LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-08 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update to python SDK docs: 14455009748

Browse Source
This commit is contained in:
developer-relations-sp
2025-04-14 20:23:46 +00:00
parent 5111ee7368
commit 59a220c8cd
90 changed files with 12638 additions and 7669 deletions
Download Patch File Download Diff File Expand all files Collapse all files

131
docs/tools/sdk/python/Reference/Beta/Methods/AccessRequestsApi.md
View File

@@ -197,6 +197,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -207,6 +208,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/beta/create-access-request)
@@ -247,7 +249,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
access_request = '''{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -308,6 +310,133 @@ with ApiClient(configuration) as api_client:
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}''' # AccessRequest |

220
docs/tools/sdk/python/Reference/Beta/Methods/WorkflowsApi.md
View File

@@ -31,9 +31,9 @@ Method | HTTP request | Description
[**patch-workflow**](#patch-workflow) | **PATCH** `/workflows/{id}` | Patch Workflow
[**post-external-execute-workflow**](#post-external-execute-workflow) | **POST** `/workflows/execute/external/{id}` | Execute Workflow via External Trigger
[**post-workflow-external-trigger**](#post-workflow-external-trigger) | **POST** `/workflows/{id}/external/oauth-clients` | Generate External Trigger OAuth Client
[**put-workflow**](#put-workflow) | **PUT** `/workflows/{id}` | Update Workflow
[**test-external-execute-workflow**](#test-external-execute-workflow) | **POST** `/workflows/execute/external/{id}/test` | Test Workflow via External Trigger
[**test-workflow**](#test-workflow) | **POST** `/workflows/{id}/test` | Test Workflow By Id
[**update-workflow**](#update-workflow) | **PUT** `/workflows/{id}` | Update Workflow
## cancel-workflow-execution
@@ -217,6 +217,7 @@ Get a single workflow by id.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | id | **str** | True | Id of the workflow
Query | workflow_metrics | **bool** | (optional) (default to True) | disable workflow metrics
### Return type
[**Workflow**](../models/workflow)
@@ -247,13 +248,14 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'c17bea3a-574d-453c-9e04-4365fbf5af0b' # str | Id of the workflow # str | Id of the workflow
workflow_metrics = True # bool | disable workflow metrics (optional) (default to True) # bool | disable workflow metrics (optional) (default to True)
try:
# Get Workflow By Id
results = WorkflowsApi(api_client).get_workflow(id=id)
# Below is a request that includes all optional parameters
# results = WorkflowsApi(api_client).get_workflow(id)
# results = WorkflowsApi(api_client).get_workflow(id, workflow_metrics)
print("The response of WorkflowsApi->get_workflow:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
@@ -709,7 +711,13 @@ List all workflows in the tenant.
[API Spec](https://developer.sailpoint.com/docs/api/beta/list-workflows)
### Parameters
This endpoint does not need any parameter.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | limit | **int** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | offset | **int** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | trigger_id | **str** | (optional) | Trigger ID
Query | connector_instance_id | **str** | (optional) | Connector Instance ID
### Return type
[**List[Workflow]**](../models/workflow)
@@ -739,13 +747,17 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
trigger_id = 'idn:identity-created' # str | Trigger ID (optional) # str | Trigger ID (optional)
connector_instance_id = '28541fec-bb81-4ad4-88ef-0f7d213adcad' # str | Connector Instance ID (optional) # str | Connector Instance ID (optional)
try:
# List Workflows
results = WorkflowsApi(api_client).list_workflows()
# Below is a request that includes all optional parameters
# results = WorkflowsApi(api_client).list_workflows()
# results = WorkflowsApi(api_client).list_workflows(limit, offset, trigger_id, connector_instance_id)
print("The response of WorkflowsApi->list_workflows:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
@@ -935,6 +947,106 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## put-workflow
Update Workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/put-workflow)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | id | **str** | True | Id of the Workflow
Body | workflow_body | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | The Workflow object | Workflow | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```python
from sailpoint.beta.api.workflows_api import WorkflowsApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.workflow import Workflow
from sailpoint.beta.models.workflow_body import WorkflowBody
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'c17bea3a-574d-453c-9e04-4365fbf5af0b' # str | Id of the Workflow # str | Id of the Workflow
workflow_body = '''{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"formDefinitionId" : "Admin_Access_Request_Form",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}''' # WorkflowBody |
try:
# Update Workflow
new_workflow_body = WorkflowBody.from_json(workflow_body)
results = WorkflowsApi(api_client).put_workflow(id=id, workflow_body=new_workflow_body)
# Below is a request that includes all optional parameters
# results = WorkflowsApi(api_client).put_workflow(id, new_workflow_body)
print("The response of WorkflowsApi->put_workflow:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling WorkflowsApi->put_workflow: %s\n" % e)
```
[[Back to top]](#)
## test-external-execute-workflow
@@ -1059,106 +1171,6 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## update-workflow
Update Workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/update-workflow)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | id | **str** | True | Id of the Workflow
Body | workflow_body | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | The Workflow object | Workflow | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```python
from sailpoint.beta.api.workflows_api import WorkflowsApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.workflow import Workflow
from sailpoint.beta.models.workflow_body import WorkflowBody
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'c17bea3a-574d-453c-9e04-4365fbf5af0b' # str | Id of the Workflow # str | Id of the Workflow
workflow_body = '''{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"formDefinitionId" : "Admin_Access_Request_Form",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}''' # WorkflowBody |
try:
# Update Workflow
new_workflow_body = WorkflowBody.from_json(workflow_body)
results = WorkflowsApi(api_client).update_workflow(id=id, workflow_body=new_workflow_body)
# Below is a request that includes all optional parameters
# results = WorkflowsApi(api_client).update_workflow(id, new_workflow_body)
print("The response of WorkflowsApi->update_workflow:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling WorkflowsApi->update_workflow: %s\n" % e)
```
[[Back to top]](#)

30
docs/tools/sdk/python/Reference/Beta/Models/AccessRequest.md
View File

@@ -20,6 +20,7 @@ Name | Type | Description | Notes
**request_type** | [**AccessRequestType**](access-request-type) | | [optional]
**requested_items** | [**[]AccessRequestItem**](access-request-item) | | [required]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**requested_for_with_requested_items** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
}
## Example
@@ -28,9 +29,7 @@ Name | Type | Description | Notes
from sailpoint.beta.models.access_request import AccessRequest
access_request = AccessRequest(
requested_for=[
'2c918084660f45d6016617daa9210584'
],
requested_for=2c918084660f45d6016617daa9210584,
request_type='GRANT_ACCESS',
requested_items=[
sailpoint.beta.models.access_request_item.AccessRequestItem(
@@ -42,7 +41,30 @@ requested_items=[
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN', )
],
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app},
requested_for_with_requested_items=[
sailpoint.beta.models.requested_for_dto_ref.RequestedForDtoRef(
identity_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
requested_items = [
sailpoint.beta.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.beta.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.beta.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
], )
]
)
```

35
docs/tools/sdk/python/Reference/Beta/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: beta-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountItemRef', 'BetaAccountItemRef']
slug: /tools/sdk/python/beta/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'BetaAccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**account_uuid** | **str** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**native_identity** | **str** | The 'distinguishedName' attribute for the account | [optional]
}
## Example
```python
from sailpoint.beta.models.account_item_ref import AccountItemRef
account_item_ref = AccountItemRef(
account_uuid='{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity='CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local'
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/Beta/Models/AccountUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.beta.models.account_usage import AccountUsage
account_usage = AccountUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10
)

2
docs/tools/sdk/python/Reference/Beta/Models/AttributeDefinitionType.md
View File

@@ -23,5 +23,7 @@ The underlying type of the value which an AttributeDefinition represents.
* `BOOLEAN` (value: `'BOOLEAN'`)
* `DATE` (value: `'DATE'`)
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/Beta/Models/ModelSchema.md
View File

@@ -22,7 +22,7 @@ Name | Type | Description | Notes
**identity_attribute** | **str** | The name of the attribute used to calculate the unique identifier for an object in the schema. | [optional]
**display_attribute** | **str** | The name of the attribute used to calculate the display value for an object in the schema. | [optional]
**hierarchy_attribute** | **str** | The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. | [optional]
**include_permissions** | **bool** | Flag indicating whether or not the include permissions with the object data when aggregating the schema. | [optional]
**include_permissions** | **bool** | Flag indicating whether or not the include permissions with the object data when aggregating the schema. | [optional] [default to False]
**features** | **[]str** | Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. * AUTHENTICATE: The source supports pass-through authentication. * COMPOSITE: The source supports composite source creation. * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. * ENABLE The source supports reading if an account is enabled or disabled. * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. * SEARCH * TEMPLATE * UNLOCK: The source supports reading if an account is locked or unlocked. * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. * SYNC_PROVISIONING: The source can provision accounts synchronously. * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. * CURRENT_PASSWORD: Some source types support verification of the current password * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. * NO_AGGREGATION: A source that does not support aggregation. * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM | [optional]
**configuration** | **object** | Holds any extra configuration data that the schema may require. | [optional]
**attributes** | [**[]AttributeDefinition**](attribute-definition) | The attribute definitions which form the schema. | [optional]

