \n\nYou can also use this endpoint\
+ \ to update a template. First, copy the response body from the [get notification\
+ \ template endpoint](https://developer.sailpoint.com/idn/api/beta/get-notification-template)\
+ \ for a template you wish to update and paste it into the request body for this\
+ \ endpoint. Modify the fields you want to change and submit the POST request\
+ \ when ready."
+ security:
+ - UserContextAuth:
+ - idn:notification-templates:create
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/TemplateDto.yaml
+ responses:
+ '200':
+ description: A template object for your site
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/TemplateDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/org-config-valid-time-zones.yaml b/static/api-specs/idn/v2024/paths/org-config-valid-time-zones.yaml
new file mode 100644
index 000000000..dbfb00b10
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/org-config-valid-time-zones.yaml
@@ -0,0 +1,47 @@
+get:
+ operationId: getValidTimeZones
+ tags:
+ - Org Config
+ summary: Get list of time zones
+ security:
+ - UserContextAuth:
+ - idn:org-configs:read
+ - idn:org-configs-user:read
+ description: Get a list of valid time zones that can be set in org configurations.
+ responses:
+ '200':
+ description: Request successful
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ type: string
+ example:
+ - Etc/GMT-6
+ - Etc/GMT+8
+ - EST
+ - America/Chicago
+ - America/Toronto
+ - Asia/Gaza
+ - Europe/Brussels
+ - Europe/Kiev
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/org-config.yaml b/static/api-specs/idn/v2024/paths/org-config.yaml
new file mode 100644
index 000000000..ef741a45e
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/org-config.yaml
@@ -0,0 +1,91 @@
+get:
+ operationId: getOrgConfig
+ tags:
+ - Org Config
+ summary: Get Org configuration settings
+ security:
+ - UserContextAuth:
+ - idn:org-configs:read
+ - idn:org-configs:manage
+ description: Get org configuration with only external (org admin) accessible properties
+ for the current org.
+ responses:
+ '200':
+ description: Request succeeded.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/OrgConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+patch:
+ operationId: patchOrgConfig
+ tags:
+ - Org Config
+ summary: Patch an Org configuration property
+ security:
+ - UserContextAuth:
+ - idn:org-configs:manage
+ description: Patch configuration of the current org using http://jsonpatch.com/
+ syntax. Commonly used for changing the time zone of an org.
+ requestBody:
+ description: A list of schema attribute update operations according to the [JSON
+ Patch](https://tools.ietf.org/html/rfc6902) standard.
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ example:
+ - op: replace
+ path: /timeZone
+ value: America/Toronto
+ required: true
+ responses:
+ '200':
+ description: The Org was successfully patched.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/OrgConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/outlier-feature-summaries.yaml b/static/api-specs/idn/v2024/paths/outlier-feature-summaries.yaml
new file mode 100644
index 000000000..c1bc27274
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outlier-feature-summaries.yaml
@@ -0,0 +1,56 @@
+get:
+ operationId: getOutlierContributingFeatureSummary
+ tags:
+ - IAI Outliers
+ summary: Get identity outlier contibuting feature summary
+ description: 'This API returns a summary of a contributing feature for an identity
+ outlier. The object contains: contributing feature name (translated text or message
+ key), identity outlier display name, feature values, feature definition and explanation
+ (translated text or message key), peer display name and identityId, access item
+ reference, translation messages object
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - in: path
+ name: outlierFeatureId
+ schema:
+ type: string
+ required: true
+ description: Contributing feature id
+ example: 04654b66-7561-4090-94f9-abee0722a1af
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns selected contributing feature summary for an
+ outlier
+ headers:
+ accept-language:
+ description: The locale to use for translations
+ schema:
+ type: string
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/OutlierFeatureSummary.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - iai:outliers-management:read
diff --git a/static/api-specs/idn/v2024/paths/outlier-summaries-latest.yaml b/static/api-specs/idn/v2024/paths/outlier-summaries-latest.yaml
new file mode 100644
index 000000000..42f69b5de
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outlier-summaries-latest.yaml
@@ -0,0 +1,50 @@
+get:
+ operationId: getLatestIdentityOutlierSnapshots
+ tags:
+ - IAI Outliers
+ summary: IAI Identity Outliers Latest Summary
+ description: 'This API returns a most recent snapshot of each outlier type, each
+ containing: the number of identities that customer has, the number of outliers,
+ and the type of outlier
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - name: type
+ in: query
+ description: Type of the identity outliers snapshot to filter on
+ required: false
+ schema:
+ type: string
+ enum:
+ - LOW_SIMILARITY
+ - STRUCTURAL
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns list of objects. Each object is a summary to
+ give high level statistics/counts of outliers
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/LatestOutlierSummary.yaml
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/outlier-summaries.yaml b/static/api-specs/idn/v2024/paths/outlier-summaries.yaml
new file mode 100644
index 000000000..ea80a4dbc
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outlier-summaries.yaml
@@ -0,0 +1,81 @@
+get:
+ operationId: getIdentityOutlierSnapshots
+ tags:
+ - IAI Outliers
+ summary: IAI Identity Outliers Summary
+ description: 'This API receives a summary containing: the number of identities that
+ customer has, the number of outliers, and the type of outlier
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - name: type
+ in: query
+ description: Type of the identity outliers snapshot to filter on
+ required: false
+ schema:
+ type: string
+ enum:
+ - LOW_SIMILARITY
+ - STRUCTURAL
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **snapshotDate**: *ge, le*'
+ example: snapshotDate ge "2022-02-07T20:13:29.356648026Z"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **snapshotDate**'
+ example: snapshotDate
+ required: false
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns list of objects. Each object is a summary to
+ give high level statistics/counts of outliers
+ headers:
+ X-Total-Count:
+ description: The total result count.
+ schema:
+ type: integer
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/OutlierSummary.yaml
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/outliers-contributing-feature-access-items.yaml b/static/api-specs/idn/v2024/paths/outliers-contributing-feature-access-items.yaml
new file mode 100644
index 000000000..c761c08bb
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outliers-contributing-feature-access-items.yaml
@@ -0,0 +1,89 @@
+get:
+ operationId: listOutliersContributingFeatureAccessItems
+ tags:
+ - IAI Outliers
+ summary: Gets a list of access items associated with each identity outlier contributing
+ feature
+ description: 'This API returns a list of the enriched access items associated with
+ each feature filtered by the access item type The object contains: accessItemId,
+ display name (translated text or message key), description (translated text or
+ message key), accessType, sourceName, extremelyRare
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: path
+ name: outlierId
+ schema:
+ type: string
+ required: true
+ description: The outlier id
+ example: 2c918085842e69ae018432d22ccb212f
+ - in: path
+ name: contributingFeatureName
+ schema:
+ type: string
+ enum:
+ - radical_entitlement_count
+ - entitlement_count
+ - max_jaccard_similarity
+ - mean_max_bundle_concurrency
+ - single_entitlement_bundle_count
+ - peerless_score
+ required: true
+ description: The name of contributing feature
+ example: entitlement_count
+ - in: query
+ name: accessType
+ required: false
+ schema:
+ type: string
+ description: The type of access item for the identity outlier contributing feature.
+ If not provided, it returns all
+ example: ENTITLEMENT
+ - in: query
+ name: sorters
+ required: false
+ schema:
+ type: string
+ format: comma-separated
+ example: displayName
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **displayName**'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The list of access items.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/OutliersContributingFeatureAccessItems.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - iai:outliers-management:read
diff --git a/static/api-specs/idn/v2024/paths/outliers-contributing-features.yaml b/static/api-specs/idn/v2024/paths/outliers-contributing-features.yaml
new file mode 100644
index 000000000..598d43022
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outliers-contributing-features.yaml
@@ -0,0 +1,82 @@
+get:
+ operationId: getPeerGroupOutliersContributingFeatures
+ tags:
+ - IAI Outliers
+ summary: Get identity outlier's contibuting features
+ description: 'This API returns a list of contributing feature objects for a single
+ outlier. The object contains: feature name, feature value type, value, importance,
+ display name (translated text or message key), description (translated text or
+ message key), translation messages object
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: include-translation-messages
+ in: query
+ description: Whether or not to include translation messages object in returned
+ response
+ required: false
+ schema:
+ type: string
+ example: include-translation-messages=
+ - in: path
+ example: 2c918085842e69ae018432d22ccb212f
+ name: outlierId
+ schema:
+ type: string
+ required: true
+ description: The outlier id
+ - in: query
+ name: sorters
+ required: false
+ schema:
+ type: string
+ format: comma-separated
+ example: importance
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **importance**'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns list of objects. Each object contains a feature
+ and metadata about that feature
+ headers:
+ X-Total-Count:
+ description: The total result count.
+ schema:
+ type: integer
+ accept-language:
+ description: The locale to use for translations for displayName and description
+ text
+ schema:
+ type: string
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/OutlierContributingFeature.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/outliers-export.yaml b/static/api-specs/idn/v2024/paths/outliers-export.yaml
new file mode 100644
index 000000000..7b9c9c1c7
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outliers-export.yaml
@@ -0,0 +1,48 @@
+get:
+ operationId: exportOutliersZip
+ tags:
+ - IAI Outliers
+ summary: IAI Identity Outliers Export
+ description: 'This API exports a list of ignored outliers to a CSV as well as list
+ of non-ignored outliers to a CSV. These two CSVs will be zipped and exported Columns
+ will include: identityID, type, firstDetectionDate, latestDetectionDate, ignored,
+ & attributes (defined set of identity attributes)
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - name: type
+ in: query
+ description: Type of the identity outliers snapshot to filter on
+ required: false
+ schema:
+ type: string
+ enum:
+ - LOW_SIMILARITY
+ - STRUCTURAL
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns zip of 2 CSVs to download. 1 CSV for ignored
+ outliers and 1 for non-ignored outliers
+ content:
+ application/zip:
+ schema:
+ type: string
+ format: binary
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/outliers-ignore.yaml b/static/api-specs/idn/v2024/paths/outliers-ignore.yaml
new file mode 100644
index 000000000..3071b642d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outliers-ignore.yaml
@@ -0,0 +1,43 @@
+post:
+ operationId: ignoreIdentityOutliers
+ tags:
+ - IAI Outliers
+ summary: IAI Identity Outliers Ignore
+ description: 'This API receives a list of IdentityIDs in the request, changes the
+ outliers to be ignored--returning a 204 if successful.
+
+ Requires authorization scope of ''iai:outliers-management:update'''
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ type: string
+ description: List of identity IDs to ignore from outlier listing
+ example:
+ - abc123def456
+ - ghi789jkl012
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/outliers-unignore.yaml b/static/api-specs/idn/v2024/paths/outliers-unignore.yaml
new file mode 100644
index 000000000..ca8b03925
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outliers-unignore.yaml
@@ -0,0 +1,43 @@
+post:
+ operationId: unIgnoreIdentityOutliers
+ tags:
+ - IAI Outliers
+ summary: IAI Identity Outliers Unignore
+ description: 'This API receives a list of IdentityIDs in the request, changes the
+ outliers to be un-ignored--returning a 204 if successful.
+
+ Requires authorization scope of ''iai:outliers-management:update'''
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ type: string
+ description: List of identity IDs to un-ignore from outlier listing
+ example:
+ - abc123def456
+ - ghi789jkl012
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/outliers.yaml b/static/api-specs/idn/v2024/paths/outliers.yaml
new file mode 100644
index 000000000..1be4bcf80
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/outliers.yaml
@@ -0,0 +1,96 @@
+get:
+ operationId: getIdentityOutliers
+ tags:
+ - IAI Outliers
+ summary: IAI Get Identity Outliers
+ description: 'This API receives a list of outliers, containing data such as: identityId,
+ outlier type, detection dates, identity attributes, if identity is ignore, and
+ certification information
+
+ Requires authorization scope of ''iai:outliers-management:read'''
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: type
+ in: query
+ description: Type of the identity outliers snapshot to filter on
+ required: false
+ schema:
+ type: string
+ enum:
+ - LOW_SIMILARITY
+ - STRUCTURAL
+ example: LOW_SIMILARITY
+ - in: query
+ name: filters
+ required: false
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **attributes**: *eq, sw, co, in*
+
+
+ **firstDetectionDate**: *ge, le*
+
+
+ **certStatus**: *eq*
+
+
+ **ignored**: *eq*
+
+
+ **score**: *ge, le*'
+ example: attributes.displayName sw "John" and certStatus eq "false"
+ - in: query
+ name: sorters
+ required: false
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **firstDetectionDate, attributes,
+ score**'
+ example: attributes.displayName,firstDetectionDate,-score
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns list of objects. Each object contains information
+ about outliers
+ headers:
+ X-Total-Count:
+ description: The total result count.
+ schema:
+ type: integer
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Outlier.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/password-reset-digit-token.yaml b/static/api-specs/idn/v2024/paths/password-reset-digit-token.yaml
new file mode 100644
index 000000000..50539e82e
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/password-reset-digit-token.yaml
@@ -0,0 +1,42 @@
+post:
+ operationId: generateDigitToken
+ tags:
+ - Password Management
+ summary: Generate a digit token
+ description: This API is used to generate a digit token for password management.
+ Requires authorization scope of "idn:password-digit-token:create".
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/PasswordDigitTokenReset.yaml
+ example:
+ userId: Abby.Smith
+ length: 8
+ durationMinutes: 5
+ responses:
+ '200':
+ description: The digit token for password management.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/PasswordDigitToken.yaml
+ example:
+ digitToken: 09087713
+ requestId: e1267ecd-fcd9-4c73-9c55-12555efad136
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/peer-group-strategies.yaml b/static/api-specs/idn/v2024/paths/peer-group-strategies.yaml
new file mode 100644
index 000000000..25bfea68c
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/peer-group-strategies.yaml
@@ -0,0 +1,51 @@
+get:
+ operationId: getPeerGroupOutliers
+ tags:
+ - IAI Peer Group Strategies
+ summary: Identity Outliers List
+ deprecated: true
+ description: '-- Deprecated : See ''IAI Outliers'' This API will be used by Identity
+ Governance systems to identify identities that are not included in an organization''s
+ peer groups. By default, 250 identities are returned. You can specify between
+ 1 and 1000 number of identities that can be returned.'
+ parameters:
+ - in: path
+ name: strategy
+ schema:
+ type: string
+ required: true
+ description: The strategy used to create peer groups. Currently, 'entitlement'
+ is supported.