4
docs/tools/sdk/python/Reference/Beta/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -56,8 +56,8 @@ data={description=Auditing},
approval_status='APPROVED',
comment='approved',
completion_date='2020-03-24T11:11:41.139-05:00',
start_date='Tue Mar 24 00:00:00 UTC 2020',
end_date='Thu Mar 25 00:00:00 UTC 2021',
start_date='Mon Mar 23 20:00:00 EDT 2020',
end_date='Wed Mar 24 20:00:00 EDT 2021',
modified='2020-03-24T11:11:41.139-05:00',
created='2020-03-24T11:11:41.139-05:00'
)

53
docs/tools/sdk/python/Reference/Beta/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,53 @@
---
id: beta-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedForDtoRef', 'BetaRequestedForDtoRef']
slug: /tools/sdk/python/beta/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'BetaRequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identity_id** | **str** | The identity id for which the access is requested | [required]
**requested_items** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
}
## Example
```python
from sailpoint.beta.models.requested_for_dto_ref import RequestedForDtoRef
requested_for_dto_ref = RequestedForDtoRef(
identity_id='cb89bc2f1ee6445fbea12224c526ba3a',
requested_items=[
sailpoint.beta.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.beta.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.beta.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
]
)
```
[[Back to top]](#)

55
docs/tools/sdk/python/Reference/Beta/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,55 @@
---
id: beta-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedItemDtoRef', 'BetaRequestedItemDtoRef']
slug: /tools/sdk/python/beta/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'BetaRequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [required]
**id** | **str** | ID of Role, Access Profile or Entitlement being requested. | [required]
**comment** | **str** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**remove_date** | **datetime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**assignment_id** | **str** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**native_identity** | **str** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**account_selection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
}
## Example
```python
from sailpoint.beta.models.requested_item_dto_ref import RequestedItemDtoRef
requested_item_dto_ref = RequestedItemDtoRef(
type='ACCESS_PROFILE',
id='2c9180835d2e5168015d32f890ca1581',
comment='Requesting access profile for John Doe',
client_metadata={requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date='2020-07-11T21:23:15Z',
assignment_id='ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity='CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection=[
sailpoint.beta.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.beta.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
]
)
```
[[Back to top]](#)

39
docs/tools/sdk/python/Reference/Beta/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: beta-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SourceItemRef', 'BetaSourceItemRef']
slug: /tools/sdk/python/beta/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'BetaSourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**source_id** | **str** | The id for the source on which account selections are made | [optional]
**accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
}
## Example
```python
from sailpoint.beta.models.source_item_ref import SourceItemRef
source_item_ref = SourceItemRef(
source_id='cb89bc2f1ee6445fbea12224c526ba3a',
accounts=[
sailpoint.beta.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/Beta/Models/SourceUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.beta.models.source_usage import SourceUsage
source_usage = SourceUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10.45
)

257
docs/tools/sdk/python/Reference/V2024/Methods/AccessRequestsApi.md
View File

@@ -38,6 +38,7 @@ Method | HTTP request | Description
[**get-access-request-config**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**list-access-request-status**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**list-administrators-access-request-status**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**load-account-selections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**set-access-request-config**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -339,6 +340,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -349,6 +351,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/create-access-request)
@@ -389,7 +392,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
access_request = '''{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -450,6 +453,133 @@ with ApiClient(configuration) as api_client:
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}''' # AccessRequest |
@@ -678,6 +808,131 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## load-account-selections
Get accounts selections for identity
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | accounts_selection_request | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Accounts Selection Response | AccountsSelectionResponse | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.access_requests_api import AccessRequestsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.accounts_selection_request import AccountsSelectionRequest
from sailpoint.v2024.models.accounts_selection_response import AccountsSelectionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
accounts_selection_request = '''{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}''' # AccountsSelectionRequest |
try:
# Get accounts selections for identity
new_accounts_selection_request = AccountsSelectionRequest.from_json(accounts_selection_request)
results = AccessRequestsApi(api_client).load_account_selections(accounts_selection_request=new_accounts_selection_request)
# Below is a request that includes all optional parameters
# results = AccessRequestsApi(api_client).load_account_selections(new_accounts_selection_request)
print("The response of AccessRequestsApi->load_account_selections:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccessRequestsApi->load_account_selections: %s\n" % e)
```
[[Back to top]](#)
## set-access-request-config

2
docs/tools/sdk/python/Reference/V2024/Methods/ConfigurationHubApi.md
View File

@@ -301,7 +301,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
scheduled_action_payload = '''{
"cronString" : "0 0 12 * * ?",
"cronString" : "0 0 12 * * * *",
"timeZoneId" : "America/Chicago",
"startTime" : "2024-08-16T14:16:58.389Z",
"jobType" : "BACKUP",

352
docs/tools/sdk/python/Reference/V2024/Methods/GlobalTenantSecuritySettingsApi.md
View File

@@ -19,8 +19,14 @@ All URIs are relative to *https://sailpoint.api.identitynow.com/v2024*
Method | HTTP request | Description
------------- | ------------- | -------------
[**create-auth-org-network-config**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**get-auth-org-lockout-config**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**get-auth-org-network-config**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**get-auth-org-service-provider-config**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**get-auth-org-session-config**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**patch-auth-org-lockout-config**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**patch-auth-org-network-config**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**patch-auth-org-service-provider-config**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**patch-auth-org-session-config**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
@@ -84,6 +90,61 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## get-auth-org-lockout-config
Get Auth Org Lockout Configuration.
This API returns the details of an org's lockout auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-lockout-config)
### Parameters
This endpoint does not need any parameter.
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Lockout configuration for the tenant's auth org. | LockoutConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.lockout_configuration import LockoutConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get Auth Org Lockout Configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_lockout_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_lockout_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_lockout_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_lockout_config: %s\n" % e)
```
[[Back to top]](#)
## get-auth-org-network-config
@@ -139,6 +200,177 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## get-auth-org-service-provider-config
Get Service Provider Configuration.
This API returns the details of an org's service provider auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-service-provider-config)
### Parameters
This endpoint does not need any parameter.
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.service_provider_configuration import ServiceProviderConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get Service Provider Configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_service_provider_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_service_provider_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_service_provider_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_service_provider_config: %s\n" % e)
```
[[Back to top]](#)
## get-auth-org-session-config
Get Auth Org Session Configuration.
This API returns the details of an org's session auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-session-config)
### Parameters
This endpoint does not need any parameter.
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Session configuration for the tenant's auth org. | SessionConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.session_configuration import SessionConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get Auth Org Session Configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_session_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_session_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_session_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_session_config: %s\n" % e)
```
[[Back to top]](#)
## patch-auth-org-lockout-config
Update Auth Org Lockout Configuration
This API updates an existing lockout configuration for an org using PATCH
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | json_patch_operation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Updated Auth Org lockout configuration. | LockoutConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2024.models.lockout_configuration import LockoutConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/maximumAttempts, value=7,}, {op=add, path=/lockoutDuration, value=35}]''' # List[JsonPatchOperation] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
try:
# Update Auth Org Lockout Configuration
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_lockout_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_lockout_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_lockout_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_lockout_config: %s\n" % e)
```
[[Back to top]](#)
## patch-auth-org-network-config
@@ -200,6 +432,126 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## patch-auth-org-service-provider-config
Update Service Provider Configuration
This API updates an existing service provider configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | json_patch_operation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2024.models.service_provider_configuration import ServiceProviderConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/enabled, value=true,}, {op=add, path=/federationProtocolDetails/0/jitConfiguration, value={enabled=true, sourceId=2c9180857377ed2901739c12a2da5ac8, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email, employeeNumber=okta.employeeNumber}}}]''' # List[JsonPatchOperation] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
try:
# Update Service Provider Configuration
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_service_provider_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_service_provider_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_service_provider_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_service_provider_config: %s\n" % e)
```
[[Back to top]](#)
## patch-auth-org-session-config
Update Auth Org Session Configuration
This API updates an existing session configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | json_patch_operation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Updated Auth Org session configuration. | SessionConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```python
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2024.models.session_configuration import SessionConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/rememberMe, value=true,}, {op=add, path=/maxSessionTime, value=480}]''' # List[JsonPatchOperation] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
try:
# Update Auth Org Session Configuration
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_session_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_session_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_session_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_session_config: %s\n" % e)
```
[[Back to top]](#)