+ example: entitlement
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of identities that are not included in peer groups.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/PeerGroupMember.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth: []
diff --git a/static/api-specs/idn/v2024/paths/reassignment-configuration-evaluate.yaml b/static/api-specs/idn/v2024/paths/reassignment-configuration-evaluate.yaml
new file mode 100644
index 000000000..8952f75ab
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/reassignment-configuration-evaluate.yaml
@@ -0,0 +1,77 @@
+get:
+ operationId: getEvaluateReassignmentConfiguration
+ tags:
+ - Work Reassignment
+ summary: Evaluate Reassignment Configuration
+ description: Evaluates the Reassignment Configuration for an `Identity` to determine
+ if work items for the specified type should be reassigned. If a valid Reassignment
+ Configuration is found for the identity & work type, then a lookup is initiated
+ which recursively fetches the Reassignment Configuration for the next `TargetIdentity`
+ until no more results are found or a max depth of 5. That lookup trail is provided
+ in the response and the final reassigned identity in the lookup list is returned
+ as the `reassignToId` property. If no Reassignment Configuration is found for
+ the specified identity & config type then the requested Identity ID will be used
+ as the `reassignToId` value and the lookupTrail node will be empty.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:evaluate
+ parameters:
+ - in: path
+ name: identityId
+ required: true
+ schema:
+ type: string
+ description: unique identity id
+ example: 2c91808781a71ddb0181b9090b5c504e
+ - in: path
+ name: configType
+ required: true
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/ConfigTypeEnum.yaml
+ description: Reassignment work type
+ example: accessRequests
+ - in: query
+ name: exclusionFilters
+ required: false
+ schema:
+ type: array
+ items:
+ type: string
+ description: 'Exclusion filters that disable parts of the reassignment evaluation.
+ Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude
+ delegations of self-review reassignments'
+ example: SELF_REVIEW_DELEGATION
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Evaluated Reassignment Configuration
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/work-reassignment/EvaluateResponse.yaml
+ examples:
+ empty:
+ $ref: ../../beta/schemas/work-reassignment/examples/evaluateEmpty.yaml
+ longTrail:
+ $ref: ../../beta/schemas/work-reassignment/examples/evaluateLong.yaml
+ selfReview:
+ $ref: ../../beta/schemas/work-reassignment/examples/evaluateSelfReview.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/reassignment-configuration-types.yaml b/static/api-specs/idn/v2024/paths/reassignment-configuration-types.yaml
new file mode 100644
index 000000000..22cc804c2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/reassignment-configuration-types.yaml
@@ -0,0 +1,38 @@
+get:
+ operationId: getReassignmentConfigTypes
+ tags:
+ - Work Reassignment
+ summary: List Reassignment Config Types
+ description: Gets a collection of types which are available in the Reassignment
+ Configuration UI.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:read
+ responses:
+ '200':
+ description: List of Reassignment Configuration Types
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/work-reassignment/ConfigType.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/reassignment-configuration.yaml b/static/api-specs/idn/v2024/paths/reassignment-configuration.yaml
new file mode 100644
index 000000000..500d63b09
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/reassignment-configuration.yaml
@@ -0,0 +1,131 @@
+get:
+ operationId: getReassignmentConfiguration
+ tags:
+ - Work Reassignment
+ summary: Get Reassignment Configuration
+ description: Gets the Reassignment Configuration for an identity.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:read
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ description: unique identity id
+ required: true
+ example: 2c91808781a71ddb0181b9090b5c504f
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Reassignment Configuration for an identity
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/ConfigurationResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+put:
+ operationId: putReassignmentConfig
+ tags:
+ - Work Reassignment
+ summary: Update Reassignment Configuration
+ description: Replaces existing Reassignment configuration for an identity with the
+ newly provided configuration.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:update
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ description: unique identity id
+ required: true
+ example: 2c91808781a71ddb0181b9090b5c504e
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/ConfigurationItemRequest.yaml
+ responses:
+ '200':
+ description: Reassignment Configuration updated
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/ConfigurationItemResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteReassignmentConfiguration
+ tags:
+ - Work Reassignment
+ summary: Delete Reassignment Configuration
+ description: Deletes all Reassignment Configuration for the specified identity
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:delete
+ parameters:
+ - in: path
+ name: identityId
+ schema:
+ type: string
+ description: unique identity id
+ required: true
+ example: 2c91808781a71ddb0181b9090b5c504e
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ description: Reassignment Configuration deleted
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/reassignment-configurations.yaml b/static/api-specs/idn/v2024/paths/reassignment-configurations.yaml
new file mode 100644
index 000000000..d72089794
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/reassignment-configurations.yaml
@@ -0,0 +1,80 @@
+get:
+ operationId: listReassignmentConfigurations
+ tags:
+ - Work Reassignment
+ summary: List Reassignment Configurations
+ description: Gets all Reassignment configuration for the current org.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:read
+ responses:
+ '200':
+ description: A list of Reassignment Configurations for an org
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/work-reassignment/ConfigurationResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+post:
+ operationId: createReassignmentConfiguration
+ tags:
+ - Work Reassignment
+ summary: Create a Reassignment Configuration
+ description: Creates a new Reassignment Configuration for the specified identity.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-configuration:create
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/ConfigurationItemRequest.yaml
+ responses:
+ '201':
+ description: The newly created Reassignment Configuration object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/ConfigurationItemResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/recommendations-config.yaml b/static/api-specs/idn/v2024/paths/recommendations-config.yaml
new file mode 100644
index 000000000..82dba5d0d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/recommendations-config.yaml
@@ -0,0 +1,70 @@
+get:
+ operationId: getRecommendationsConfig
+ summary: Get certification recommendation config values
+ tags:
+ - IAI Recommendations
+ description: Retrieves configuration attributes used by certification recommendations.
+ responses:
+ '200':
+ description: Cert recommendation configuration attributes
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RecommendationConfigDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth: []
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+put:
+ operationId: updateRecommendationsConfig
+ summary: Update certification recommendation config values
+ tags:
+ - IAI Recommendations
+ description: Updates configuration attributes used by certification recommendations.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RecommendationConfigDto.yaml
+ responses:
+ '200':
+ description: Cert recommendation configuration attributes after update
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RecommendationConfigDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth: []
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/recommendations-request.yaml b/static/api-specs/idn/v2024/paths/recommendations-request.yaml
new file mode 100644
index 000000000..11d6d576f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/recommendations-request.yaml
@@ -0,0 +1,42 @@
+post:
+ operationId: getRecommendations
+ summary: Returns a Recommendation Based on Object
+ tags:
+ - IAI Recommendations
+ description: The getRecommendations API returns recommendations based on the requested
+ object. The recommendations are invoked by IdentityIQ and IdentityNow plug-ins
+ that retrieve recommendations based on the performed calculations.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RecommendationRequestDto.yaml
+ responses:
+ '200':
+ description: The recommendations for a customer
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RecommendationResponseDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth: []
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/remove-account.yaml b/static/api-specs/idn/v2024/paths/remove-account.yaml
new file mode 100644
index 000000000..f081698c3
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/remove-account.yaml
@@ -0,0 +1,61 @@
+post:
+ operationId: deleteAccountAsync
+ summary: Remove Account
+ tags:
+ - Accounts
+ description: 'Use this endpoint to remove accounts from the system without provisioning
+ changes to the source. Accounts that are removed could be re-created during the
+ next aggregation.
+
+
+ This endpoint is good for:
+
+ * Removing accounts that no longer exist on the source.
+
+ * Removing accounts that won''t be aggregated following updates to the source
+ configuration.
+
+ * Forcing accounts to be re-created following the next aggregation to re-run account
+ processing, support testing, etc.
+
+ '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The account id
+ example: c350d6aa4f104c61b062cb632421ad10
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ description: Accepted. Returns task result details of removal request.
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/TaskResultDto.yaml
+ example:
+ type: TASK_RESULT
+ id: 464ae7bf791e49fdb74606a2e4a89635
+ name: null
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:account:remove
diff --git a/static/api-specs/idn/v2024/paths/remove-accounts.yaml b/static/api-specs/idn/v2024/paths/remove-accounts.yaml
new file mode 100644
index 000000000..331ddf098
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/remove-accounts.yaml
@@ -0,0 +1,61 @@
+post:
+ operationId: deleteAccountsAsync
+ summary: Remove All Accounts in a Source
+ tags:
+ - Sources
+ description: 'Use this endpoint to remove all accounts from the system without provisioning
+ changes to the source. Accounts that are removed could be re-created during the
+ next aggregation.
+
+
+ This endpoint is good for:
+
+ * Removing accounts that no longer exist on the source.
+
+ * Removing accounts that won''t be aggregated following updates to the source
+ configuration.
+
+ * Forcing accounts to be re-created following the next aggregation to re-run account
+ processing, support testing, etc.
+
+ '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The source id
+ example: ebbf35756e1140699ce52b233121384a
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ description: Accepted. Returns task result details of removal request.
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/TaskResultDto.yaml
+ example:
+ type: TASK_RESULT
+ id: 464ae7bf791e49fdb74606a2e4a89635
+ name: null
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:account:remove
diff --git a/static/api-specs/idn/v2024/paths/reset-entitlements.yaml b/static/api-specs/idn/v2024/paths/reset-entitlements.yaml
new file mode 100644
index 000000000..71cb45948
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/reset-entitlements.yaml
@@ -0,0 +1,42 @@
+post:
+ operationId: resetSourceEntitlements
+ tags:
+ - Entitlements
+ summary: Reset Source Entitlements
+ description: Removes all entitlements on a specific source.
+ parameters:
+ - name: id
+ in: path
+ description: ID of source for the entitlement reset
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ description: Entitlement source reset task result
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/EntitlementSourceResetBaseReferenceDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:entitlement:update
diff --git a/static/api-specs/idn/v2024/paths/role-entitlements.yaml b/static/api-specs/idn/v2024/paths/role-entitlements.yaml
new file mode 100644
index 000000000..f478344c1
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-entitlements.yaml
@@ -0,0 +1,102 @@
+get:
+ operationId: getRoleEntitlements
+ tags:
+ - Roles
+ summary: List role's Entitlements
+ description: 'This API lists the Entitlements associated with a given role.
+
+
+ A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required
+ to call this API.'
+ parameters:
+ - name: id
+ in: path
+ description: ID of the containing role
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in*
+
+
+ **name**: *eq, sw*
+
+
+ **attribute**: *eq, sw*
+
+
+ **value**: *eq, sw*
+
+
+ **created**: *gt, lt, ge, le*
+
+
+ **modified**: *gt, lt, ge, le*
+
+
+ **owner.id**: *eq, in*
+
+
+ **source.id**: *eq, in*'
+ example: attribute eq "memberOf"
+ required: false
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, attribute, value, created,
+ modified**'
+ example: name,-modified
+ required: false
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of Entitlements
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Entitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:role-unchecked:read
+ - idn:role-unchecked:manage
+ - idn:role-checked:manage
+ - idn:role-checked:read
diff --git a/static/api-specs/idn/v2024/paths/role-insight.yaml b/static/api-specs/idn/v2024/paths/role-insight.yaml
new file mode 100644
index 000000000..ea7f8dd60
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insight.yaml
@@ -0,0 +1,37 @@
+get:
+ operationId: getRoleInsight
+ summary: Get a single role insight
+ tags:
+ - Role Insights
+ description: This endpoint gets role insights information for a role.
+ parameters:
+ - in: path
+ name: insightId
+ schema:
+ type: string
+ required: true
+ description: The role insight id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns information about insights for a single role.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleInsight.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-insights-current-entitlements.yaml b/static/api-specs/idn/v2024/paths/role-insights-current-entitlements.yaml
new file mode 100644
index 000000000..80b8c8f30
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-current-entitlements.yaml
@@ -0,0 +1,60 @@
+get:
+ operationId: getRoleInsightsCurrentEntitlements
+ summary: Get current entitlement for a role
+ tags:
+ - Role Insights
+ description: This endpoint gets the entitlements for a role. The term "current"
+ is to distinguish from the entitlement(s) an insight might recommend adding.
+ parameters:
+ - in: path
+ name: insightId
+ schema:
+ type: string
+ required: true
+ description: The role insight id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *sw*
+
+
+ **description**: *sw*'
+ example: name sw "r"
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of current or pre-existing entitlements
+ for a role.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleInsightsEntitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes-download.yaml b/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes-download.yaml
new file mode 100644
index 000000000..450b2ac21
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes-download.yaml
@@ -0,0 +1,73 @@
+get:
+ operationId: downloadRoleInsightsEntitlementsChanges
+ summary: Download entitlement insights for a role
+ tags:
+ - Role Insights
+ description: This endpoint returns the entitlement insights for a role.
+ parameters:
+ - in: path
+ name: insightId
+ schema:
+ type: string
+ required: true
+ description: The role insight id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: sorters
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **identitiesWithAccess**
+
+
+ The default sort is **identitiesWithAccess** in descending order.'
+ required: false
+ example: identitiesWithAccess
+ style: form
+ explode: true
+ schema:
+ type: string
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *sw*
+
+
+ **description**: *sw*'
+ example: name sw "r"
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a csv file containing a list of entitlements
+ to be added for a role.
+ content:
+ text/csv:
+ schema:
+ type: string
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes-identities.yaml b/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes-identities.yaml
new file mode 100644
index 000000000..b50261f50
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes-identities.yaml
@@ -0,0 +1,90 @@
+get:
+ operationId: getEntitlementChangesIdentities
+ summary: Get identities for a suggested entitlement (for a role)
+ tags:
+ - Role Insights
+ description: Role insights suggests entitlements to be added for a role. This endpoint
+ returns a list of identities in the role, with or without the entitlements, for
+ a suggested entitlement so that the user can see which identities would be affected
+ if the suggested entitlement were to be added to the role.
+ parameters:
+ - in: path
+ name: insightId
+ schema:
+ type: string
+ required: true
+ description: The role insight id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: entitlementId
+ schema:
+ type: string
+ required: true
+ description: The entitlement id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: hasEntitlement
+ description: Identity has this entitlement or not
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: boolean
+ default: false
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: sorters
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name**'
+ example: name
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *sw*'
+ example: name sw "Jan"
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of identities with or without the entitlement.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleInsightsIdentities.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes.yaml b/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes.yaml
new file mode 100644
index 000000000..d4778c97e
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-entitlement-changes.yaml
@@ -0,0 +1,70 @@
+get:
+ operationId: getRoleInsightsEntitlementsChanges
+ summary: Get entitlement insights for a role
+ tags:
+ - Role Insights
+ description: This endpoint returns entitlement insights for a role.
+ parameters:
+ - in: path
+ name: insightId
+ schema:
+ type: string
+ required: true
+ description: The role insight id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: sorters
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **identitiesWithAccess, name**'
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *sw*
+
+
+ **description**: *sw*'
+ required: false
+ style: form
+ example: name sw "Admin"
+ explode: true
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of entitlements to be added for a role.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleInsightsEntitlementChanges.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-insights-request.yaml b/static/api-specs/idn/v2024/paths/role-insights-request.yaml
new file mode 100644
index 000000000..e641f1637
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-request.yaml
@@ -0,0 +1,40 @@
+get:
+ operationId: getRoleInsightsRequests
+ summary: Returns metadata from prior request.
+ deprecated: true
+ tags:
+ - Role Insights
+ description: 'This endpoint returns details of a prior role insights request. '
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The role insights request id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns details of an earlier role insights request.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleInsightsResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-insights-requests.yaml b/static/api-specs/idn/v2024/paths/role-insights-requests.yaml
new file mode 100644
index 000000000..6034178a1
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-requests.yaml
@@ -0,0 +1,35 @@
+post:
+ operationId: createRoleInsightRequests
+ summary: Generate insights for roles
+ deprecated: true
+ tags:
+ - Role Insights
+ description: Submits a create role insights request to the role insights application.
+ At this time there are no parameters. All business roles will be processed for
+ the customer.
+ responses:
+ '201':
+ description: Submitted a role insights generation request
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleInsightsResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/role-insights-summary.yaml b/static/api-specs/idn/v2024/paths/role-insights-summary.yaml
new file mode 100644
index 000000000..b73dd5073
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights-summary.yaml
@@ -0,0 +1,31 @@
+get:
+ operationId: getRoleInsightsSummary
+ summary: Get role insights summary information
+ tags:
+ - Role Insights
+ description: This method returns high level summary information for role insights
+ for a customer.
+ responses:
+ '200':
+ description: Succeeded. Returns high level counts.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleInsightsSummary.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/role-insights.yaml b/static/api-specs/idn/v2024/paths/role-insights.yaml
new file mode 100644
index 000000000..af147918f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-insights.yaml
@@ -0,0 +1,72 @@
+get:
+ operationId: getRoleInsights
+ summary: Get role insights
+ tags:
+ - Role Insights
+ description: This method returns detailed role insights for each role.
+ parameters:
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: sorters
+ in: query
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess,
+ totalNumberOfIdentities**'
+ example: numberOfUpdates
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - name: filters
+ in: query
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *sw*
+
+
+ **ownerName**: *sw*
+
+
+ **description**: *sw*'
+ required: false
+ style: form
+ explode: true
+ example: name sw "John"
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of roles with information about insights
+ for each role.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleInsight.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-edit-entitlements.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-edit-entitlements.yaml
new file mode 100644
index 000000000..6f0abb4a1
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-edit-entitlements.yaml
@@ -0,0 +1,53 @@
+post:
+ operationId: updateEntitlementsPotentialRole
+ summary: Edit entitlements for a potential role to exclude some entitlements
+ tags:
+ - IAI Role Mining
+ description: This endpoint adds or removes entitlements from an exclusion list for
+ a potential role.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: Role mining session parameters
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleEditEntitlements.yaml
+ responses:
+ '201':
+ description: Adds or removes entitlements from a potential role's entitlement
+ exclusion list.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRole.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-entitlement-popularities.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-entitlement-popularities.yaml
new file mode 100644
index 000000000..09e657784
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-entitlement-popularities.yaml
@@ -0,0 +1,101 @@
+get:
+ operationId: getEntitlementsPotentialRole
+ summary: Retrieves entitlements for a potential role in a role mining session
+ tags:
+ - IAI Role Mining
+ description: This method returns entitlements for a potential role in a role mining
+ session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: includeCommonAccess
+ description: Boolean determining whether common access entitlements will be included
+ or not
+ example: true
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: boolean
+ default: true
+ - in: query
+ name: sorters
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **popularity, entitlementName,
+ applicationName**
+
+
+ The default sort is **popularity** in descending order. '
+ example: popularity
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **applicationName**: *sw*
+
+
+ **entitlementRef.name**: *sw*'
+ example: applicationName sw "AD"
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of entitlements for a potential role.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningEntitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth: []
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-entitlement-popularity-distribution.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-entitlement-popularity-distribution.yaml
new file mode 100644
index 000000000..750ed33c2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-entitlement-popularity-distribution.yaml
@@ -0,0 +1,58 @@
+get:
+ operationId: getEntitlementDistributionPotentialRole
+ summary: Retrieves entitlement popularity distribution for a potential role in a
+ role mining session
+ tags:
+ - IAI Role Mining
+ description: This method returns entitlement popularity distribution for a potential
+ role in a role mining session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: includeCommonAccess
+ description: Boolean determining whether common access entitlements will be included
+ or not
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: boolean
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a map containing entitlement popularity distribution
+ for a potential role.
+ content:
+ application/json:
+ schema:
+ type: object
+ additionalProperties:
+ type: integer
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-excluded-entitlements.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-excluded-entitlements.yaml
new file mode 100644
index 000000000..2338a10f4
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-excluded-entitlements.yaml
@@ -0,0 +1,83 @@
+get:
+ operationId: getExcludedEntitlementsPotentialRole
+ summary: Retrieves excluded entitlements for a potential role in a role mining session
+ tags:
+ - IAI Role Mining
+ description: This method returns excluded entitlements for a potential role in a
+ role mining session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: sorters
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **popularity**'
+ example: populariity
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **applicationName**: *sw*
+
+
+ **entitlementRef.name**: *sw*'
+ example: applicationName sw "AD"
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of excluded entitlements for a potential
+ roles.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningEntitlement.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-identities.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-identities.yaml
new file mode 100644
index 000000000..e6d70ef7d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-identities.yaml
@@ -0,0 +1,78 @@
+get:
+ operationId: getIdentitiesPotentialRole
+ summary: Retrieves identities for a potential role in a role mining session
+ tags:
+ - IAI Role Mining
+ description: This method returns identities for a potential role in a role mining
+ session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: sorters
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name**'
+ required: false
+ style: form
+ explode: true
+ example: name
+ schema:
+ type: string
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **name**: *sw*'
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of identities for a potential role.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningIdentity.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-provision.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-provision.yaml
new file mode 100644
index 000000000..3d139cd97
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-provision.yaml
@@ -0,0 +1,75 @@
+post:
+ operationId: createPotentialRoleProvisionRequest
+ summary: Create request to provision a potential role into an actual role.
+ tags:
+ - IAI Role Mining
+ description: This method starts a job to provision a potential role
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: min-entitlement-popularity
+ description: Minimum popularity required for an entitlement to be included in
+ the provisioned role.
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: integer
+ default: 0
+ minimum: 0
+ maximum: 100
+ - in: query
+ name: include-common-access
+ description: Boolean determining whether common access entitlements will be included
+ in the provisioned role.
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: boolean
+ default: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: Required information to create a new role
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleProvisionRequest.yaml
+ responses:
+ '202':
+ description: Accepted. Returns a potential role summary including the status
+ of the provison request
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleSummary.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-source-identity-usage.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-source-identity-usage.yaml
new file mode 100644
index 000000000..bf853c073
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-source-identity-usage.yaml
@@ -0,0 +1,67 @@
+get:
+ operationId: getPotentialRoleSourceIdentityUsage
+ summary: Retrieves potential role source usage
+ tags:
+ - IAI Role Mining
+ description: This method returns source usageCount (as number of days in the last
+ 90 days) for each identity in a potential role.
+ security:
+ - UserContextAuth: []
+ parameters:
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id
+ example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923
+ - in: path
+ name: sourceId
+ schema:
+ type: string
+ required: true
+ description: A source id
+ example: 2c9180877620c1460176267f336a106f
+ - in: query
+ name: sorters
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/)
+ Sorting is supported for the following fields: **displayName, email, usageCount**'
+ example: -usageCount
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of source usage for the identities in
+ a potential role.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleSourceUsage.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role-summaries.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role-summaries.yaml
new file mode 100644
index 000000000..eff5a8617
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role-summaries.yaml
@@ -0,0 +1,108 @@
+get:
+ operationId: getAllPotentialRoleSummaries
+ summary: Retrieves all potential role summaries
+ tags:
+ - IAI Role Mining
+ description: Returns all potential role summaries that match the query parameters
+ security:
+ - UserContextAuth: []
+ parameters:
+ - in: query
+ name: sorters
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **createdDate, identityCount,
+ entitlementCount, freshness, quality**'
+ example: createdDate
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **createdById**: *eq, sw, co*
+
+
+ **createdByName**: *eq, sw, co*
+
+
+ **description**: *sw, co*
+
+
+ **endDate**: *le, lt*
+
+
+ **freshness**: *eq, ge, gt, le, lt*
+
+
+ **name**: *eq, sw, co, ge, gt, le, lt*
+
+
+ **quality**: *eq, ge, gt, le, lt*
+
+
+ **startDate**: *ge, gt*
+
+
+ **saved**: *eq*
+
+
+ **type**: *eq, ge, gt, le, lt*
+
+
+ **scopingMethod**: *eq*
+
+
+ **sessionState**: *eq*
+
+
+ **identityAttribute**: *co*'
+ example: (createdByName co "int") and (createdById sw "2c9180907") and (type eq
+ "COMMON") and ((name co "entt") or (saved eq true))
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns all potential role summaries that match the
+ query parameters.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleSummary.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-role.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-role.yaml
new file mode 100644
index 000000000..e5937d45c
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-role.yaml
@@ -0,0 +1,146 @@
+get:
+ operationId: getRoleMiningPotentialRole
+ summary: Retrieves a specific potential role
+ tags:
+ - IAI Role Mining
+ description: This method returns a specific potential role.
+ security:
+ - UserContextAuth: []
+ parameters:
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of potential roles for a role mining
+ session.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRole.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+patch:
+ operationId: patchPotentialRole
+ summary: Update a potential role
+ tags:
+ - IAI Role Mining
+ description: 'The method updates an existing potential role using.
+
+
+ The following fields can be modified:
+
+
+ * `description`
+
+
+ * `name`
+
+
+ * `saved`
+
+
+
+ >**NOTE: All other fields cannot be modified.**
+
+ '
+ security:
+ - UserContextAuth: []
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: The potential role summary id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ allOf:
+ - $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ properties:
+ op:
+ type: string
+ description: The operation to be performed
+ enum:
+ - remove
+ - replace
+ example: replace
+ example:
+ - op: remove
+ path: /description
+ - op: replace
+ path: /description
+ value: Acct I - Potential Role
+ - op: remove
+ path: /saved
+ - op: replace
+ path: /saved
+ value: 'false'
+ - op: remove
+ path: /name
+ - op: replace
+ path: /name
+ value: Potential Role Accounting
+ responses:
+ '200':
+ description: Succeeded. Returns the potential role summary based on the potentialRoleId
+ provided.
+ content:
+ application/json:
+ schema:
+ type: object
+ items:
+ $ref: ../../beta/schemas/RoleMiningPotentialRole.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-potential-roles-draft.yaml b/static/api-specs/idn/v2024/paths/role-mining-potential-roles-draft.yaml
new file mode 100644
index 000000000..0608f9136
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-potential-roles-draft.yaml
@@ -0,0 +1,51 @@
+get:
+ operationId: getSavedPotentialRoles
+ summary: Retrieves all saved potential roles
+ tags:
+ - IAI Role Mining
+ description: This method returns all saved potential roles (draft roles).
+ security:
+ - UserContextAuth: []
+ parameters:
+ - in: query
+ name: sorters
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/)
+ Sorting is supported for the following fields: **modified**'
+ example: modified
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of draft roles for a role mining session.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningSessionDraftRoleDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-applications.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-applications.yaml
new file mode 100644
index 000000000..644d3d037
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-applications.yaml
@@ -0,0 +1,51 @@
+get:
+ operationId: getPotentialRoleApplications
+ summary: Retrieves the applications of a potential role for a role mining session
+ tags:
+ - IAI Role Mining
+ description: This method returns the applications of a potential role for a role
+ mining session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of potential roles for a role mining
+ session.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleApplication.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-async.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-async.yaml
new file mode 100644
index 000000000..76ab29c35
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-async.yaml
@@ -0,0 +1,53 @@
+post:
+ operationId: exportRoleMiningPotentialRoleAsync
+ summary: Asynchronously export details for a potential role in a role mining session
+ and upload to S3
+ tags:
+ - IAI Role Mining
+ description: This endpoint uploads all the information for a potential role in a
+ role mining session to S3 as a downloadable zip archive. Includes identities
+ and entitlements in the potential role.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 278359a6-04b7-4669-9468-924cf580964a
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleExportRequest.yaml
+ responses:
+ '202':
+ description: Job Submitted. Returns a reportId that can be used to download
+ the zip once complete
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleExportResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-download.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-download.yaml
new file mode 100644
index 000000000..0779a49d2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-download.yaml
@@ -0,0 +1,57 @@
+get:
+ operationId: downloadRoleMiningPotentialRoleZip
+ summary: Export (download) details for a potential role in a role mining session
+ tags:
+ - IAI Role Mining
+ description: This endpoint downloads a completed export of information for a potential
+ role in a role mining session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ format: uuid
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ format: uuid
+ required: true
+ description: A potential role id in a role mining session
+ example: 278359a6-04b7-4669-9468-924cf580964a
+ - in: path
+ name: exportId
+ schema:
+ type: string
+ format: uuid
+ required: true
+ description: The id of a previously run export job for this potential role
+ example: 4940ffd4-836f-48a3-b2b0-6d498c3fdf40
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a zip file containing csv files for identities
+ and entitlements for the potential role.
+ content:
+ application/zip:
+ schema:
+ type: string
+ format: binary
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-status.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-status.yaml
new file mode 100644
index 000000000..83b47f9b6
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export-status.yaml
@@ -0,0 +1,55 @@
+get:
+ operationId: exportRoleMiningPotentialRoleStatus
+ summary: Retrieve status of a potential role export job
+ tags:
+ - IAI Role Mining
+ description: This endpoint retrieves information about the current status of a potential
+ role export.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ format: uuid
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ format: uuid
+ required: true
+ description: A potential role id in a role mining session
+ example: 278359a6-04b7-4669-9468-924cf580964a
+ - in: path
+ name: exportId
+ schema:
+ type: string
+ format: uuid
+ required: true
+ description: The id of a previously run export job for this potential role
+ example: 4940ffd4-836f-48a3-b2b0-6d498c3fdf40
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Success. Returns the current status of this export
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleExportResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export.yaml
new file mode 100644
index 000000000..717bf8527
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-export.yaml
@@ -0,0 +1,47 @@
+get:
+ operationId: exportRoleMiningPotentialRole
+ summary: Export (download) details for a potential role in a role mining session
+ tags:
+ - IAI Role Mining
+ description: This endpoint downloads all the information for a potential role in
+ a role mining session. Includes identities and entitlements in the potential role.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a zip file containing csv files for identities
+ and entitlements for the potential role.
+ content:
+ application/zip:
+ schema:
+ type: string
+ format: binary
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-summaries.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-summaries.yaml
new file mode 100644
index 000000000..3a38d9afc
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-summaries.yaml
@@ -0,0 +1,104 @@
+get:
+ operationId: getPotentialRoleSummaries
+ summary: Retrieves all potential role summaries
+ tags:
+ - IAI Role Mining
+ description: This method returns the potential role summaries for a role mining
+ session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: query
+ name: sorters
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **createdDate**'
+ example: createdDate
+ - in: query
+ name: filters
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **createdById**: *eq, sw, co*
+
+
+ **createdByName**: *eq, sw, co*
+
+
+ **description**: *sw, co*
+
+
+ **endDate**: *le, lt*
+
+
+ **freshness**: *eq, ge, gt, le, lt*
+
+
+ **name**: *eq, sw, co*
+
+
+ **quality**: *eq, ge, gt, le, lt*
+
+
+ **startDate**: *ge, gt*
+
+
+ **saved**: *eq*
+
+
+ **type**: *eq*'
+ example: (createdByName co "int")and (createdById sw "2c9180907")and (type eq
+ "COMMON")and ((name co "entt")or (saved eq true))
+ required: false
+ style: form
+ explode: true
+ schema:
+ type: string
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of potential role summaries for a role
+ mining session.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningPotentialRoleSummary.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-summary.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-summary.yaml
new file mode 100644
index 000000000..c767617d2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-potential-role-summary.yaml
@@ -0,0 +1,149 @@
+get:
+ operationId: getPotentialRole
+ summary: Retrieves a specific potential role
+ tags:
+ - IAI Role Mining
+ description: This method returns a specific potential role for a role mining session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: A potential role id in a role mining session
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns a list of potential roles for a role mining
+ session.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningPotentialRole.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+patch:
+ operationId: patchPotentialRole
+ summary: Update a potential role
+ tags:
+ - IAI Role Mining
+ description: 'The method updates an existing potential role using.