30
docs/tools/sdk/python/Reference/V2024/Models/AccessRequest.md
View File

@@ -20,6 +20,7 @@ Name | Type | Description | Notes
**request_type** | [**AccessRequestType**](access-request-type) | | [optional]
**requested_items** | [**[]AccessRequestItem**](access-request-item) | | [required]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**requested_for_with_requested_items** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
}
## Example
@@ -28,9 +29,7 @@ Name | Type | Description | Notes
from sailpoint.v2024.models.access_request import AccessRequest
access_request = AccessRequest(
requested_for=[
'2c918084660f45d6016617daa9210584'
],
requested_for=2c918084660f45d6016617daa9210584,
request_type='GRANT_ACCESS',
requested_items=[
sailpoint.v2024.models.access_request_item.AccessRequestItem(
@@ -42,7 +41,30 @@ requested_items=[
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN', )
],
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app},
requested_for_with_requested_items=[
sailpoint.v2024.models.requested_for_dto_ref.RequestedForDtoRef(
identity_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
requested_items = [
sailpoint.v2024.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.v2024.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v2024.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
], )
]
)
```

41
docs/tools/sdk/python/Reference/V2024/Models/AccountInfoRef.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-account-info-ref
title: AccountInfoRef
pagination_label: AccountInfoRef
sidebar_label: AccountInfoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountInfoRef', 'V2024AccountInfoRef']
slug: /tools/sdk/python/v2024/models/account-info-ref
tags: ['SDK', 'Software Development Kit', 'AccountInfoRef', 'V2024AccountInfoRef']
---
# AccountInfoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**uuid** | **str** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**native_identity** | **str** | The 'distinguishedName' attribute for the account | [optional]
**type** | [**DtoType**](dto-type) | | [optional]
**id** | **str** | The account id | [optional]
**name** | **str** | The account display name | [optional]
}
## Example
```python
from sailpoint.v2024.models.account_info_ref import AccountInfoRef
account_info_ref = AccountInfoRef(
uuid='{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity='CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
type='IDENTITY',
id='f19d168c27374fd1aff3b483573f997f',
name='UserAccount.761a2248b'
)
```
[[Back to top]](#)

35
docs/tools/sdk/python/Reference/V2024/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2024-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountItemRef', 'V2024AccountItemRef']
slug: /tools/sdk/python/v2024/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'V2024AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**account_uuid** | **str** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**native_identity** | **str** | The 'distinguishedName' attribute for the account | [optional]
}
## Example
```python
from sailpoint.v2024.models.account_item_ref import AccountItemRef
account_item_ref = AccountItemRef(
account_uuid='{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity='CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local'
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2024/Models/AccountUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.v2024.models.account_usage import AccountUsage
account_usage = AccountUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10
)

48
docs/tools/sdk/python/Reference/V2024/Models/AccountsSelectionRequest.md Normal file
View File

@@ -0,0 +1,48 @@
---
id: v2024-accounts-selection-request
title: AccountsSelectionRequest
pagination_label: AccountsSelectionRequest
sidebar_label: AccountsSelectionRequest
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountsSelectionRequest', 'V2024AccountsSelectionRequest']
slug: /tools/sdk/python/v2024/models/accounts-selection-request
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionRequest', 'V2024AccountsSelectionRequest']
---
# AccountsSelectionRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**requested_for** | **[]str** | A list of Identity IDs for whom the Access is requested. | [required]
**request_type** | [**AccessRequestType**](access-request-type) | | [optional]
**requested_items** | [**[]AccessRequestItem**](access-request-item) | | [required]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
}
## Example
```python
from sailpoint.v2024.models.accounts_selection_request import AccountsSelectionRequest
accounts_selection_request = AccountsSelectionRequest(
requested_for=2c918084660f45d6016617daa9210584,
request_type='GRANT_ACCESS',
requested_items=[
sailpoint.v2024.models.access_request_item.AccessRequestItem(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN', )
],
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
)
```
[[Back to top]](#)