+
+
+ The following fields can be modified:
+
+
+ * `description`
+
+
+ * `name`
+
+
+ * `saved`
+
+
+
+ >**NOTE: All other fields cannot be modified.**
+
+ '
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - in: path
+ name: potentialRoleId
+ schema:
+ type: string
+ required: true
+ description: The potential role summary id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ allOf:
+ - $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ properties:
+ op:
+ type: string
+ description: The operation to be performed
+ enum:
+ - remove
+ - replace
+ example: replace
+ example:
+ - op: remove
+ path: /description
+ - op: replace
+ path: /description
+ value: Acct I - Potential Role
+ - op: remove
+ path: /saved
+ - op: replace
+ path: /saved
+ value: 'false'
+ - op: remove
+ path: /name
+ - op: replace
+ path: /name
+ value: Potential Role Accounting
+ responses:
+ '200':
+ description: Succeeded. Returns the potential role summary based on the potentialRoleId
+ provided.
+ content:
+ application/json:
+ schema:
+ type: object
+ items:
+ $ref: ../../beta/schemas/RoleMiningPotentialRole.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session-status.yaml b/static/api-specs/idn/v2024/paths/role-mining-session-status.yaml
new file mode 100644
index 000000000..c730f8cb2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session-status.yaml
@@ -0,0 +1,37 @@
+get:
+ operationId: getRoleMiningSessionStatus
+ summary: Get role mining session status state
+ tags:
+ - IAI Role Mining
+ description: This method returns a role mining session status for a customer.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns session status
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningSessionStatus.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-session.yaml b/static/api-specs/idn/v2024/paths/role-mining-session.yaml
new file mode 100644
index 000000000..313caeb34
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-session.yaml
@@ -0,0 +1,107 @@
+patch:
+ operationId: patchRoleMiningSession
+ summary: Patch a role mining session
+ tags:
+ - IAI Role Mining
+ description: The method updates an existing role mining session using PATCH. Supports
+ op in {"replace"} and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole.
+ The potential roles in this role mining session is then re-calculated.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id to be patched
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ description: Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in
+ role mining session. Update saved status or saved name for a role mining session.
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ example:
+ - op: replace
+ path: /pruneThreshold
+ value: '83'
+ - op: replace
+ path: /minNumIdentitiesInPotentialRole
+ value: '10'
+ - op: replace
+ path: /saved
+ value: 'false'
+ - op: replace
+ path: /name
+ value: RM Session - 07/10/22
+ - op: add
+ path: /name
+ value: RM Session - 07/10/22
+ responses:
+ '202':
+ description: Success
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+get:
+ operationId: getRoleMiningSession
+ summary: Get a role mining session
+ tags:
+ - IAI Role Mining
+ description: The method retrieves a role mining session.
+ parameters:
+ - in: path
+ name: sessionId
+ schema:
+ type: string
+ required: true
+ description: The role mining session id to be retrieved.
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Returns a role mining session
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningSessionResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/role-mining-sessions.yaml b/static/api-specs/idn/v2024/paths/role-mining-sessions.yaml
new file mode 100644
index 000000000..9e731c22d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/role-mining-sessions.yaml
@@ -0,0 +1,105 @@
+post:
+ operationId: createRoleMiningSessions
+ summary: Create a role mining session
+ tags:
+ - IAI Role Mining
+ description: This submits a create role mining session request to the role mining
+ application.
+ requestBody:
+ description: Role mining session parameters
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningSessionDto.yaml
+ responses:
+ '201':
+ description: Submitted a role mining session request
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/RoleMiningSessionResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+get:
+ operationId: getRoleMiningSessions
+ summary: Retrieves all role mining sessions
+ tags:
+ - IAI Role Mining
+ description: Returns all role mining sessions that match the query parameters
+ parameters:
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **saved**: *eq*
+
+
+ **name**: *eq, sw*'
+ example: saved eq "true" and name sw "RM Session"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **createdBy, createdDate**'
+ example: createdBy,createdDate
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Succeeded. Returns all role mining sessions that match the query
+ parameters.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/RoleMiningSessionDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/searchAttributeConfig-get-patch-delete.yaml b/static/api-specs/idn/v2024/paths/searchAttributeConfig-get-patch-delete.yaml
new file mode 100644
index 000000000..6ab50415a
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/searchAttributeConfig-get-patch-delete.yaml
@@ -0,0 +1,149 @@
+get:
+ operationId: getSingleSearchAttributeConfig
+ tags:
+ - Search Attribute Configuration
+ summary: Get the details of a specific extended search attribute in IdentityNow.
+ description: 'This API accepts an extended attribute name and retrieves the corresponding
+ extended attribute configuration.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ parameters:
+ - name: name
+ in: path
+ description: Name of the extended search attribute configuration to delete.
+ required: true
+ schema:
+ type: string
+ example: newMailAttribute
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Specific attribute configuration in IdentityNow.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/SearchAttributeConfig.yaml
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+delete:
+ operationId: deleteSearchAttributeConfig
+ tags:
+ - Search Attribute Configuration
+ summary: Delete an extended search attribute in IdentityNow.
+ description: 'This API accepts an extended attribute name and deletes the corresponding
+ extended attribute configuration.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ parameters:
+ - name: name
+ in: path
+ description: Name of the extended search attribute configuration to delete.
+ required: true
+ schema:
+ type: string
+ example: newMailAttribute
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+patch:
+ operationId: patchSearchAttributeConfig
+ tags:
+ - Search Attribute Configuration
+ summary: Update the details of a specific extended search attribute in IdentityNow.
+ description: 'This API updates an existing Search Attribute Configuration. The following
+ fields are patchable:
+
+ **name**, **displayName**, **applicationAttributes**
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ parameters:
+ - name: name
+ in: path
+ description: Name of the Search Attribute Configuration to patch.
+ required: true
+ schema:
+ type: string
+ example: promotedMailAttribute
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ example:
+ - op: replace
+ path: /name
+ value: newAttributeName
+ - op: replace
+ path: /displayName
+ value: new attribute display name
+ - op: add
+ path: /applicationAttributes
+ value:
+ 2c91808b79fd2422017a0b35d30f3968: employeeNumber
+ required: true
+ responses:
+ '200':
+ description: Responds with the Search Attribute Configuration as updated.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SearchAttributeConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/searchAttributeConfig.yaml b/static/api-specs/idn/v2024/paths/searchAttributeConfig.yaml
new file mode 100644
index 000000000..67b1cdb41
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/searchAttributeConfig.yaml
@@ -0,0 +1,82 @@
+post:
+ operationId: createSearchAttributeConfig
+ tags:
+ - Search Attribute Configuration
+ summary: Configure/create extended search attributes in IdentityNow.
+ description: 'This API accepts an attribute name, an attribute display name and
+ a list of name/value pair associates of application IDs to attribute names. It
+ will then validate the inputs and configure/create and attribute promotion configuration
+ in the Link ObjectConfig.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SearchAttributeConfig.yaml
+ example:
+ name: newMailAttribute
+ displayName: New Mail Attribute
+ applicationAttributes:
+ 2c9180866166b5b0016167c32ef31a66: mail
+ 2c9180866166b5b0016167c32ef31a67: mail
+ responses:
+ '202':
+ $ref: ../../v3/responses/202.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+get:
+ operationId: getSearchAttributeConfig
+ tags:
+ - Search Attribute Configuration
+ summary: Retrieve a list of extended search attributes in IdentityNow.
+ description: 'This API retrieves a list of attribute/application associates currently
+ configured in IdentityNow.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ responses:
+ '200':
+ description: List of attribute configurations in IdentityNow.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/SearchAttributeConfig.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/send-test-notification.yaml b/static/api-specs/idn/v2024/paths/send-test-notification.yaml
new file mode 100644
index 000000000..a03c14723
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/send-test-notification.yaml
@@ -0,0 +1,42 @@
+post:
+ operationId: sendTestNotification
+ tags:
+ - Notifications
+ summary: Send Test Notification
+ description: Send a Test Notification
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SendTestNotificationRequestDto.yaml
+ example:
+ key: cloud_manual_work_item_summary
+ medium: EMAIL
+ context:
+ numberOfPendingTasks: '4'
+ ownerId: 201327fda1c44704ac01181e963d463c
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/sim-integrations-before-provisioning-rule.yaml b/static/api-specs/idn/v2024/paths/sim-integrations-before-provisioning-rule.yaml
new file mode 100644
index 000000000..46a927209
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sim-integrations-before-provisioning-rule.yaml
@@ -0,0 +1,53 @@
+patch:
+ tags:
+ - SIM Integrations
+ summary: Patch a SIM beforeProvisioningRule attribute.
+ description: Patch a SIM beforeProvisioningRule attribute given a JsonPatch object.
+ A token with Org Admin or Service Desk Admin authority is required to access this
+ endpoint.
+ operationId: patchBeforeProvisioningRule
+ requestBody:
+ required: true
+ description: The JsonPatch object that describes the changes of SIM beforeProvisioningRule.
+ content:
+ application/json-patch+json:
+ schema:
+ $ref: ../../beta/schemas/JsonPatch.yaml
+ parameters:
+ - name: id
+ in: path
+ description: SIM integration id
+ schema:
+ type: string
+ example: 12345
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The updated DTO containing the details of the SIM integration.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ServiceDeskIntegrationDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:write
diff --git a/static/api-specs/idn/v2024/paths/sim-integrations-value-list.yaml b/static/api-specs/idn/v2024/paths/sim-integrations-value-list.yaml
new file mode 100644
index 000000000..0eddc7652
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sim-integrations-value-list.yaml
@@ -0,0 +1,83 @@
+get:
+ tags:
+ - SIM Integrations
+ summary: List the existing SIM integrations.
+ description: List the existing SIM integrations. A token with Org Admin or Service
+ Desk Admin authority is required to access this endpoint.
+ operationId: getSIMIntegrations
+ responses:
+ '200':
+ description: The DTO containing the details of the SIM integration
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ServiceDeskIntegrationDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:read
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+post:
+ tags:
+ - SIM Integrations
+ summary: Create new SIM integration
+ description: Create a new SIM Integrations. A token with Org Admin or Service Desk
+ Admin authority is required to access this endpoint.
+ operationId: createSIMIntegration
+ requestBody:
+ description: DTO containing the details of the SIM integration
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SimIntegrationDetails.yaml
+ required: true
+ responses:
+ '200':
+ description: details of the created integration
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ServiceDeskIntegrationDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:create
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/sim-integrations.yaml b/static/api-specs/idn/v2024/paths/sim-integrations.yaml
new file mode 100644
index 000000000..5090d1b84
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sim-integrations.yaml
@@ -0,0 +1,190 @@
+put:
+ tags:
+ - SIM Integrations
+ summary: Update an existing SIM integration
+ description: Update an existing SIM integration. A token with Org Admin or Service
+ Desk Admin authority is required to access this endpoint.
+ operationId: putSIMIntegration
+ requestBody:
+ description: The full DTO of the integration containing the updated model
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SimIntegrationDetails.yaml
+ required: true
+ parameters:
+ - name: id
+ in: path
+ description: The id of the integration.
+ schema:
+ type: string
+ example: 12345
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: details of the updated integration
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ServiceDeskIntegrationDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:create
+get:
+ tags:
+ - SIM Integrations
+ summary: Get a SIM integration details.
+ description: Get the details of a SIM integration. A token with Org Admin or Service
+ Desk Admin authority is required to access this endpoint.
+ operationId: getSIMIntegration
+ parameters:
+ - name: id
+ in: path
+ description: The id of the integration.
+ schema:
+ type: string
+ example: 12345
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The DTO containing the details of the SIM integration
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ServiceDeskIntegrationDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:read
+delete:
+ tags:
+ - SIM Integrations
+ summary: Delete a SIM integration
+ description: Get the details of a SIM integration. A token with Org Admin or Service
+ Desk Admin authority is required to access this endpoint.
+ operationId: deleteSIMIntegration
+ parameters:
+ - name: id
+ description: The id of the integration to delete.
+ in: path
+ schema:
+ type: string
+ example: 12345
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: No content response
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:write
+patch:
+ tags:
+ - SIM Integrations
+ summary: Patch a SIM attribute.
+ description: Patch a SIM attribute given a JsonPatch object. A token with Org Admin
+ or Service Desk Admin authority is required to access this endpoint.
+ operationId: patchSIMAttributes
+ requestBody:
+ required: true
+ description: The JsonPatch object that describes the changes of SIM
+ content:
+ application/json-patch+json:
+ schema:
+ $ref: ../../beta/schemas/JsonPatch.yaml
+ parameters:
+ - name: id
+ description: SIM integration id
+ in: path
+ schema:
+ type: string
+ example: 12345
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The updated DTO containing the details of the SIM integration.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ServiceDeskIntegrationDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:service-desk-admin:write
diff --git a/static/api-specs/idn/v2024/paths/source-connector-check-connection.yaml b/static/api-specs/idn/v2024/paths/source-connector-check-connection.yaml
new file mode 100644
index 000000000..7e07cd374
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/source-connector-check-connection.yaml
@@ -0,0 +1,49 @@
+post:
+ operationId: testSourceConnection
+ tags:
+ - Sources
+ summary: Check connection for source connector.
+ description: 'This endpoint validates that the configured credentials are valid
+ and will properly authenticate with the source identified by the sourceId path
+ parameter.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:source-connector:manage
+ parameters:
+ - in: path
+ name: sourceId
+ schema:
+ type: string
+ required: true
+ description: The ID of the Source.
+ example: cef3ee201db947c5912551015ba0c679
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The result of checking connection to the source connector with
+ response from it.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/StatusResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/source-connector-peek-resource-objects.yaml b/static/api-specs/idn/v2024/paths/source-connector-peek-resource-objects.yaml
new file mode 100644
index 000000000..961dd3274
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/source-connector-peek-resource-objects.yaml
@@ -0,0 +1,56 @@
+post:
+ operationId: peekResourceObjects
+ tags:
+ - Sources
+ summary: Peek source connector's resource objects
+ description: 'Retrieves a sample of data returned from account and group aggregation
+ requests.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:source-connector:manage
+ parameters:
+ - in: path
+ name: sourceId
+ schema:
+ type: string
+ required: true
+ description: The ID of the Source
+ example: cef3ee201db947c5912551015ba0c679
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ResourceObjectsRequest.yaml
+ example:
+ objectType: resource
+ maxCount: 50
+ responses:
+ '200':
+ description: List of resource objects that was fetched from the source connector.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ResourceObjectsResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/source-connector-ping-cluster.yaml b/static/api-specs/idn/v2024/paths/source-connector-ping-cluster.yaml
new file mode 100644
index 000000000..2d8cf7f35
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/source-connector-ping-cluster.yaml
@@ -0,0 +1,47 @@
+post:
+ operationId: pingCluster
+ tags:
+ - Sources
+ summary: Ping cluster for source connector
+ description: 'This endpoint validates that the cluster being used by the source
+ is reachable from IdentityNow.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:source-connector:manage
+ parameters:
+ - in: path
+ name: sourceId
+ schema:
+ type: string
+ required: true
+ description: The ID of the Source
+ example: cef3ee201db947c5912551015ba0c679
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The result of pinging connection with the source connector.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/StatusResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/source-connector-test-configuration.yaml b/static/api-specs/idn/v2024/paths/source-connector-test-configuration.yaml
new file mode 100644
index 000000000..7498b6249
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/source-connector-test-configuration.yaml
@@ -0,0 +1,49 @@
+post:
+ operationId: testSourceConfiguration
+ tags:
+ - Sources
+ summary: Test configuration for source connector
+ description: 'This endpoint performs a more detailed validation of the source''s
+ configuration that can take longer than the lighter weight credential validation
+ performed by the checkConnection API.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:source-connector:manage
+ parameters:
+ - in: path
+ name: sourceId
+ schema:
+ type: string
+ required: true
+ description: The ID of the Source
+ example: cef3ee201db947c5912551015ba0c679
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: The result of testing source connector configuration with response
+ from it.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/StatusResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/source-connectors-source-config.yaml b/static/api-specs/idn/v2024/paths/source-connectors-source-config.yaml
new file mode 100644
index 000000000..c2d39ff4f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/source-connectors-source-config.yaml
@@ -0,0 +1,67 @@
+get:
+ operationId: getSourceConfig
+ tags:
+ - Sources
+ summary: Gets source config with language translations
+ description: 'Looks up and returns the source config for the requested source id
+ after populating the source config values and applying language translations.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The Source id
+ - in: query
+ name: locale
+ schema:
+ type: string
+ enum:
+ - de
+ - false
+ - fi
+ - sv
+ - ru
+ - pt
+ - ko
+ - zh-TW
+ - en
+ - it
+ - fr
+ - zh-CN
+ - hu
+ - es
+ - cs
+ - ja
+ - pl
+ - da
+ - nl
+ description: The locale to apply to the config. If no viable locale is given,
+ it will default to "en"
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A Connector Detail object
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ConnectorDetail.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/source-synchronize-attributes.yaml b/static/api-specs/idn/v2024/paths/source-synchronize-attributes.yaml
new file mode 100644
index 000000000..942c9b2c6
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/source-synchronize-attributes.yaml
@@ -0,0 +1,48 @@
+post:
+ operationId: syncAttributesForSource
+ tags:
+ - Sources
+ summary: Synchronize single source attributes.
+ description: 'This end-point performs attribute synchronization for a selected source.
+
+ A token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The Source id
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '202':
+ description: A Source Sync job
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SourceSyncJob.yaml
+ example:
+ id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ status: IN_PROGRESS
+ payload:
+ type: SYNCHRONIZE_SOURCE_ATTRIBUTES
+ dataJson: '{"sourceId":"2c918083746f642c01746f990884012a"}'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/sources-entitlement-request-config.yaml b/static/api-specs/idn/v2024/paths/sources-entitlement-request-config.yaml
new file mode 100644
index 000000000..154442758
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sources-entitlement-request-config.yaml
@@ -0,0 +1,171 @@
+get:
+ security:
+ - UserContextAuth:
+ - idn:sources:read
+ - idn:sources:manage
+ operationId: getSourceEntitlementRequestConfig
+ summary: Get Source Entitlement Request Configuration
+ tags:
+ - Sources
+ description: 'This API gets the current entitlement request configuration for a
+ source. This source-level configuration should apply for all the entitlements
+ in the source.
+
+
+ Access request to any entitlements in the source should follow this configuration
+ unless a separate entitlement-level configuration is defined.
+
+ - During access request, this source-level entitlement request configuration overrides
+ the global organization-level configuration.
+
+ - However, the entitlement-level configuration (if defined) overrides this source-level
+ configuration.
+
+
+ A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required
+ to call this API.'
+ responses:
+ '200':
+ description: Source Entitlement Request Configuration Details.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SourceEntitlementRequestConfig.yaml
+ examples:
+ Get default config:
+ description: The default config for a source should look like the following
+ where the empty approvalSchemes indicates that no approvals are required.
+ value:
+ accessRequestConfig:
+ approvalSchemes: []
+ requestCommentRequired: false
+ denialCommentRequired: false
+ Get config with one approval:
+ description: In case of a single approval, the config could look like
+ the following.
+ value:
+ accessRequestConfig:
+ approvalSchemes:
+ - approverId: null
+ approverType: SOURCE_OWNER
+ requestCommentRequired: true
+ denialCommentRequired: false
+ Get config with multiple approvals:
+ description: In case of multiple levels of approvals the config could
+ look like the following. In this scenario, access request review process
+ should go through all the approvers sequentially.
+ value:
+ accessRequestConfig:
+ approvalSchemes:
+ - approverId: null
+ approverType: ENTITLEMENT_OWNER
+ - approverId: null
+ approverType: SOURCE_OWNER
+ - approverId: 95e538a3-30c1-433a-af05-4bed973bbc22
+ approverType: GOVERNANCE_GROUP
+ requestCommentRequired: true
+ denialCommentRequired: false
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+put:
+ security:
+ - UserContextAuth:
+ - idn:sources:manage
+ operationId: updateSourceEntitlementRequestConfig
+ summary: Update Source Entitlement Request Configuration
+ tags:
+ - Sources
+ description: 'This API replaces the current entitlement request configuration for
+ a source. This source-level configuration should apply for all the entitlements
+ in the source.
+
+
+ Access request to any entitlements in the source should follow this configuration
+ unless a separate entitlement-level configuration is defined.
+
+ - During access request, this source-level entitlement request configuration overrides
+ the global organization-level configuration.
+
+ - However, the entitlement-level configuration (if defined) overrides this source-level
+ configuration.
+
+
+ A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required
+ to call this API.'
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SourceEntitlementRequestConfig.yaml
+ examples:
+ Set config with no approvals:
+ description: If no approvals are required, the following config can be
+ set.
+ value:
+ accessRequestConfig:
+ approvalSchemes: []
+ Set config with one approval:
+ description: In case of single approval the following config can be set.
+ value:
+ accessRequestConfig:
+ approvalSchemes:
+ - approverType: SOURCE_OWNER
+ requestCommentRequired: true
+ denialCommentRequired: false
+ Set config with multiple approvals:
+ description: In case of multiple levels of approvals the following config
+ can be set. In this scenario, access request review process should go
+ through all the approvers sequentially.
+ value:
+ accessRequestConfig:
+ approvalSchemes:
+ - approverType: ENTITLEMENT_OWNER
+ - approverType: SOURCE_OWNER
+ - approverType: GOVERNANCE_GROUP
+ approverId: 95e538a3-30c1-433a-af05-4bed973bbc22
+ requestCommentRequired: true
+ denialCommentRequired: false
+ responses:
+ '200':
+ description: Source Entitlement Request Configuration Details.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SourceEntitlementRequestConfig.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/sp-config-export-download.yaml b/static/api-specs/idn/v2024/paths/sp-config-export-download.yaml
new file mode 100644
index 000000000..f924cf350
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-export-download.yaml
@@ -0,0 +1,46 @@
+get:
+ operationId: getSpConfigExport
+ tags:
+ - SP-Config
+ summary: Download export job result.
+ description: 'This endpoint gets the export file resulting from the export job with
+ the requested `id` and downloads it to a file.
+
+ The request will need one of the following security scopes:
+
+ - sp:config:read - sp:config:manage'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The ID of the export job whose results will be downloaded.
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Exported JSON objects.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SpConfigExportResults.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/sp-config-export-status.yaml b/static/api-specs/idn/v2024/paths/sp-config-export-status.yaml
new file mode 100644
index 000000000..bd67cecfa
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-export-status.yaml
@@ -0,0 +1,59 @@
+get:
+ operationId: getSpConfigExportStatus
+ security:
+ - UserContextAuth:
+ - sp:config:read
+ - sp:config:manage
+ tags:
+ - SP-Config
+ summary: Get export job status
+ description: 'This gets the status of the export job identified by the `id` parameter.
+
+ The request will need one of the following security scopes:
+
+ - sp:config:read - sp:config:manage'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The ID of the export job whose status will be returned.
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Export job status successfully returned.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SpConfigExportJobStatus.yaml
+ example:
+ jobId: 1e824aa0-4c6e-4f14-95e9-e7dc5234aa51
+ status: COMPLETE
+ type: EXPORT
+ message: null
+ description: Export Job 1 Test
+ expiration: '2021-05-20T15:04:24Z'
+ created: '2021-05-13T15:04:24.112Z'
+ modified: '2021-05-13T15:04:27.363Z'
+ completed: '2021-05-13T15:04:27.358Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/sp-config-export.yaml b/static/api-specs/idn/v2024/paths/sp-config-export.yaml
new file mode 100644
index 000000000..d90ee772d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-export.yaml
@@ -0,0 +1,138 @@
+post:
+ operationId: exportSpConfig
+ security:
+ - UserContextAuth:
+ - sp:config:read
+ - sp:config:manage
+ tags:
+ - SP-Config
+ summary: Initiates configuration objects export job
+ description: 'This post will export objects from the tenant to a JSON configuration
+ file.
+
+ For more information about the object types that currently support export functionality,
+ refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).'
+ requestBody:
+ description: Export options control what will be included in the export.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ExportPayload.yaml
+ examples:
+ Export all objects available:
+ description: Export all object types available in IDN.
+ value:
+ description: Export all available objects
+ excludeTypes: []
+ includeTypes:
+ - ACCESS_PROFILE
+ - ACCESS_REQUEST_CONFIG
+ - ATTR_SYNC_SOURCE_CONFIG
+ - AUTH_ORG
+ - CAMPAIGN_FILTER
+ - FORM_DEFINITION
+ - GOVERNANCE_GROUP
+ - IDENTITY_OBJECT_CONFIG
+ - IDENTITY_PROFILE
+ - LIFECYCLE_STATE
+ - NOTIFICATION_TEMPLATE
+ - PASSWORD_POLICY
+ - PASSWORD_SYNC_GROUP
+ - PUBLIC_IDENTITIES_CONFIG
+ - ROLE
+ - RULE
+ - SEGMENT
+ - SERVICE_DESK_INTEGRATION
+ - SOD_POLICY
+ - SOURCE
+ - TAG
+ - TRANSFORM
+ - TRIGGER_SUBSCRIPTION
+ - WORKFLOW
+ objectOptions: {}
+ Export sources by ID:
+ description: Export only sources that match the IDs specified in the export
+ options.
+ value:
+ description: Export sources by ID
+ excludeTypes: []
+ includeTypes:
+ - SOURCE
+ objectOptions:
+ SOURCE:
+ includedIds:
+ - be9e116d-08e1-49fc-ab7f-fa585e96c9e4
+ - be9p119e-90e1-49pk-ac9f-fa576e96c9e4
+ includedNames: []
+ Export transforms by name:
+ description: Export only transforms that match the names specified in
+ the export options.
+ value:
+ description: Export transforms by name
+ excludeTypes: []
+ includeTypes:
+ - TRANSFORM
+ objectOptions:
+ TRANSFORM:
+ includedIds: []
+ includedNames:
+ - Remove Diacritical Marks
+ - Common - Location Lookup
+ Export trigger subscriptions triggers and transforms with custom options:
+ description: Export trigger subscriptions and transforms that match the
+ export options.
+ value:
+ description: Export trigger subscriptions and transforms with custom
+ filter options
+ excludeTypes: []
+ includeTypes:
+ - TRANSFORM
+ - TRIGGER_SUBSCRIPTION
+ objectOptions:
+ TRANSFORM:
+ includedIds: []
+ includedNames:
+ - Remove Diacritical Marks
+ - Common - Location Lookup
+ TRIGGER_SUBSCRIPTION:
+ includedIds:
+ - be9e116d-08e1-49fc-ab7f-fa585e96c9e4
+ - be9p119e-90e1-49pk-ac9f-fa576e96c9e4
+ includedNames:
+ - 'NGROK Test: fire and forget'
+ - Manager Certification
+ responses:
+ '202':
+ description: Export job accepted and queued for processing.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SpConfigExportJob.yaml
+ '400':
+ description: 'Client Error - Returned if the request body is invalid.
+
+ '
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/ErrorResponseDto.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/sp-config-import-download.yaml b/static/api-specs/idn/v2024/paths/sp-config-import-download.yaml
new file mode 100644
index 000000000..0b742762d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-import-download.yaml
@@ -0,0 +1,49 @@
+get:
+ operationId: getSpConfigImport
+ tags:
+ - SP-Config
+ summary: Download import job result
+ description: 'This gets import file resulting from the import job with the requested
+ id and downloads it to a file. The downloaded file will contain the results of
+ the import operation, including any error, warning or informational messages associated
+ with the import.
+
+ The request will need the following security scope:
+
+ - sp:config:manage'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The ID of the import job whose results will be downloaded.
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Import results JSON object, containing detailed results of the
+ import operation.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SpConfigImportResults.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/sp-config-import-status.yaml b/static/api-specs/idn/v2024/paths/sp-config-import-status.yaml
new file mode 100644
index 000000000..8f15d4aba
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-import-status.yaml
@@ -0,0 +1,61 @@
+get:
+ operationId: getSpConfigImportStatus
+ security:
+ - UserContextAuth:
+ - sp:config:manage
+ tags:
+ - SP-Config
+ summary: Get import job status
+ description: 'This gets the status of the import job identified by the `id` parameter.
+
+ For more information about the object types that currently support import functionality,
+ refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).
+
+ The request will need the following security scope:
+
+ - sp:config:manage'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The ID of the import job whose status will be returned.
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Import job status successfully returned.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SpConfigImportJobStatus.yaml
+ example:
+ jobId: 4fb10503-1c49-4603-8f8d-886e1f6aa47b
+ status: COMPLETE
+ type: IMPORT
+ message: Download import results for details.