61
docs/tools/sdk/python/Reference/V2024/Models/AccountsSelectionResponse.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: v2024-accounts-selection-response
title: AccountsSelectionResponse
pagination_label: AccountsSelectionResponse
sidebar_label: AccountsSelectionResponse
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountsSelectionResponse', 'V2024AccountsSelectionResponse']
slug: /tools/sdk/python/v2024/models/accounts-selection-response
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionResponse', 'V2024AccountsSelectionResponse']
---
# AccountsSelectionResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identities** | [**[]IdentityAccountSelections**](identity-account-selections) | A list of available account selections per identity in the request, for all the requested items | [optional]
}
## Example
```python
from sailpoint.v2024.models.accounts_selection_response import AccountsSelectionResponse
accounts_selection_response = AccountsSelectionResponse(
identities=[
sailpoint.v2024.models.identity_account_selections.IdentityAccountSelections(
requested_items = [
sailpoint.v2024.models.requested_item_account_selections.RequestedItemAccountSelections(
description = 'An access profile for the admins',
accounts_selection_blocked = False,
accounts_selection_blocked_reason = 'ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT',
type = 'ACCESS_PROFILE',
id = '720fd239701344aea76c93ba91376aec',
name = 'Test Access Profile',
sources = [
sailpoint.v2024.models.source_account_selections.SourceAccountSelections(
type = 'IDENTITY',
id = '3ac3c43785a845fa9820b0c1ac767cd5',
name = 'Test Source_Name',
accounts = [
sailpoint.v2024.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
], )
], )
],
accounts_selection_required = False,
type = 'IDENTITY',
id = '70016590f2df4b879bdb1313a9e4e19e',
name = 'User name', )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2024/Models/AttributeDefinitionType.md
View File

@@ -23,5 +23,7 @@ The underlying type of the value which an AttributeDefinition represents.
* `BOOLEAN` (value: `'BOOLEAN'`)
* `DATE` (value: `'DATE'`)
[[Back to top]](#)

35
docs/tools/sdk/python/Reference/V2024/Models/FederationProtocolDetails.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2024-federation-protocol-details
title: FederationProtocolDetails
pagination_label: FederationProtocolDetails
sidebar_label: FederationProtocolDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'FederationProtocolDetails', 'V2024FederationProtocolDetails']
slug: /tools/sdk/python/v2024/models/federation-protocol-details
tags: ['SDK', 'Software Development Kit', 'FederationProtocolDetails', 'V2024FederationProtocolDetails']
---
# FederationProtocolDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
}
## Example
```python
from sailpoint.v2024.models.federation_protocol_details import FederationProtocolDetails
federation_protocol_details = FederationProtocolDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6'
)
```
[[Back to top]](#)

62
docs/tools/sdk/python/Reference/V2024/Models/IdentityAccountSelections.md Normal file
View File

@@ -0,0 +1,62 @@
---
id: v2024-identity-account-selections
title: IdentityAccountSelections
pagination_label: IdentityAccountSelections
sidebar_label: IdentityAccountSelections
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdentityAccountSelections', 'V2024IdentityAccountSelections']
slug: /tools/sdk/python/v2024/models/identity-account-selections
tags: ['SDK', 'Software Development Kit', 'IdentityAccountSelections', 'V2024IdentityAccountSelections']
---
# IdentityAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**requested_items** | [**[]RequestedItemAccountSelections**](requested-item-account-selections) | Available account selections for the identity, per requested item | [optional]
**accounts_selection_required** | **bool** | A boolean indicating whether any account selections will be required for the user to raise an access request | [optional] [default to False]
**type** | [**DtoType**](dto-type) | | [optional]
**id** | **str** | The identity id for the user | [optional]
**name** | **str** | The name of the identity | [optional]
}
## Example
```python
from sailpoint.v2024.models.identity_account_selections import IdentityAccountSelections
identity_account_selections = IdentityAccountSelections(
requested_items=[
sailpoint.v2024.models.requested_item_account_selections.RequestedItemAccountSelections(
description = 'An access profile for the admins',
accounts_selection_blocked = False,
accounts_selection_blocked_reason = 'ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT',
type = 'ACCESS_PROFILE',
id = '720fd239701344aea76c93ba91376aec',
name = 'Test Access Profile',
sources = [
sailpoint.v2024.models.source_account_selections.SourceAccountSelections(
type = 'IDENTITY',
id = '3ac3c43785a845fa9820b0c1ac767cd5',
name = 'Test Source_Name',
accounts = [
sailpoint.v2024.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
], )
], )
],
accounts_selection_required=False,
type='IDENTITY',
id='70016590f2df4b879bdb1313a9e4e19e',
name='User name'
)
```
[[Back to top]](#)

62
docs/tools/sdk/python/Reference/V2024/Models/IdpDetails.md Normal file
View File

@@ -0,0 +1,62 @@
---
id: v2024-idp-details
title: IdpDetails
pagination_label: IdpDetails
sidebar_label: IdpDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdpDetails', 'V2024IdpDetails']
slug: /tools/sdk/python/v2024/models/idp-details
tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'V2024IdpDetails']
---
# IdpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**binding** | **str** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**authn_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**logout_url** | **str** | The IDP logout URL. Used with IDP configurations. | [optional]
**include_authn_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**name_id** | **str** | The name id format to use. Used with IDP configurations. | [optional]
**jit_configuration** | [**JITConfiguration**](jit-configuration) | | [optional]
**cert** | **str** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**login_url_post** | **str** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**login_url_redirect** | **str** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**certificate_expiration_date** | **str** | The expiration date extracted from the certificate. | [optional]
**certificate_name** | **str** | The name extracted from the certificate. | [optional]
}
## Example
```python
from sailpoint.v2024.models.idp_details import IdpDetails
idp_details = IdpDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
authn_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
logout_url='https://dev-206445.oktapreview.com/login/signout',
include_authn_context=False,
name_id='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
jit_configuration=sailpoint.v2024.models.jit_configuration.JITConfiguration(
enabled = False,
source_id = '2c9180857377ed2901739c12a2da5ac8',
source_attribute_mappings = {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}, ),
cert='-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----',
login_url_post='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
login_url_redirect='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
mapping_attribute='email',
certificate_expiration_date='Fri Mar 08 08:54:24 UTC 2013',
certificate_name='OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL'
)
```
[[Back to top]](#)

37
docs/tools/sdk/python/Reference/V2024/Models/JITConfiguration.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-jit-configuration
title: JITConfiguration
pagination_label: JITConfiguration
sidebar_label: JITConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'JITConfiguration', 'V2024JITConfiguration']
slug: /tools/sdk/python/v2024/models/jit-configuration
tags: ['SDK', 'Software Development Kit', 'JITConfiguration', 'V2024JITConfiguration']
---
# JITConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**enabled** | **bool** | The indicator for just-in-time provisioning enabled | [optional] [default to False]
**source_id** | **str** | the sourceId that mapped to just-in-time provisioning configuration | [optional]
**source_attribute_mappings** | **map[string]str** | A mapping of identity profile attribute names to SAML assertion attribute names | [optional]
}
## Example
```python
from sailpoint.v2024.models.jit_configuration import JITConfiguration
jit_configuration = JITConfiguration(
enabled=False,
source_id='2c9180857377ed2901739c12a2da5ac8',
source_attribute_mappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}
)
```
[[Back to top]](#)

37
docs/tools/sdk/python/Reference/V2024/Models/LockoutConfiguration.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-lockout-configuration
title: LockoutConfiguration
pagination_label: LockoutConfiguration
sidebar_label: LockoutConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'LockoutConfiguration', 'V2024LockoutConfiguration']
slug: /tools/sdk/python/v2024/models/lockout-configuration
tags: ['SDK', 'Software Development Kit', 'LockoutConfiguration', 'V2024LockoutConfiguration']
---
# LockoutConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**maximum_attempts** | **int** | The maximum attempts allowed before lockout occurs. | [optional]
**lockout_duration** | **int** | The total time in minutes a user will be locked out. | [optional]
**lockout_window** | **int** | A rolling window where authentication attempts in a series count towards the maximum before lockout occurs. | [optional]
}
## Example
```python
from sailpoint.v2024.models.lockout_configuration import LockoutConfiguration
lockout_configuration = LockoutConfiguration(
maximum_attempts=5,
lockout_duration=15,
lockout_window=5
)
```
[[Back to top]](#)

4
docs/tools/sdk/python/Reference/V2024/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -56,8 +56,8 @@ data={description=Auditing},
approval_status='APPROVED',
comment='approved',
completion_date='2020-03-24T11:11:41.139-05:00',
start_date='Tue Mar 24 00:00:00 UTC 2020',
end_date='Thu Mar 25 00:00:00 UTC 2021',
start_date='Mon Mar 23 20:00:00 EDT 2020',
end_date='Wed Mar 24 20:00:00 EDT 2021',
modified='2020-03-24T11:11:41.139-05:00',
created='2020-03-24T11:11:41.139-05:00'
)

53
docs/tools/sdk/python/Reference/V2024/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,53 @@
---
id: v2024-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedForDtoRef', 'V2024RequestedForDtoRef']
slug: /tools/sdk/python/v2024/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'V2024RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identity_id** | **str** | The identity id for which the access is requested | [required]
**requested_items** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
}
## Example
```python
from sailpoint.v2024.models.requested_for_dto_ref import RequestedForDtoRef
requested_for_dto_ref = RequestedForDtoRef(
identity_id='cb89bc2f1ee6445fbea12224c526ba3a',
requested_items=[
sailpoint.v2024.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.v2024.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v2024.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
]
)
```
[[Back to top]](#)

57
docs/tools/sdk/python/Reference/V2024/Models/RequestedItemAccountSelections.md Normal file
View File

@@ -0,0 +1,57 @@
---
id: v2024-requested-item-account-selections
title: RequestedItemAccountSelections
pagination_label: RequestedItemAccountSelections
sidebar_label: RequestedItemAccountSelections
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedItemAccountSelections', 'V2024RequestedItemAccountSelections']
slug: /tools/sdk/python/v2024/models/requested-item-account-selections
tags: ['SDK', 'Software Development Kit', 'RequestedItemAccountSelections', 'V2024RequestedItemAccountSelections']
---
# RequestedItemAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**description** | **str** | The description for this requested item | [optional]
**accounts_selection_blocked** | **bool** | This field indicates if account selections are not allowed for this requested item. * If true, this field indicates that account selections will not be available for this item and user combination. In this case, no account selections should be provided in the access request for this item and user combination, irrespective of whether the user has single or multiple accounts on a source. * An example is where a user is requesting an access profile that is already assigned to one of their accounts. | [optional] [default to False]
**accounts_selection_blocked_reason** | **str** | If account selections are not allowed for an item, this field will denote the reason. | [optional]
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [optional]
**id** | **str** | The id of the requested item | [optional]
**name** | **str** | The name of the requested item | [optional]
**sources** | [**[]SourceAccountSelections**](source-account-selections) | The details for the sources and accounts for the requested item and identity combination | [optional]
}
## Example
```python
from sailpoint.v2024.models.requested_item_account_selections import RequestedItemAccountSelections
requested_item_account_selections = RequestedItemAccountSelections(
description='An access profile for the admins',
accounts_selection_blocked=False,
accounts_selection_blocked_reason='ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT',
type='ACCESS_PROFILE',
id='720fd239701344aea76c93ba91376aec',
name='Test Access Profile',
sources=[
sailpoint.v2024.models.source_account_selections.SourceAccountSelections(
type = 'IDENTITY',
id = '3ac3c43785a845fa9820b0c1ac767cd5',
name = 'Test Source_Name',
accounts = [
sailpoint.v2024.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
], )
]
)
```
[[Back to top]](#)

55
docs/tools/sdk/python/Reference/V2024/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,55 @@
---
id: v2024-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedItemDtoRef', 'V2024RequestedItemDtoRef']
slug: /tools/sdk/python/v2024/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'V2024RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [required]
**id** | **str** | ID of Role, Access Profile or Entitlement being requested. | [required]
**comment** | **str** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**remove_date** | **datetime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**assignment_id** | **str** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**native_identity** | **str** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**account_selection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
}
## Example
```python
from sailpoint.v2024.models.requested_item_dto_ref import RequestedItemDtoRef
requested_item_dto_ref = RequestedItemDtoRef(
type='ACCESS_PROFILE',
id='2c9180835d2e5168015d32f890ca1581',
comment='Requesting access profile for John Doe',
client_metadata={requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date='2020-07-11T21:23:15Z',
assignment_id='ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity='CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection=[
sailpoint.v2024.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v2024.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2024/Models/ScheduledActionPayload.md
View File