+ description: null
+ expiration: '2021-05-20T16:42:39Z'
+ created: '2021-05-13T16:42:39.333Z'
+ modified: '2021-05-13T16:42:40.71Z'
+ completed: '2021-05-13T16:42:40.705Z'
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/sp-config-import.yaml b/static/api-specs/idn/v2024/paths/sp-config-import.yaml
new file mode 100644
index 000000000..4ae54acb3
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-import.yaml
@@ -0,0 +1,123 @@
+post:
+ operationId: importSpConfig
+ tags:
+ - SP-Config
+ summary: Initiates configuration objects import job
+ description: "This post will import objects from a JSON configuration file into\
+ \ a tenant. By default, every import will first export all existing objects supported\
+ \ by sp-config as a backup before the import is attempted. The backup is provided\
+ \ so that the state of the configuration prior to the import is available for\
+ \ inspection or restore if needed. The backup can be skipped by setting \"excludeBackup\"\
+ \ to true in the import options. If a backup is performed, the id of the backup\
+ \ will be provided in the ImportResult as the \"exportJobId\". This can be downloaded\
+ \ using the /sp-config/export/{exportJobId}/download endpoint.\nYou cannot currently\
+ \ import from the Non-Employee Lifecycle Management (NELM) source. You cannot\
+ \ use this endpoint to back up or store NELM data. \nFor more information about\
+ \ the object types that currently support import functionality, refer to [SaaS\
+ \ Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).\n\
+ The request will need the following security scope:\n- sp:config:manage"
+ parameters:
+ - in: query
+ name: preview
+ schema:
+ type: boolean
+ default: false
+ required: false
+ description: This option is intended to give the user information about how an
+ import operation would proceed, without having any effect on the target tenant.
+ If this parameter is "true", no objects will be imported. Instead, the import
+ process will pre-process the import file and attempt to resolve references within
+ imported objects. The import result file will contain messages pertaining to
+ how specific references were resolved, any errors associated with the preprocessing,
+ and messages indicating which objects would be imported.
+ example: 'true'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: "The form-data \"name\" attribute for the file content must be \"\
+ data\".\n\n__Example__\n\n data: \"config_export_0340b957-5caa-44f6-ada2-d3c4c5bd0b19.json\"\
+ ,\n options: {\n \"excludeTypes\": [],\n \"includeTypes\": [\"\
+ TRIGGER_SUBSCRIPTION\"],\n \"objectOptions\": {\n \"TRIGGER_SUBSCRIPTION\"\
+ : {\n \"includedIds\": [ \"193446a1-c431-4326-8ba7-d6eebf922948\"],\n\
+ \ \"includedNames\":[]\n }\n },\n \"defaultReferences\"\
+ : [\n {\n \"type\": \"TRIGGER_SUBSCRIPTION\",\n \"\
+ id\": \"be9e116d-08e1-49fc-ab7f-fa585e96c9e4\",\n \"name\": \"Test\
+ \ Trigger\"\n }\n ],\n \"excludeBackup\": false\n }\n\n\
+ __Sample Import File__\n\n {\n \t\"version\": 1,\n \t\"timestamp\"\
+ : \"2021-05-10T15:19:23.425041-05:00\",\n \t\"tenant\": \"sampleTenant\"\
+ ,\n \t\"options\": {\n \t\t\"excludeTypes\": [],\n \t\t\"includeTypes\"\
+ : [\"TRIGGER_SUBSCRIPTION\"],\n \t\t\"objectOptions\": null\n \t},\n \
+ \ \t\"objects\": [{\n \t\t\t\"version\": 1,\n \t\t\t\"self\": {\n \
+ \ \t\t\t\t\"type\": \"TRIGGER_SUBSCRIPTION\",\n \t\t\t\t\"name\": \"test\
+ \ trigger\",\n \t\t\t\t\"id\": \"193446a1-c431-4326-8ba7-d6eebf922948\"\n\
+ \ \t\t\t},\n \t\t\t\"object\": {\n \t\t\t\t\"type\": \"HTTP\",\n \
+ \ \t\t\t\t\"enabled\": true,\n \t\t\t\t\"httpConfig\": {\n \t\t\t\t\t\
+ \"url\": \"https://localhost\",\n \t\t\t\t\t\"httpAuthenticationType\": \"\
+ NO_AUTH\",\n \t\t\t\t\t\"basicAuthConfig\": null,\n \t\t\t\t\t\"bearerTokenAuthConfig\"\
+ : null,\n \t\t\t\t\t\"httpDispatchMode\": \"SYNC\"\n \t\t\t\t},\n \t\
+ \t\t\t\"triggerName\": \"Access Request Submitted\",\n \t\t\t\t\"responseDeadline\"\
+ : \"PT1H\",\n \t\t\t\t\"name\": \"test trigger\",\n \t\t\t\t\"triggerId\"\
+ : \"idn:access-request-pre-approval\"\n \t\t\t}\n \t\t}\n \t]\n \
+ \ }\n"
+ required: true
+ content:
+ multipart/form-data:
+ schema:
+ type: object
+ properties:
+ data:
+ type: string
+ format: binary
+ description: JSON file containing the objects to be imported.
+ options:
+ $ref: ../../beta/schemas/ImportOptions.yaml
+ required:
+ - data
+ example:
+ data: config_export_0340b957-5caa-44f6-ada2-d3c4c5bd0b19.json
+ options:
+ excludeTypes: []
+ includeTypes:
+ - TRIGGER_SUBSCRIPTION
+ objectOptions:
+ TRIGGER_SUBSCRIPTION:
+ includedIds:
+ - be9e116d-08e1-49fc-ab7f-fa585e96c9e4
+ includedNames:
+ - Lori Test 2
+ defaultReferences:
+ - type: TRIGGER_SUBSCRIPTION
+ id: be9e116d-08e1-49fc-ab7f-fa585e96c9e4
+ name: Test Trigger
+ excludeBackup: false
+ responses:
+ '202':
+ description: Import job accepted and queued for processing.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SpConfigJob.yaml
+ '400':
+ description: 'Client Error - Returned if the request body is invalid.
+
+ '
+ content:
+ application/json:
+ schema:
+ $ref: ../../v3/schemas/ErrorResponseDto.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/sp-config-objects.yaml b/static/api-specs/idn/v2024/paths/sp-config-objects.yaml
new file mode 100644
index 000000000..c6605f9a8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/sp-config-objects.yaml
@@ -0,0 +1,42 @@
+get:
+ operationId: listSpConfigObjects
+ security:
+ - UserContextAuth:
+ - sp:config:read
+ - sp:config:manage
+ tags:
+ - SP-Config
+ summary: Get config object details
+ description: This gets the list of object configurations which are known to the
+ tenant export/import service. Object configurations that contain "importUrl" and
+ "exportUrl" are available for export/import.
+ responses:
+ '200':
+ description: Object configurations returned successfully.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/SpConfigObject.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/suggested-entitlement-description-approvals.yaml b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-approvals.yaml
new file mode 100644
index 000000000..a43edb135
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-approvals.yaml
@@ -0,0 +1,50 @@
+post:
+ tags:
+ - Suggested Entitlement Description
+ summary: Submit Bulk Approval Request
+ description: 'Submit Bulk Approval Request for SED.
+
+ Request body takes list of SED Ids. API responses with list of SED Approval Status'
+ operationId: submitSedApproval
+ requestBody:
+ description: Sed Approval
+ content:
+ application/json-patch+json:
+ schema:
+ items:
+ $ref: ../../beta/schemas/SedApproval.yaml
+ type: array
+ required: true
+ responses:
+ '200':
+ description: List of SED Approval Status
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: ../../beta/schemas/SedApprovalStatus.yaml
+ type: array
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:write
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/suggested-entitlement-description-assignments.yaml b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-assignments.yaml
new file mode 100644
index 000000000..f26b2fab2
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-assignments.yaml
@@ -0,0 +1,47 @@
+post:
+ tags:
+ - Suggested Entitlement Description
+ operationId: submitSedAssignment
+ summary: Submit Sed Assignment Request
+ description: 'Submit Assignment Request.
+
+ Request body has an assignee, and list of SED Ids that are assigned to that assignee
+ API responses with batchId that groups all approval requests together'
+ requestBody:
+ description: Sed Assignment Request
+ content:
+ application/json-patch+json:
+ schema:
+ $ref: ../../beta/schemas/SedAssignment.yaml
+ required: true
+ responses:
+ '202':
+ description: Sed Assignment Response
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SedAssignmentResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:write
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/suggested-entitlement-description-batches-stats.yaml b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-batches-stats.yaml
new file mode 100644
index 000000000..7affdd4bd
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-batches-stats.yaml
@@ -0,0 +1,48 @@
+get:
+ tags:
+ - Suggested Entitlement Description
+ operationId: getSedBatchStats
+ summary: Submit Sed Batch Stats Request
+ description: 'Submit Sed Batch Stats Request.
+
+ Submits batchId in the path param (e.g. {batchId}/stats). API responses with stats
+ of the batchId.'
+ parameters:
+ - name: batchId
+ in: path
+ description: Batch Id
+ schema:
+ type: string
+ format: uuid
+ example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Stats of Sed batch.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SedBatchStats.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:read
diff --git a/static/api-specs/idn/v2024/paths/suggested-entitlement-description-batches.yaml b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-batches.yaml
new file mode 100644
index 000000000..7630508d5
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/suggested-entitlement-description-batches.yaml
@@ -0,0 +1,85 @@
+get:
+ tags:
+ - Suggested Entitlement Description
+ operationId: getSedBatches
+ summary: List Sed Batch Request
+ description: 'List Sed Batches.
+
+ API responses with Sed Batch Status'
+ responses:
+ '200':
+ description: Status of batch
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SedBatchStatus.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:read
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+post:
+ tags:
+ - Suggested Entitlement Description
+ operationId: submitSedBatchRequest
+ summary: Submit Sed Batch Request
+ description: 'Submit Sed Batch Request.
+
+ Request body has a list of entitlement Ids that user wants to have description
+ generated by LLM. API responses with batchId that groups Ids together'
+ requestBody:
+ description: Sed Batch Request
+ content:
+ application/json-patch+json:
+ schema:
+ $ref: ../../beta/schemas/SedBatchRequest.yaml
+ responses:
+ '200':
+ description: Sed Batch Response
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SedBatchResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:write
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/suggested-entitlement-descriptions.yaml b/static/api-specs/idn/v2024/paths/suggested-entitlement-descriptions.yaml
new file mode 100644
index 000000000..65e1b6dfd
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/suggested-entitlement-descriptions.yaml
@@ -0,0 +1,157 @@
+get:
+ tags:
+ - Suggested Entitlement Description
+ operationId: listSeds
+ summary: List Suggested Entitlement Description
+ description: List of Suggested Entitlement Description
+ parameters:
+ - description: "Integer specifying the maximum number of records to return in a\
+ \ single API call. \nThe standard syntax described in [V3 API Standard Collection\
+ \ Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\
+ \ If it is not specified, a default limit is used."
+ schema:
+ format: int64
+ type: integer
+ in: query
+ name: limit
+ example: limit=0
+ - description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **batchId**: *eq*
+
+
+ **status**: *eq, ne, in*
+
+
+ **displayName**: *eq, co*'
+ in: query
+ name: filters
+ example: displayName co "Read and Write"
+ schema:
+ type: string
+ - description: "If `true` it will populate the `X-Total-Count` response header with\
+ \ the number of results that would be returned if `limit` and `offset` were\
+ \ ignored. \nThe standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results).\n\
+ Since requesting a total count can have a performance impact, it is recommended\
+ \ not to send `count=true` if that value will not be used."
+ in: query
+ name: count
+ example: count=true
+ schema:
+ type: boolean
+ - description: 'If `true` it will populate the `X-Total-Count` response header with
+ the number of results that would be returned if `limit` and `offset` were ignored.
+
+ This parameter differs from the Coun parameter in that this one skip executing
+ the actual query and always return an empty array.'
+ in: query
+ name: count-only
+ example: count-only=true
+ schema:
+ type: boolean
+ - description: "By default, the ListSeds API will only return items that you have\
+ \ requested to be generated. \nThis option will allow you to see all items\
+ \ that have been requested"
+ in: query
+ name: requested-by-anyone
+ example: requested-by-anyone=true
+ schema:
+ type: boolean
+ - description: Will limit records to items that are in "suggested" or "approved"
+ status
+ in: query
+ name: show-pending-status-only
+ example: show-pending-status-only=true
+ schema:
+ type: boolean
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of Suggested Entitlement Details
+ content:
+ application/json:
+ schema:
+ items:
+ $ref: ../../beta/schemas/Sed.yaml
+ type: array
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:read
+patch:
+ tags:
+ - Suggested Entitlement Description
+ operationId: patchSed
+ summary: Patch Suggested Entitlement Description
+ description: Patch Suggested Entitlement Description
+ parameters:
+ - description: id is sed id
+ in: path
+ name: id
+ example: ebab396f-0af1-4050-89b7-dafc63ec70e7
+ required: true
+ schema:
+ type: string
+ format: uuid
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: Sed Patch Request
+ content:
+ application/json-patch+json:
+ schema:
+ items:
+ $ref: ../../beta/schemas/SedPatch.yaml
+ type: array
+ required: true
+ responses:
+ '200':
+ description: detail of patched sed
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Sed.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:sed:write
diff --git a/static/api-specs/idn/v2024/paths/task-status-list.yaml b/static/api-specs/idn/v2024/paths/task-status-list.yaml
new file mode 100644
index 000000000..65634ce1d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/task-status-list.yaml
@@ -0,0 +1,81 @@
+get:
+ tags:
+ - Task Management
+ summary: Retrieve a task status list.
+ description: 'Use this endpoint to get a list of **completed** tasks. To get a list
+ of tasks **in-progress**, please use the [get pending tasks](https://developer.sailpoint.com/docs/api/beta/get-pending-tasks)
+ endpoint.
+
+ '
+ operationId: getTaskStatusList
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ example: completionStatus eq "Success"
+ required: false
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in*
+
+
+ **sourceId**: *eq, in*
+
+
+ **completionStatus**: *eq, in*
+
+
+ **type**: *eq, in*'
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ example: -created
+ required: false
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **created**'
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Responds with a TaskStatus for the task with the given task ID.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/TaskStatus.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:task-management:read
diff --git a/static/api-specs/idn/v2024/paths/task-status-pending.yaml b/static/api-specs/idn/v2024/paths/task-status-pending.yaml
new file mode 100644
index 000000000..38a5c723a
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/task-status-pending.yaml
@@ -0,0 +1,66 @@
+get:
+ tags:
+ - Task Management
+ summary: Retrieve a pending task list.
+ description: Retrieve a list of TaskStatus for pending tasks.
+ operationId: getPendingTasks
+ parameters:
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Responds with a list of TaskStatus for pending tasks.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/TaskStatus.yaml
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ security:
+ - UserContextAuth:
+ - idn:task-management:read
+head:
+ tags:
+ - Task Management
+ summary: Retrieve headers only for pending task list.
+ description: Retrieve headers for a list of TaskStatus for pending tasks.
+ operationId: getPendingTaskHeaders
+ parameters:
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Responds with headers for List of TaskStatus for pending tasks.
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ security:
+ - UserContextAuth:
+ - idn:task-management:read
diff --git a/static/api-specs/idn/v2024/paths/task-status.yaml b/static/api-specs/idn/v2024/paths/task-status.yaml
new file mode 100644
index 000000000..8bbb75109
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/task-status.yaml
@@ -0,0 +1,110 @@
+get:
+ tags:
+ - Task Management
+ summary: Get task status by ID.
+ description: Get a TaskStatus for a task by task ID.
+ operationId: getTaskStatus
+ parameters:
+ - name: id
+ in: path
+ description: Task ID.
+ required: true
+ example: 00eebcf881994e419d72e757fd30dc0e
+ style: simple
+ explode: false
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: Responds with a TaskStatus for the task with the given task ID.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/TaskStatus.yaml
+ '403':
+ description: Forbidden, generally due to a lack of security rights
+ '404':
+ description: TaskStatus with the given id was not found.
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:task-management:read
+patch:
+ operationId: updateTaskStatus
+ tags:
+ - Task Management
+ summary: Update task status by ID
+ description: Update a current task status by task ID. Use this API to clear a pending
+ task by updating the completionStatus and completed attributes.
+ parameters:
+ - name: id
+ in: path
+ description: Task ID.
+ example: 00eebcf881994e419d72e757fd30dc0e
+ required: true
+ style: simple
+ explode: false
+ schema:
+ type: string
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ description: The JSONPatch payload used to update the object.
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/JsonPatchOperation.yaml
+ example:
+ - op: replace
+ path: /completionStatus
+ value: Error
+ - op: replace
+ path: /completed
+ value: 2024-05-17 19:33:16.470000+00:00
+ responses:
+ '200':
+ description: This response indicates the PATCH operation succeeded, and the
+ API returns the updated task object.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/TaskStatus.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:task-management:write
diff --git a/static/api-specs/idn/v2024/paths/tenant-configuration.yaml b/static/api-specs/idn/v2024/paths/tenant-configuration.yaml
new file mode 100644
index 000000000..acff3128b
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/tenant-configuration.yaml
@@ -0,0 +1,80 @@
+get:
+ operationId: getTenantConfigConfiguration
+ tags:
+ - Work Reassignment
+ summary: Get Tenant-wide Reassignment Configuration settings
+ description: Gets the global Reassignment Configuration settings for the requestor's
+ tenant.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-tenant-configuration:read
+ responses:
+ '200':
+ description: Tenant-wide Reassignment Configuration settings
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/TenantConfigurationResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+put:
+ operationId: putTenantConfiguration
+ tags:
+ - Work Reassignment
+ summary: Update Tenant-wide Reassignment Configuration settings
+ description: Replaces existing Tenant-wide Reassignment Configuration settings with
+ the newly provided settings.
+ security:
+ - UserContextAuth:
+ - idn:reassignment-tenant-configuration:update
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/TenantConfigurationRequest.yaml
+ responses:
+ '200':
+ description: Tenant-wide Reassignment Configuration settings
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/work-reassignment/TenantConfigurationResponse.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/tenant.yaml b/static/api-specs/idn/v2024/paths/tenant.yaml
new file mode 100644
index 000000000..88fcc0ec0
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/tenant.yaml
@@ -0,0 +1,37 @@
+get:
+ operationId: getTenant
+ tags:
+ - Tenant
+ summary: Get Tenant Information.
+ description: This rest endpoint can be used to retrieve tenant details.
+ security:
+ - UserContextAuth:
+ - sp:tenant:read
+ responses:
+ '200':
+ description: Tenant Info
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Tenant.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/trigger-invocations-complete.yaml b/static/api-specs/idn/v2024/paths/trigger-invocations-complete.yaml
new file mode 100644
index 000000000..199bda81f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/trigger-invocations-complete.yaml
@@ -0,0 +1,45 @@
+post:
+ operationId: completeTriggerInvocation
+ tags:
+ - Triggers
+ summary: Complete Trigger Invocation
+ description: Completes an invocation to a REQUEST_RESPONSE type trigger.
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The ID of the invocation to complete.
+ example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/CompleteInvocation.yaml
+ example:
+ secret: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ output:
+ approved: false
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/trigger-invocations-status.yaml b/static/api-specs/idn/v2024/paths/trigger-invocations-status.yaml
new file mode 100644
index 000000000..4a4c997d8
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/trigger-invocations-status.yaml
@@ -0,0 +1,77 @@
+get:
+ operationId: listTriggerInvocationStatus
+ tags:
+ - Triggers
+ summary: List Latest Invocation Statuses
+ description: 'Gets a list of latest invocation statuses.
+
+ Statuses of successful invocations are available for up to 24 hours. Statuses
+ of failed invocations are available for up to 48 hours.
+
+ This endpoint may only fetch up to 2000 invocations, and should not be treated
+ as a representation of the full history of invocations.'
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ required: false
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **triggerId**: *eq*
+
+
+ **subscriptionId**: *eq*'
+ example: triggerId eq "idn:access-request-dynamic-approver"
+ - in: query
+ name: sorters
+ required: false
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **triggerId, subscriptionName,
+ created, completed**'
+ example: created
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of latest invocation statuses.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/InvocationStatus.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-invocation-status:read
+ - sp:trigger-service-invocation-status:manage
diff --git a/static/api-specs/idn/v2024/paths/trigger-invocations-test.yaml b/static/api-specs/idn/v2024/paths/trigger-invocations-test.yaml
new file mode 100644
index 000000000..5e58bf53d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/trigger-invocations-test.yaml
@@ -0,0 +1,64 @@
+post:
+ operationId: startTestTriggerInvocation
+ tags:
+ - Triggers
+ summary: Start a Test Invocation
+ description: Initiate a test event for all subscribers of the specified event trigger. If
+ there are no subscribers to the specified trigger in the tenant, then no test
+ event will be sent.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/TestInvocation.yaml
+ examples:
+ Test Trigger with Mock Input:
+ value:
+ triggerId: idn:access-requested
+ input:
+ identityId: 201327fda1c44704ac01181e963d463c
+ contentJson:
+ workflowId: 1234
+ Send Test to only One Subscriber:
+ value:
+ triggerId: idn:access-requested
+ contentJson:
+ workflowId: 1234
+ subscriptionIds:
+ - 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ responses:
+ '200':
+ description: Test trigger invocations that have been started for specified subscription(s).
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Invocation.yaml
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ description: Trigger invocation is skipped, because tenant has not subscribed
+ to the specified trigger.
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-invocation-status:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/trigger-subscription.yaml b/static/api-specs/idn/v2024/paths/trigger-subscription.yaml
new file mode 100644
index 000000000..b33def191
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/trigger-subscription.yaml
@@ -0,0 +1,189 @@
+put:
+ operationId: updateSubscription
+ tags:
+ - Triggers
+ summary: Update a Subscription
+ description: "This API updates a trigger subscription in IdentityNow, using a full\
+ \ object representation. In other words, the existing\n Subscription is completely\
+ \ replaced. The following fields are immutable:\n\n\n * id\n\n * triggerId\n\
+ \n\n Attempts to modify these fields result in 400."
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Subscription ID
+ example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SubscriptionPutRequest.yaml
+ examples:
+ HTTP Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ type: HTTP
+ httpConfig:
+ url: https://www.example.com
+ httpDispatchMode: SYNC
+ httpAuthenticationType: BASIC_AUTH
+ basicAuthConfig:
+ userName: user@example.com
+ password: eRtg4%6yuI!
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ HTTP Async Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ type: HTTP
+ responseDeadline: PT1H
+ httpConfig:
+ url: https://www.example.com
+ httpDispatchMode: ASYNC
+ httpAuthenticationType: BASIC_AUTH
+ basicAuthConfig:
+ userName: user@example.com
+ password: eRtg4%6yuI!
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ EventBridge Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ type: EVENTBRIDGE
+ eventBridgeConfig:
+ awsAccount: '123456789012'
+ awsRegion: us-west-1
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ responses:
+ '200':
+ description: Updated subscription.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Subscription.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:manage
+patch:
+ operationId: patchSubscription
+ tags:
+ - Triggers
+ summary: Patch a Subscription
+ description: 'This API updates a trigger subscription in IdentityNow, using a set
+ of instructions to modify a subscription partially. The following fields are patchable:
+
+
+ **name**, **description**, **enabled**, **type**, **filter**, **responseDeadline**,
+ **httpConfig**, **eventBridgeConfig**, **workflowConfig**'
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: ID of the Subscription to patch
+ example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json-patch+json:
+ schema:
+ $ref: ../../beta/schemas/SubscriptionPatchRequest.yaml
+ responses:
+ '200':
+ description: Updated subscription.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Subscription.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:manage
+delete:
+ operationId: deleteSubscription
+ tags:
+ - Triggers
+ summary: Delete a Subscription
+ description: Deletes an existing subscription to a trigger.
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: Subscription ID
+ example: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ description: Subscription is deleted successfully.
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:manage
diff --git a/static/api-specs/idn/v2024/paths/trigger-subscriptions-validate-filter.yaml b/static/api-specs/idn/v2024/paths/trigger-subscriptions-validate-filter.yaml
new file mode 100644
index 000000000..223db10c1
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/trigger-subscriptions-validate-filter.yaml
@@ -0,0 +1,55 @@
+post:
+ operationId: testSubscriptionFilter
+ tags:
+ - Triggers
+ summary: Validate a Subscription Filter
+ description: 'Validates a JSONPath filter expression against a provided mock input.
+
+ Request requires a security scope of: '
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ValidateFilterInputDto.yaml
+ required:
+ - input
+ - filter
+ example:
+ input:
+ identityId: 201327fda1c44704ac01181e963d463c
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ responses:
+ '200':
+ description: Boolean whether specified filter expression is valid against the
+ input.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/ValidateFilterOutputDto.yaml
+ example:
+ isValid: true
+ isValidJSONPath: true
+ isPathExist: true
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/trigger-subscriptions.yaml b/static/api-specs/idn/v2024/paths/trigger-subscriptions.yaml
new file mode 100644
index 000000000..429c85f18
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/trigger-subscriptions.yaml
@@ -0,0 +1,211 @@
+post:
+ operationId: createSubscription
+ tags:
+ - Triggers
+ summary: Create a Subscription
+ description: 'This API creates a new subscription to a trigger and defines trigger
+ invocation details. The type of subscription determines which config object is
+ required:
+
+ * HTTP subscriptions require httpConfig
+
+ * EventBridge subscriptions require eventBridgeConfig'
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/SubscriptionPostRequest.yaml
+ examples:
+ HTTP Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ triggerId: idn:access-requested
+ type: HTTP
+ httpConfig:
+ url: https://www.example.com
+ httpDispatchMode: SYNC
+ httpAuthenticationType: BASIC_AUTH
+ basicAuthConfig:
+ userName: user@example.com
+ password: eRtg4%6yuI!
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ HTTP Async Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ triggerId: idn:access-requested
+ type: HTTP
+ responseDeadline: PT1H
+ httpConfig:
+ url: https://www.example.com
+ httpDispatchMode: ASYNC
+ httpAuthenticationType: BASIC_AUTH
+ basicAuthConfig:
+ userName: user@example.com
+ password: eRtg4%6yuI!
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ EventBridge Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ triggerId: idn:access-requested
+ type: EVENTBRIDGE
+ eventBridgeConfig:
+ awsAccount: '123456789012'
+ awsRegion: us-west-1
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ responses:
+ '201':
+ description: New subscription to a trigger. The trigger can now be invoked by
+ the method defined in the subscription.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/Subscription.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:manage
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+get:
+ operationId: listSubscriptions
+ tags:
+ - Triggers
+ summary: List Subscriptions
+ description: Gets a list of all trigger subscriptions.
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ required: false
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq*
+
+
+ **triggerId**: *eq*
+
+
+ **type**: *eq, le*'
+ example: id eq "12cff757-c0c0-413b-8ad7-2a47956d1e89"
+ - in: query
+ name: sorters
+ required: false
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **triggerId, triggerName**'
+ example: triggerName
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of subscriptions.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Subscription.yaml
+ examples:
+ HTTP Subscription:
+ value:
+ - id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ name: Access request subscription
+ description: Access requested to site xyz
+ triggerId: idn:access-requested
+ triggerName: Access Requested
+ type: HTTP
+ httpConfig:
+ url: https://www.example.com
+ httpDispatchMode: SYNC
+ httpAuthenticationType: BASIC_AUTH
+ basicAuthConfig:
+ userName: user@example.com
+ password: null
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ HTTP Async Subscription:
+ value:
+ name: Access request subscription
+ description: Access requested to site xyz
+ triggerId: idn:access-requested
+ triggerName: Access Requested
+ type: HTTP
+ responseDeadline: PT1H
+ httpConfig:
+ url: https://www.example.com
+ httpDispatchMode: ASYNC
+ httpAuthenticationType: BASIC_AUTH
+ basicAuthConfig:
+ userName: user@example.com
+ password: null
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ EventBridge Subscription:
+ value:
+ - id: 0f11f2a4-7c94-4bf3-a2bd-742580fe3bde
+ name: Access request subscription
+ description: Access requested to site xyz
+ triggerId: idn:access-requested
+ triggerName: Access Requested
+ type: EVENTBRIDGE
+ eventBridgeConfig:
+ awsAccount: '123456789012'
+ awsRegion: us-west-1
+ enabled: true
+ filter: $[?($.identityId == "201327fda1c44704ac01181e963d463c")]
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:read
diff --git a/static/api-specs/idn/v2024/paths/triggers.yaml b/static/api-specs/idn/v2024/paths/triggers.yaml
new file mode 100644
index 000000000..d4662d28f
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/triggers.yaml
@@ -0,0 +1,66 @@
+get:
+ operationId: listTriggers
+ tags:
+ - Triggers
+ summary: List Triggers
+ description: Gets a list of triggers that are available in the tenant.
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ required: false
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, ge, le*'
+ example: id eq "idn:access-request-post-approval"
+ - in: query
+ name: sorters
+ required: false
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **id, name**'
+ example: name
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of triggers.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/Trigger.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - sp:trigger-service-subscriptions:read
diff --git a/static/api-specs/idn/v2024/paths/ui-metadata/tenant-ui-metadata.yaml b/static/api-specs/idn/v2024/paths/ui-metadata/tenant-ui-metadata.yaml
new file mode 100644
index 000000000..538b0d959
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/ui-metadata/tenant-ui-metadata.yaml
@@ -0,0 +1,85 @@
+get:
+ operationId: getTenantUiMetadata
+ tags:
+ - UI Metadata
+ summary: Get a tenant UI metadata
+ description: 'This API endpoint retrieves UI metadata configured for your tenant.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ security:
+ - UserContextAuth:
+ - idn:ui-access-metadata-page:read
+ responses:
+ '200':
+ description: A tenant UI metadata object
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/ui-metadata/TenantUiMetadataItemResponse.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '404':
+ $ref: ../../../v3/responses/404.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+put:
+ operationId: setTenantUiMetadata
+ tags:
+ - UI Metadata
+ summary: Update tenant UI metadata
+ description: 'This API endpoint updates UI metadata for your tenant. These changes
+ may require up to 5 minutes to take effect on the UI.
+
+ A token with ORG_ADMIN authority is required to call this API.'