@@ -31,7 +31,7 @@ from sailpoint.v2024.models.scheduled_action_payload import ScheduledActionPaylo
scheduled_action_payload = ScheduledActionPayload(
job_type='BACKUP',
start_time='2024-08-16T14:16:58.389Z',
cron_string='0 0 12 * * ?',
cron_string='0 0 12 * * * *',
time_zone_id='America/Chicago',
content=sailpoint.v2024.models.scheduled_action_payload_content.ScheduledActionPayload_content(
name = 'Daily Backup',

2
docs/tools/sdk/python/Reference/V2024/Models/ScheduledActionResponse.md
View File

@@ -43,7 +43,7 @@ content=sailpoint.v2024.models.scheduled_action_response_content.ScheduledAction
source_tenant = 'tenant-name',
draft_id = '9012b87d-48ca-439a-868f-2160001da8c3', ),
start_time='2021-05-12T10:00Z',
cron_string='0 0 12 * * ?',
cron_string='0 0 12 * * * *',
time_zone_id='America/Chicago'
)

40
docs/tools/sdk/python/Reference/V2024/Models/ServiceProviderConfiguration.md Normal file
View File

@@ -0,0 +1,40 @@
---
id: v2024-service-provider-configuration
title: ServiceProviderConfiguration
pagination_label: ServiceProviderConfiguration
sidebar_label: ServiceProviderConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'ServiceProviderConfiguration', 'V2024ServiceProviderConfiguration']
slug: /tools/sdk/python/v2024/models/service-provider-configuration
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfiguration', 'V2024ServiceProviderConfiguration']
---
# ServiceProviderConfiguration
Represents the IdentityNow as Service Provider Configuration allowing customers to log into IDN via an Identity Provider
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**enabled** | **bool** | This determines whether or not the SAML authentication flow is enabled for an org | [optional] [default to False]
**bypass_idp** | **bool** | This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP. | [optional] [default to False]
**saml_configuration_valid** | **bool** | This indicates whether or not the SAML configuration is valid. | [optional] [default to False]
**federation_protocol_details** | [**[]ServiceProviderConfigurationFederationProtocolDetailsInner**](service-provider-configuration-federation-protocol-details-inner) | A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer's identity provider and a customer's SailPoint instance (i.e., the service provider). | [optional]
}
## Example
```python
from sailpoint.v2024.models.service_provider_configuration import ServiceProviderConfiguration
service_provider_configuration = ServiceProviderConfiguration(
enabled=True,
bypass_idp=True,
saml_configuration_valid=True,
federation_protocol_details=[{role=SAML_IDP, entityId=http://www.okta.com/exktq4o24bmQA4fr60h7, cert=MIIDpDCCAoygAwIBAgIGAYhZ+b29MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0yMDY0NDUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjMwNTI2MjEzMDU5WhcNMzMwNTI2MjEzMTU5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMjA2NDQ1MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvi1+WbF2ceGlLCrLl5PrG1lpj04IsrHX6OE666ObC2WFh+Nxvpxy+Vmzon9c9+akhK3bTv+9ifEoVc6tA1qWuCfXISAn9g81JqI68I1PGUbe6eF8pmOA18rjOrt7x94k4QukpR3+I8DfPJ+TynatltB51laLb8H4jchMafA4rDTjV/ZiYPxV0LMEIbprVyGuvBEhiEWha3wwVdDuJq996okX36YNS8PcGH+5CJ8c3YWZp/wrspgJmfCooMXeV+6zBpZfXqPpMWlUo0gcZqDOFgy3r4vkXehJdVYRlInMfDv04Lvy8VI1YAZClG/duO/6o9YVUFLjD9s+mQfhgaF5wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB1CTrA/pTHkarbhMHsdSFAjVoYWwdAfrssG99rIjwwr/CW9tavTC3keaoUmUeddcnLY4V/TfL07+xgQGHCBR88cnzG9h6rC9qWxt6C3nug3YDVQfkdCDgnW9A8QEvLeq/KVLoRccpJNEENb2Y5ESUXHi1+PtjkFBtvfSgZ4eEhVggirL0bJdWVm700hCnjb2iCGSbSX7WflfPi0GSmjht983caG9OwZDnDzNFt8qGWCxo4bNSThT00JnWEN/6f1BWNOt9YDrxqEyNclqhLL+RDqFsPBFIrQlsoXzqpWqCL8oS9UMNxbGATK2v3d5ueE9+SswBAFBhirCuqZw19Ri2W, loginUrlPost=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, loginUrlRedirect=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, logoutUrl=https://dev-206445.oktapreview.com/login/signout, nameId=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, authnContext=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, includeAuthnContext=true, mappingAttribute=email, jitConfiguration={enabled=true, sourceId=2c9180897427f3a501745042afc83144, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}}, certificateExpirationDate=Thu May 26 21:31:59 GMT 2033, certificateName=EMAILADDRESS=info@okta.com, CN=dev-206445, OU=SSOProvider, O=Okta, L=San Francisco, ST=California, C=US}, {role=SAML_SP, entityId=https://acme.identitysoon.com/sp, alias=acme-sp, callbackUrl=https://acme.test-login.sailpoint.com/saml/SSO/alias/acme-sp, legacyAcsUrl=https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp}]
)
```
[[Back to top]](#)

68
docs/tools/sdk/python/Reference/V2024/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md Normal file
View File

@@ -0,0 +1,68 @@
---
id: v2024-service-provider-configuration-federation-protocol-details-inner
title: ServiceProviderConfigurationFederationProtocolDetailsInner
pagination_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2024ServiceProviderConfigurationFederationProtocolDetailsInner']
slug: /tools/sdk/python/v2024/models/service-provider-configuration-federation-protocol-details-inner
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2024ServiceProviderConfigurationFederationProtocolDetailsInner']
---
# ServiceProviderConfigurationFederationProtocolDetailsInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**binding** | **str** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**authn_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**logout_url** | **str** | The IDP logout URL. Used with IDP configurations. | [optional]
**include_authn_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**name_id** | **str** | The name id format to use. Used with IDP configurations. | [optional]
**jit_configuration** | [**JITConfiguration**](jit-configuration) | | [optional]
**cert** | **str** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**login_url_post** | **str** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**login_url_redirect** | **str** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**certificate_expiration_date** | **str** | The expiration date extracted from the certificate. | [optional]
**certificate_name** | **str** | The name extracted from the certificate. | [optional]
**alias** | **str** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**legacy_acs_url** | **str** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
}
## Example
```python
from sailpoint.v2024.models.service_provider_configuration_federation_protocol_details_inner import ServiceProviderConfigurationFederationProtocolDetailsInner
service_provider_configuration_federation_protocol_details_inner = ServiceProviderConfigurationFederationProtocolDetailsInner(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
authn_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
logout_url='https://dev-206445.oktapreview.com/login/signout',
include_authn_context=False,
name_id='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
jit_configuration=sailpoint.v2024.models.jit_configuration.JITConfiguration(
enabled = False,
source_id = '2c9180857377ed2901739c12a2da5ac8',
source_attribute_mappings = {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}, ),
cert='-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----',
login_url_post='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
login_url_redirect='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
mapping_attribute='email',
certificate_expiration_date='Fri Mar 08 08:54:24 UTC 2013',
certificate_name='OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL',
alias='acme-sp',
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp',
legacy_acs_url='https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp'
)
```
[[Back to top]](#)

37
docs/tools/sdk/python/Reference/V2024/Models/SessionConfiguration.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-session-configuration
title: SessionConfiguration
pagination_label: SessionConfiguration
sidebar_label: SessionConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SessionConfiguration', 'V2024SessionConfiguration']
slug: /tools/sdk/python/v2024/models/session-configuration
tags: ['SDK', 'Software Development Kit', 'SessionConfiguration', 'V2024SessionConfiguration']
---
# SessionConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**max_idle_time** | **int** | The maximum time in minutes a session can be idle. | [optional]
**remember_me** | **bool** | Denotes if 'remember me' is enabled. | [optional] [default to False]
**max_session_time** | **int** | The maximum allowable session time in minutes. | [optional]
}
## Example
```python
from sailpoint.v2024.models.session_configuration import SessionConfiguration
session_configuration = SessionConfiguration(
max_idle_time=15,
remember_me=True,
max_session_time=45
)
```
[[Back to top]](#)

46
docs/tools/sdk/python/Reference/V2024/Models/SourceAccountSelections.md Normal file
View File

@@ -0,0 +1,46 @@
---
id: v2024-source-account-selections
title: SourceAccountSelections
pagination_label: SourceAccountSelections
sidebar_label: SourceAccountSelections
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SourceAccountSelections', 'V2024SourceAccountSelections']
slug: /tools/sdk/python/v2024/models/source-account-selections
tags: ['SDK', 'Software Development Kit', 'SourceAccountSelections', 'V2024SourceAccountSelections']
---
# SourceAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | [**DtoType**](dto-type) | | [optional]
**id** | **str** | The source id | [optional]
**name** | **str** | The source name | [optional]
**accounts** | [**[]AccountInfoRef**](account-info-ref) | The accounts information for a particular source in the requested item | [optional]
}
## Example
```python
from sailpoint.v2024.models.source_account_selections import SourceAccountSelections
source_account_selections = SourceAccountSelections(
type='IDENTITY',
id='3ac3c43785a845fa9820b0c1ac767cd5',
name='Test Source_Name',
accounts=[
sailpoint.v2024.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
type = 'IDENTITY',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
]
)
```
[[Back to top]](#)

39
docs/tools/sdk/python/Reference/V2024/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SourceItemRef', 'V2024SourceItemRef']
slug: /tools/sdk/python/v2024/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'V2024SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**source_id** | **str** | The id for the source on which account selections are made | [optional]
**accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
}
## Example
```python
from sailpoint.v2024.models.source_item_ref import SourceItemRef
source_item_ref = SourceItemRef(
source_id='cb89bc2f1ee6445fbea12224c526ba3a',
accounts=[
sailpoint.v2024.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2024/Models/SourceUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.v2024.models.source_usage import SourceUsage
source_usage = SourceUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10.45
)

41
docs/tools/sdk/python/Reference/V2024/Models/SpDetails.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-sp-details
title: SpDetails
pagination_label: SpDetails
sidebar_label: SpDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SpDetails', 'V2024SpDetails']
slug: /tools/sdk/python/v2024/models/sp-details
tags: ['SDK', 'Software Development Kit', 'SpDetails', 'V2024SpDetails']
---
# SpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**alias** | **str** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**legacy_acs_url** | **str** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
}
## Example
```python
from sailpoint.v2024.models.sp_details import SpDetails
sp_details = SpDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
alias='acme-sp',
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp',
legacy_acs_url='https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp'
)
```
[[Back to top]](#)

333
docs/tools/sdk/python/Reference/V2025/Methods/AccessRequestsApi.md
View File

@@ -36,8 +36,10 @@ Method | HTTP request | Description
[**close-access-request**](#close-access-request) | **POST** `/access-requests/close` | Close Access Request
[**create-access-request**](#create-access-request) | **POST** `/access-requests` | Submit Access Request
[**get-access-request-config**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**get-entitlement-details-for-identity**](#get-entitlement-details-for-identity) | **GET** `/access-requests/revocable-objects` | Identity Entitlement Details
[**list-access-request-status**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**list-administrators-access-request-status**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**load-account-selections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**set-access-request-config**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -339,6 +341,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -349,6 +352,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-request)
@@ -389,7 +393,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
access_request = '''{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -440,6 +444,133 @@ with ApiClient(configuration) as api_client:
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}''' # AccessRequest |
@@ -511,6 +642,81 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## get-entitlement-details-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
:::tip setting x-sailpoint-experimental header
on the configuration object you can set the `x-sailpoint-experimental` header to `true' to enable all experimantl endpoints within the SDK.
Example:
```python
configuration = Configuration()
configuration.experimental = True
```
:::
Identity Entitlement Details
Use this API to return the details for a entitlement on an identity including specific data relating to remove date and the ability to revoke the identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-details-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| x_sail_point_experimental | **str** | True (default to 'true') | Use this header to enable this experimental API.
Path | identity_id | **str** | True | The identity ID.
Path | entitlement_id | **str** | True | The entitlement ID
### Return type
[**IdentityEntitlementDetails**](../models/identity-entitlement-details)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Entitlement and Account Reference | IdentityEntitlementDetails | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.access_requests_api import AccessRequestsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.identity_entitlement_details import IdentityEntitlementDetails
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
identity_id = '7025c863c2704ba6beeaedf3cb091573' # str | The identity ID. # str | The identity ID.
entitlement_id = 'ef38f94347e94562b5bb8424a56397d8' # str | The entitlement ID # str | The entitlement ID
try:
# Identity Entitlement Details
results = AccessRequestsApi(api_client).get_entitlement_details_for_identity(x_sail_point_experimental=x_sail_point_experimental, identity_id=identity_id, entitlement_id=entitlement_id)
# Below is a request that includes all optional parameters
# results = AccessRequestsApi(api_client).get_entitlement_details_for_identity(x_sail_point_experimental, identity_id, entitlement_id)
print("The response of AccessRequestsApi->get_entitlement_details_for_identity:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccessRequestsApi->get_entitlement_details_for_identity: %s\n" % e)
```
[[Back to top]](#)
## list-access-request-status
@@ -668,6 +874,131 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## load-account-selections
Get accounts selections for identity
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | accounts_selection_request | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Accounts Selection Response | AccountsSelectionResponse | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.access_requests_api import AccessRequestsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.accounts_selection_request import AccountsSelectionRequest
from sailpoint.v2025.models.accounts_selection_response import AccountsSelectionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
accounts_selection_request = '''{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}''' # AccountsSelectionRequest |
try:
# Get accounts selections for identity
new_accounts_selection_request = AccountsSelectionRequest.from_json(accounts_selection_request)
results = AccessRequestsApi(api_client).load_account_selections(accounts_selection_request=new_accounts_selection_request)
# Below is a request that includes all optional parameters
# results = AccessRequestsApi(api_client).load_account_selections(new_accounts_selection_request)
print("The response of AccessRequestsApi->load_account_selections:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccessRequestsApi->load_account_selections: %s\n" % e)
```
[[Back to top]](#)
## set-access-request-config

2
docs/tools/sdk/python/Reference/V2025/Methods/ConfigurationHubApi.md
View File

@@ -301,7 +301,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
scheduled_action_payload = '''{
"cronString" : "0 0 12 * * ?",
"cronString" : "0 0 * * * *",
"timeZoneId" : "America/Chicago",
"startTime" : "2024-08-16T14:16:58.389Z",
"jobType" : "BACKUP",

352
docs/tools/sdk/python/Reference/V2025/Methods/GlobalTenantSecuritySettingsApi.md
View File

@@ -19,8 +19,14 @@ All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**create-auth-org-network-config**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**get-auth-org-lockout-config**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**get-auth-org-network-config**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**get-auth-org-service-provider-config**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**get-auth-org-session-config**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**patch-auth-org-lockout-config**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**patch-auth-org-network-config**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**patch-auth-org-service-provider-config**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**patch-auth-org-session-config**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
@@ -84,6 +90,61 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## get-auth-org-lockout-config
Get Auth Org Lockout Configuration.
This API returns the details of an org's lockout auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-lockout-config)
### Parameters
This endpoint does not need any parameter.
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Lockout configuration for the tenant&#39;s auth org. | LockoutConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.lockout_configuration import LockoutConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get Auth Org Lockout Configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_lockout_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_lockout_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_lockout_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_lockout_config: %s\n" % e)
```
[[Back to top]](#)
## get-auth-org-network-config
@@ -139,6 +200,177 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## get-auth-org-service-provider-config
Get Service Provider Configuration.
This API returns the details of an org's service provider auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-service-provider-config)
### Parameters
This endpoint does not need any parameter.
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.service_provider_configuration import ServiceProviderConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get Service Provider Configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_service_provider_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_service_provider_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_service_provider_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_service_provider_config: %s\n" % e)
```
[[Back to top]](#)
## get-auth-org-session-config
Get Auth Org Session Configuration.
This API returns the details of an org's session auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-session-config)
### Parameters
This endpoint does not need any parameter.
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Session configuration for the tenant&#39;s auth org. | SessionConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.session_configuration import SessionConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get Auth Org Session Configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_session_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_session_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_session_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_session_config: %s\n" % e)
```
[[Back to top]](#)
## patch-auth-org-lockout-config
Update Auth Org Lockout Configuration
This API updates an existing lockout configuration for an org using PATCH
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | json_patch_operation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Updated Auth Org lockout configuration. | LockoutConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2025.models.lockout_configuration import LockoutConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/maximumAttempts, value=7,}, {op=add, path=/lockoutDuration, value=35}]''' # List[JsonPatchOperation] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
try:
# Update Auth Org Lockout Configuration
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_lockout_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_lockout_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_lockout_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_lockout_config: %s\n" % e)
```
[[Back to top]](#)
## patch-auth-org-network-config
@@ -200,6 +432,126 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## patch-auth-org-service-provider-config
Update Service Provider Configuration
This API updates an existing service provider configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | json_patch_operation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2025.models.service_provider_configuration import ServiceProviderConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/enabled, value=true,}, {op=add, path=/federationProtocolDetails/0/jitConfiguration, value={enabled=true, sourceId=2c9180857377ed2901739c12a2da5ac8, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email, employeeNumber=okta.employeeNumber}}}]''' # List[JsonPatchOperation] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
try:
# Update Service Provider Configuration
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_service_provider_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_service_provider_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_service_provider_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_service_provider_config: %s\n" % e)
```
[[Back to top]](#)
## patch-auth-org-session-config
Update Auth Org Session Configuration
This API updates an existing session configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | json_patch_operation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Updated Auth Org session configuration. | SessionConfiguration | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2025.models.session_configuration import SessionConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/rememberMe, value=true,}, {op=add, path=/maxSessionTime, value=480}]''' # List[JsonPatchOperation] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
try:
# Update Auth Org Session Configuration
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_session_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_session_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_session_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_session_config: %s\n" % e)
```
[[Back to top]](#)

30
docs/tools/sdk/python/Reference/V2025/Models/AccessRequest.md
View File

@@ -20,6 +20,7 @@ Name | Type | Description | Notes
**request_type** | [**AccessRequestType**](access-request-type) | | [optional]
**requested_items** | [**[]AccessRequestItem**](access-request-item) | | [required]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**requested_for_with_requested_items** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
}
## Example
@@ -28,9 +29,7 @@ Name | Type | Description | Notes
from sailpoint.v2025.models.access_request import AccessRequest
access_request = AccessRequest(
requested_for=[
'2c918084660f45d6016617daa9210584'
],
requested_for=2c918084660f45d6016617daa9210584,
request_type='GRANT_ACCESS',
requested_items=[
sailpoint.v2025.models.access_request_item.AccessRequestItem(
@@ -40,7 +39,30 @@ requested_items=[
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z', )
],
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app},
requested_for_with_requested_items=[
sailpoint.v2025.models.requested_for_dto_ref.RequestedForDtoRef(
identity_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
requested_items = [
sailpoint.v2025.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.v2025.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v2025.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
], )
]
)
```