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/ui-metadata/TenantUiMetadataItemUpdateRequest.yaml
+ security:
+ - UserContextAuth:
+ - idn:ui-access-metadata-page:manage
+ responses:
+ '200':
+ description: A tenant UI metadata object
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/ui-metadata/TenantUiMetadataItemResponse.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '404':
+ $ref: ../../../v3/responses/404.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/verified-domains.yaml b/static/api-specs/idn/v2024/paths/verified-domains.yaml
new file mode 100644
index 000000000..bde9a8a0d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/verified-domains.yaml
@@ -0,0 +1,81 @@
+get:
+ security:
+ - UserContextAuth:
+ - sp:notification-dkim-attributes:read
+ operationId: getDkimAttributes
+ tags:
+ - Notifications
+ summary: Get DKIM Attributes
+ description: Retrieve DKIM (DomainKeys Identified Mail) attributes for all your
+ tenants' AWS SES identities. Limits retrieval to 100 identities per call.
+ responses:
+ '200':
+ description: List of DKIM Attributes
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/DkimAttributes.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+post:
+ security:
+ - UserContextAuth:
+ - sp:notification-verify-domain-dkim:write
+ operationId: createDomainDkim
+ tags:
+ - Notifications
+ summary: Verify domain address via DKIM
+ description: Create a domain to be verified via DKIM (DomainKeys Identified Mail)
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/DomainAddress.yaml
+ responses:
+ '200':
+ description: List of DKIM tokens required for the verification process.
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/DomainStatusDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '405':
+ $ref: ../../v3/responses/405.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/verified-from-address.yaml b/static/api-specs/idn/v2024/paths/verified-from-address.yaml
new file mode 100644
index 000000000..4c5529aeb
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/verified-from-address.yaml
@@ -0,0 +1,35 @@
+delete:
+ operationId: deleteVerifiedFromAddress
+ tags:
+ - Notifications
+ summary: Delete Verified From Address
+ description: Delete a verified sender email address
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../v3/responses/204.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/verified-from-addresses.yaml b/static/api-specs/idn/v2024/paths/verified-from-addresses.yaml
new file mode 100644
index 000000000..217118f9d
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/verified-from-addresses.yaml
@@ -0,0 +1,99 @@
+get:
+ operationId: listFromAddresses
+ tags:
+ - Notifications
+ summary: List From Addresses
+ description: Retrieve a list of sender email addresses and their verification statuses
+ parameters:
+ - $ref: ../../v3/parameters/limit.yaml
+ - $ref: ../../v3/parameters/offset.yaml
+ - $ref: ../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **email**: *eq, ge, le, sw*'
+ example: email eq "john.doe@company.com"
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **email**'
+ example: email
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of Email Status
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/EmailStatusDto.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+post:
+ operationId: createVerifiedFromAddress
+ tags:
+ - Notifications
+ summary: Create Verified From Address
+ description: Create a new sender email address and initiate verification process.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/EmailStatusDto.yaml
+ example:
+ email: sender@example.com
+ responses:
+ '201':
+ description: New Verified Email Status
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/EmailStatusDto.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/work-item-forward.yaml b/static/api-specs/idn/v2024/paths/work-item-forward.yaml
new file mode 100644
index 000000000..9cb902e95
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/work-item-forward.yaml
@@ -0,0 +1,42 @@
+post:
+ operationId: forwardWorkItem
+ tags:
+ - Work Items
+ summary: Forward a Work Item
+ description: This API forwards a work item to a new owner. Either an admin, or the
+ owning/current user must make this request.
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ description: The ID of the work item
+ example: ef38f94347e94562b5bb8424a56397d8
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../beta/schemas/WorkItemForward.yaml
+ responses:
+ '200':
+ description: Success, but no data is returned.
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '401':
+ $ref: ../../v3/responses/401.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '429':
+ $ref: ../../v3/responses/429.yaml
+ '500':
+ $ref: ../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/work-items-completed-count.yaml b/static/api-specs/idn/v2024/paths/work-items-completed-count.yaml
new file mode 100644
index 000000000..332e3b737
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/work-items-completed-count.yaml
@@ -0,0 +1,37 @@
+get:
+ operationId: getCountCompletedWorkItems
+ tags:
+ - Work Items
+ summary: Count Completed Work Items
+ description: This gets a count of completed work items belonging to either the specified
+ user(admin required), or the current user.
+ parameters:
+ - in: query
+ name: ownerId
+ schema:
+ type: string
+ description: ID of the work item owner.
+ required: false
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of work items
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../beta/schemas/WorkItemsCount.yaml
+ '400':
+ $ref: ../../v3/responses/400.yaml
+ '403':
+ $ref: ../../v3/responses/403.yaml
+ '404':
+ $ref: ../../v3/responses/404.yaml
diff --git a/static/api-specs/idn/v2024/paths/workgroups/bulk-add-workgroup-members.yaml b/static/api-specs/idn/v2024/paths/workgroups/bulk-add-workgroup-members.yaml
new file mode 100644
index 000000000..4eac15f63
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/bulk-add-workgroup-members.yaml
@@ -0,0 +1,57 @@
+post:
+ operationId: updateWorkgroupMembers
+ security:
+ - UserContextAuth:
+ - idn:workgroup:write
+ tags:
+ - Governance Groups
+ summary: Add members to Governance Group
+ description: 'This API adds one or more members to a Governance Group. A token
+ with API, ORG_ADMIN authority is required to call this API.
+
+
+ > **Following field of Identity is an optional field in the request.**
+
+
+ > **name**'
+ parameters:
+ - name: workgroupId
+ in: path
+ description: ID of the Governance Group.
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: List of identities to be added to a Governance Group members list.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/BulkWorkgroupMembersRequest.yaml
+ responses:
+ '207':
+ description: List of added and not added identities into Governance Group members
+ list.
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupMemberBulkAddResponse.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/workgroups/bulk-delete-workgroup-members.yaml b/static/api-specs/idn/v2024/paths/workgroups/bulk-delete-workgroup-members.yaml
new file mode 100644
index 000000000..a2293e581
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/bulk-delete-workgroup-members.yaml
@@ -0,0 +1,58 @@
+post:
+ operationId: deleteWorkgroupMembers
+ security:
+ - UserContextAuth:
+ - idn:workgroup:write
+ tags:
+ - Governance Groups
+ summary: Remove members from Governance Group
+ description: 'This API removes one or more members from a Governance Group. A
+ token with API, ORG_ADMIN authority is required to call this API.
+
+
+ > **Following field of Identity is an optional field in the request.**
+
+
+ > **name**'
+ parameters:
+ - name: workgroupId
+ in: path
+ description: ID of the Governance Group.
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ description: List of identities to be removed from a Governance Group members
+ list.
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/BulkWorkgroupMembersRequest.yaml
+ responses:
+ '207':
+ description: List of deleted and not deleted identities from Governance Group
+ members list.
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupMemberBulkDeleteResponse.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
diff --git a/static/api-specs/idn/v2024/paths/workgroups/connections.yaml b/static/api-specs/idn/v2024/paths/workgroups/connections.yaml
new file mode 100644
index 000000000..1d9ff2420
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/connections.yaml
@@ -0,0 +1,59 @@
+get:
+ operationId: listConnections
+ tags:
+ - Governance Groups
+ summary: List connections for Governance Group
+ description: This API returns list of connections associated with a Governance Group.
+ parameters:
+ - name: workgroupId
+ in: path
+ description: ID of the Governance Group.
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - $ref: ../../../v3/parameters/offset.yaml
+ - $ref: ../../../v3/parameters/limit50.yaml
+ - $ref: ../../../v3/parameters/count.yaml
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, created, modified**'
+ example: name,-modified
+ required: false
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List all connections associated with a Governance Group.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupConnectionDto.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:read
diff --git a/static/api-specs/idn/v2024/paths/workgroups/workgroup-members.yaml b/static/api-specs/idn/v2024/paths/workgroups/workgroup-members.yaml
new file mode 100644
index 000000000..cb7ea1c32
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/workgroup-members.yaml
@@ -0,0 +1,79 @@
+get:
+ operationId: listWorkgroupMembers
+ tags:
+ - Governance Groups
+ summary: List Governance Group Members
+ description: This API returns list of members associated with a Governance Group.
+ parameters:
+ - name: workgroupId
+ in: path
+ description: ID of the Governance Group.
+ required: true
+ schema:
+ type: string
+ example: 2c91808a7813090a017814121919ecca
+ - $ref: ../../../v3/parameters/offset.yaml
+ - $ref: ../../../v3/parameters/limit50.yaml
+ - $ref: ../../../v3/parameters/count.yaml
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, created, modified**'
+ example: name,-modified
+ required: false
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List all members associated with a Governance Group.
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ type: object
+ description: Identity of workgroup member.
+ properties:
+ type:
+ type: string
+ description: Workgroup member identity DTO type.
+ enum:
+ - IDENTITY
+ example: IDENTITY
+ id:
+ type: string
+ description: Workgroup member identity ID.
+ example: 2c7180a46faadee4016fb4e018c20642
+ name:
+ type: string
+ description: Workgroup member identity display name.
+ example: Michael Michaels
+ email:
+ type: string
+ description: Workgroup member identity email.
+ example: michael.michaels@sailpoint.com
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:read
diff --git a/static/api-specs/idn/v2024/paths/workgroups/workgroup.yaml b/static/api-specs/idn/v2024/paths/workgroups/workgroup.yaml
new file mode 100644
index 000000000..d8664808b
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/workgroup.yaml
@@ -0,0 +1,138 @@
+get:
+ operationId: getWorkgroup
+ tags:
+ - Governance Groups
+ summary: Get Governance Group by Id
+ description: This API returns a Governance Groups by its ID.
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: ID of the Governance Group
+ example: 2c9180837ca6693d017ca8d097500149
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: A Governance Group
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupDto.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:read
+delete:
+ operationId: deleteWorkgroup
+ tags:
+ - Governance Groups
+ summary: Delete a Governance Group
+ description: This API deletes a Governance Group by its ID.
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: ID of the Governance Group
+ example: 2c9180837ca6693d017ca8d097500149
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '204':
+ $ref: ../../../v3/responses/204.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:write
+patch:
+ operationId: patchWorkgroup
+ tags:
+ - Governance Groups
+ summary: Patch a Governance Group
+ description: "This API updates an existing governance group by ID. \nThe following\
+ \ fields and objects are patchable:\n * name\n * description\n * owner\n\n\
+ A token with API or ORG_ADMIN authority is required to call this API."
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ description: ID of the Governance Group
+ example: 2c9180837ca6693d017ca8d097500149
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ requestBody:
+ content:
+ application/json-patch+json:
+ schema:
+ type: array
+ items:
+ $ref: ../../../beta/schemas/JsonPatchOperation.yaml
+ examples:
+ Replace Description:
+ description: Replace description of a Governance Group.
+ value:
+ - op: replace
+ path: /description
+ value: Governance Group new description.
+ responses:
+ '200':
+ description: A Governance Group.
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupDto.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:write
diff --git a/static/api-specs/idn/v2024/paths/workgroups/workgroups-bulk-delete.yaml b/static/api-specs/idn/v2024/paths/workgroups/workgroups-bulk-delete.yaml
new file mode 100644
index 000000000..d099343dc
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/workgroups-bulk-delete.yaml
@@ -0,0 +1,60 @@
+post:
+ operationId: deleteWorkgroupsInBulk
+ summary: Delete Governance Group(s)
+ tags:
+ - Governance Groups
+ description: "\nThis API initiates a bulk deletion of one or more Governance Groups.\n\
+ \n> If any of the indicated Governance Groups have one or more connections associated\
+ \ with it,then those Governance Groups will be added in **inUse** list of the\
+ \ response. Governance Group(s) marked as **inUse** can not be deleted.\n\n> \
+ \ If any of the indicated Governance Groups is not does not exists in Organization,then\
+ \ those Governance Groups will be added in **notFound** list of the response.\
+ \ Governance Groups marked as **notFound** will not be deleted.\n\n> If any of\
+ \ the indicated Governance Groups does not have any connections associated with\
+ \ it,then those Governance Groups will be added in **deleted** list of the response.\
+ \ A Governance Group marked as **deleted** will be deleted from current Organization.\n\
+ \n> If the request contains any **inUse** or **notFound** Governance Group IDs\
+ \ then it skips only these Governance Groups for deletion and deletes the rest\
+ \ of Governance Groups which have no connections associated with it. \n\n> **This\
+ \ API has limit number of Governance Groups can be deleted at one time. If the\
+ \ request contains more then 100 Governance Groups IDs to be deleted then the\
+ \ API will throw an exception.**"
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupBulkDeleteRequest.yaml
+ example:
+ ids:
+ - 567a697e-885b-495a-afc5-d55e1c23a302
+ - c7b0f7b2-1e78-4063-b294-a555333dacd2
+ responses:
+ '207':
+ description: Governance Group bulk delete response.
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupBulkDeleteResponse.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:write
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
diff --git a/static/api-specs/idn/v2024/paths/workgroups/workgroups.yaml b/static/api-specs/idn/v2024/paths/workgroups/workgroups.yaml
new file mode 100644
index 000000000..81fe71e19
--- /dev/null
+++ b/static/api-specs/idn/v2024/paths/workgroups/workgroups.yaml
@@ -0,0 +1,114 @@
+get:
+ operationId: listWorkgroups
+ tags:
+ - Governance Groups
+ summary: List Governance Groups
+ description: This API returns list of Governance Groups
+ parameters:
+ - $ref: ../../../v3/parameters/offset.yaml
+ - $ref: ../../../v3/parameters/limit50.yaml
+ - $ref: ../../../v3/parameters/count.yaml
+ - in: query
+ name: filters
+ schema:
+ type: string
+ description: 'Filter results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)
+
+
+ Filtering is supported for the following fields and operators:
+
+
+ **id**: *eq, in, sw*
+
+
+ **name**: *eq, sw, in*
+
+
+ **memberships.identityId**: *eq, in*'
+ example: name sw "Test"
+ required: false
+ - in: query
+ name: sorters
+ schema:
+ type: string
+ format: comma-separated
+ description: 'Sort results using the standard syntax described in [V3 API Standard
+ Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)
+
+
+ Sorting is supported for the following fields: **name, created, modified, id,
+ description**'
+ example: name,-modified
+ required: false
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true
+ responses:
+ '200':
+ description: List of Governance Groups
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupDto.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ security:
+ - UserContextAuth:
+ - idn:workgroup:read
+post:
+ operationId: createWorkgroup
+ security:
+ - UserContextAuth:
+ - idn:workgroup:write
+ tags:
+ - Governance Groups
+ summary: Create a new Governance Group.
+ description: This API creates a new Governance Group.
+ requestBody:
+ required: true
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupDto.yaml
+ responses:
+ '200':
+ description: Governance Group object created.
+ content:
+ application/json:
+ schema:
+ $ref: ../../../beta/schemas/workgroups/WorkgroupDto.yaml
+ '400':
+ $ref: ../../../v3/responses/400.yaml
+ '401':
+ $ref: ../../../v3/responses/401.yaml
+ '403':
+ $ref: ../../../v3/responses/403.yaml
+ '429':
+ $ref: ../../../v3/responses/429.yaml
+ '500':
+ $ref: ../../../v3/responses/500.yaml
+ parameters:
+ - name: X-SailPoint-Experimental
+ in: header
+ description: Use this header to enable this experimental API.
+ example: true
+ schema:
+ type: string
+ default: true
+ required: true