45
docs/tools/sdk/python/Reference/V2025/Models/AccessRequestItem1.md Normal file
View File

@@ -0,0 +1,45 @@
---
id: v2025-access-request-item1
title: AccessRequestItem1
pagination_label: AccessRequestItem1
sidebar_label: AccessRequestItem1
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccessRequestItem1', 'V2025AccessRequestItem1']
slug: /tools/sdk/python/v2025/models/access-request-item1
tags: ['SDK', 'Software Development Kit', 'AccessRequestItem1', 'V2025AccessRequestItem1']
---
# AccessRequestItem1
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [required]
**id** | **str** | ID of Role, Access Profile or Entitlement being requested. | [required]
**comment** | **str** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**remove_date** | **datetime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**assignment_id** | **str** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**native_identity** | **str** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
}
## Example
```python
from sailpoint.v2025.models.access_request_item1 import AccessRequestItem1
access_request_item1 = AccessRequestItem1(
type='ACCESS_PROFILE',
id='2c9180835d2e5168015d32f890ca1581',
comment='Requesting access profile for John Doe',
client_metadata={requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date='2020-07-11T21:23:15Z',
assignment_id='ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity='CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN'
)
```
[[Back to top]](#)

41
docs/tools/sdk/python/Reference/V2025/Models/AccountInfoRef.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2025-account-info-ref
title: AccountInfoRef
pagination_label: AccountInfoRef
sidebar_label: AccountInfoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountInfoRef', 'V2025AccountInfoRef']
slug: /tools/sdk/python/v2025/models/account-info-ref
tags: ['SDK', 'Software Development Kit', 'AccountInfoRef', 'V2025AccountInfoRef']
---
# AccountInfoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**uuid** | **str** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**native_identity** | **str** | The 'distinguishedName' attribute for the account | [optional]
**type** | [**DtoType**](dto-type) | | [optional]
**id** | **str** | The account id | [optional]
**name** | **str** | The account display name | [optional]
}
## Example
```python
from sailpoint.v2025.models.account_info_ref import AccountInfoRef
account_info_ref = AccountInfoRef(
uuid='{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity='CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
type='IDENTITY',
id='f19d168c27374fd1aff3b483573f997f',
name='UserAccount.761a2248b'
)
```
[[Back to top]](#)

35
docs/tools/sdk/python/Reference/V2025/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2025-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountItemRef', 'V2025AccountItemRef']
slug: /tools/sdk/python/v2025/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'V2025AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**account_uuid** | **str** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**native_identity** | **str** | The 'distinguishedName' attribute for the account | [optional]
}
## Example
```python
from sailpoint.v2025.models.account_item_ref import AccountItemRef
account_item_ref = AccountItemRef(
account_uuid='{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity='CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local'
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2025/Models/AccountUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.v2025.models.account_usage import AccountUsage
account_usage = AccountUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10
)

48
docs/tools/sdk/python/Reference/V2025/Models/AccountsSelectionRequest.md Normal file
View File

@@ -0,0 +1,48 @@
---
id: v2025-accounts-selection-request
title: AccountsSelectionRequest
pagination_label: AccountsSelectionRequest
sidebar_label: AccountsSelectionRequest
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountsSelectionRequest', 'V2025AccountsSelectionRequest']
slug: /tools/sdk/python/v2025/models/accounts-selection-request
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionRequest', 'V2025AccountsSelectionRequest']
---
# AccountsSelectionRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**requested_for** | **[]str** | A list of Identity IDs for whom the Access is requested. | [required]
**request_type** | [**AccessRequestType**](access-request-type) | | [optional]
**requested_items** | [**[]AccessRequestItem1**](access-request-item1) | | [required]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
}
## Example
```python
from sailpoint.v2025.models.accounts_selection_request import AccountsSelectionRequest
accounts_selection_request = AccountsSelectionRequest(
requested_for=2c918084660f45d6016617daa9210584,
request_type='GRANT_ACCESS',
requested_items=[
sailpoint.v2025.models.access_request_item_1.AccessRequestItem_1(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN', )
],
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
)
```
[[Back to top]](#)

61
docs/tools/sdk/python/Reference/V2025/Models/AccountsSelectionResponse.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: v2025-accounts-selection-response
title: AccountsSelectionResponse
pagination_label: AccountsSelectionResponse
sidebar_label: AccountsSelectionResponse
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountsSelectionResponse', 'V2025AccountsSelectionResponse']
slug: /tools/sdk/python/v2025/models/accounts-selection-response
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionResponse', 'V2025AccountsSelectionResponse']
---
# AccountsSelectionResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identities** | [**[]IdentityAccountSelections**](identity-account-selections) | A list of available account selections per identity in the request, for all the requested items | [optional]
}
## Example
```python
from sailpoint.v2025.models.accounts_selection_response import AccountsSelectionResponse
accounts_selection_response = AccountsSelectionResponse(
identities=[
sailpoint.v2025.models.identity_account_selections.IdentityAccountSelections(
requested_items = [
sailpoint.v2025.models.requested_item_account_selections.RequestedItemAccountSelections(
description = 'An access profile for the admins',
accounts_selection_blocked = False,
accounts_selection_blocked_reason = 'ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT',
type = 'ACCESS_PROFILE',
id = '720fd239701344aea76c93ba91376aec',
name = 'Test Access Profile',
sources = [
sailpoint.v2025.models.source_account_selections.SourceAccountSelections(
type = 'IDENTITY',
id = '3ac3c43785a845fa9820b0c1ac767cd5',
name = 'Test Source_Name',
accounts = [
sailpoint.v2025.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
], )
], )
],
accounts_selection_required = False,
type = 'IDENTITY',
id = '70016590f2df4b879bdb1313a9e4e19e',
name = 'User name', )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2025/Models/AttributeDefinitionType.md
View File

@@ -23,5 +23,7 @@ The underlying type of the value which an AttributeDefinition represents.
* `BOOLEAN` (value: `'BOOLEAN'`)
* `DATE` (value: `'DATE'`)
[[Back to top]](#)

35
docs/tools/sdk/python/Reference/V2025/Models/FederationProtocolDetails.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2025-federation-protocol-details
title: FederationProtocolDetails
pagination_label: FederationProtocolDetails
sidebar_label: FederationProtocolDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'FederationProtocolDetails', 'V2025FederationProtocolDetails']
slug: /tools/sdk/python/v2025/models/federation-protocol-details
tags: ['SDK', 'Software Development Kit', 'FederationProtocolDetails', 'V2025FederationProtocolDetails']
---
# FederationProtocolDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
}
## Example
```python
from sailpoint.v2025.models.federation_protocol_details import FederationProtocolDetails
federation_protocol_details = FederationProtocolDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6'
)
```
[[Back to top]](#)

62
docs/tools/sdk/python/Reference/V2025/Models/IdentityAccountSelections.md Normal file
View File

@@ -0,0 +1,62 @@
---
id: v2025-identity-account-selections
title: IdentityAccountSelections
pagination_label: IdentityAccountSelections
sidebar_label: IdentityAccountSelections
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdentityAccountSelections', 'V2025IdentityAccountSelections']
slug: /tools/sdk/python/v2025/models/identity-account-selections
tags: ['SDK', 'Software Development Kit', 'IdentityAccountSelections', 'V2025IdentityAccountSelections']
---
# IdentityAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**requested_items** | [**[]RequestedItemAccountSelections**](requested-item-account-selections) | Available account selections for the identity, per requested item | [optional]
**accounts_selection_required** | **bool** | A boolean indicating whether any account selections will be required for the user to raise an access request | [optional] [default to False]
**type** | [**DtoType**](dto-type) | | [optional]
**id** | **str** | The identity id for the user | [optional]
**name** | **str** | The name of the identity | [optional]
}
## Example
```python
from sailpoint.v2025.models.identity_account_selections import IdentityAccountSelections
identity_account_selections = IdentityAccountSelections(
requested_items=[
sailpoint.v2025.models.requested_item_account_selections.RequestedItemAccountSelections(
description = 'An access profile for the admins',
accounts_selection_blocked = False,
accounts_selection_blocked_reason = 'ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT',
type = 'ACCESS_PROFILE',
id = '720fd239701344aea76c93ba91376aec',
name = 'Test Access Profile',
sources = [
sailpoint.v2025.models.source_account_selections.SourceAccountSelections(
type = 'IDENTITY',
id = '3ac3c43785a845fa9820b0c1ac767cd5',
name = 'Test Source_Name',
accounts = [
sailpoint.v2025.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
], )
], )
],
accounts_selection_required=False,
type='IDENTITY',
id='70016590f2df4b879bdb1313a9e4e19e',
name='User name'
)
```
[[Back to top]](#)

53
docs/tools/sdk/python/Reference/V2025/Models/IdentityEntitlementDetails.md Normal file
View File

@@ -0,0 +1,53 @@
---
id: v2025-identity-entitlement-details
title: IdentityEntitlementDetails
pagination_label: IdentityEntitlementDetails
sidebar_label: IdentityEntitlementDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdentityEntitlementDetails', 'V2025IdentityEntitlementDetails']
slug: /tools/sdk/python/v2025/models/identity-entitlement-details
tags: ['SDK', 'Software Development Kit', 'IdentityEntitlementDetails', 'V2025IdentityEntitlementDetails']
---
# IdentityEntitlementDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identity_id** | **str** | Id of Identity | [optional]
**entitlement** | [**IdentityEntitlementDetailsEntitlementDto**](identity-entitlement-details-entitlement-dto) | | [optional]
**source_id** | **str** | Id of Source | [optional]
**account_targets** | [**[]IdentityEntitlementDetailsAccountTarget**](identity-entitlement-details-account-target) | A list of account targets on the identity provisioned with the requested entitlement. | [optional]
}
## Example
```python
from sailpoint.v2025.models.identity_entitlement_details import IdentityEntitlementDetails
identity_entitlement_details = IdentityEntitlementDetails(
identity_id='5928c61f-3f2e-417a-8d65-f76451e2050a',
entitlement=sailpoint.v2025.models.identity_entitlement_details_entitlement_dto.IdentityEntitlementDetailsEntitlementDto(
id = '2c91808874ff91550175097daaec161c',
name = 'LauncherTest2',
created = '2020-10-08T18:33:52.029Z',
modified = '2020-10-08T18:33:52.029Z',
description = 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local',
type = 'ENTITLEMENT',
source_id = '2c9180827ca885d7017ca8ce28a000eb',
source_name = 'ODS-AD-Source',
owner = sailpoint.v2025.models.owner_dto.OwnerDto(
type = 'IDENTITY',
id = '2c9180a46faadee4016fb4e018c20639',
name = 'Support', ),
value = 'CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local',
flags = [privileged], ),
source_id='b56728da-a24d-4177-a207-2bc4d42cba27',
account_targets=[{accountId=e7ef11cee24542b78618ce017117699f, accountName=Adalberto.XYZ, accountUUID=null, sourceId=0108906b66634d9ab7819a03eb263a88, sourceName=ODS-AD-FF-Source [source-XYZ], removeDate=null, assignmentId=null, revocable=true}]
)
```
[[Back to top]](#)

47
docs/tools/sdk/python/Reference/V2025/Models/IdentityEntitlementDetailsAccountTarget.md Normal file
View File

@@ -0,0 +1,47 @@
---
id: v2025-identity-entitlement-details-account-target
title: IdentityEntitlementDetailsAccountTarget
pagination_label: IdentityEntitlementDetailsAccountTarget
sidebar_label: IdentityEntitlementDetailsAccountTarget
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdentityEntitlementDetailsAccountTarget', 'V2025IdentityEntitlementDetailsAccountTarget']
slug: /tools/sdk/python/v2025/models/identity-entitlement-details-account-target
tags: ['SDK', 'Software Development Kit', 'IdentityEntitlementDetailsAccountTarget', 'V2025IdentityEntitlementDetailsAccountTarget']
---
# IdentityEntitlementDetailsAccountTarget
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**account_id** | **str** | The id of account | [optional]
**account_name** | **str** | The name of account | [optional]
**account_uuid** | **str** | The UUID representation of the account if available | [optional]
**source_id** | **str** | The id of Source | [optional]
**source_name** | **str** | The name of Source | [optional]
**remove_date** | **str** | The removal date scheduled for the entitlement on the Identity | [optional]
**assignment_id** | **str** | The assignmentId of the entitlement on the Identity | [optional]
**revocable** | **bool** | If the entitlement can be revoked | [optional] [default to False]
}
## Example
```python
from sailpoint.v2025.models.identity_entitlement_details_account_target import IdentityEntitlementDetailsAccountTarget
identity_entitlement_details_account_target = IdentityEntitlementDetailsAccountTarget(
account_id='c5ef070e-92c6-4276-a006-98490f132dec',
account_name='Adalberto.XYZ',
account_uuid='2236c29e-68a6-494d-a469-d072172f46cf',
source_id='9269d764-8358-4ab9-9748-d4b7418548ca',
source_name='JDBC XYZ Source',
remove_date='2035-01-01T12:00:00.000Z',
assignment_id='77a5b7b4-262f-4b6a-a2aa-87f84f45f96f',
revocable=True
)
```
[[Back to top]](#)

56
docs/tools/sdk/python/Reference/V2025/Models/IdentityEntitlementDetailsEntitlementDto.md Normal file
View File

@@ -0,0 +1,56 @@
---
id: v2025-identity-entitlement-details-entitlement-dto
title: IdentityEntitlementDetailsEntitlementDto
pagination_label: IdentityEntitlementDetailsEntitlementDto
sidebar_label: IdentityEntitlementDetailsEntitlementDto
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdentityEntitlementDetailsEntitlementDto', 'V2025IdentityEntitlementDetailsEntitlementDto']
slug: /tools/sdk/python/v2025/models/identity-entitlement-details-entitlement-dto
tags: ['SDK', 'Software Development Kit', 'IdentityEntitlementDetailsEntitlementDto', 'V2025IdentityEntitlementDetailsEntitlementDto']
---
# IdentityEntitlementDetailsEntitlementDto
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**id** | **str** | The entitlement id | [optional]
**name** | **str** | The entitlement name | [optional]
**created** | **datetime** | Time when the entitlement was last modified | [optional]
**modified** | **datetime** | Time when the entitlement was last modified | [optional]
**description** | **str** | The description of the entitlement | [optional]
**type** | **str** | The type of the object, will always be \"ENTITLEMENT\" | [optional]
**source_id** | **str** | The source ID | [optional]
**source_name** | **str** | The source name | [optional]
**owner** | [**OwnerDto**](owner-dto) | | [optional]
**value** | **str** | The value of the entitlement | [optional]
**flags** | **[]str** | a list of properties informing the viewer about the entitlement | [optional]
}
## Example
```python
from sailpoint.v2025.models.identity_entitlement_details_entitlement_dto import IdentityEntitlementDetailsEntitlementDto
identity_entitlement_details_entitlement_dto = IdentityEntitlementDetailsEntitlementDto(
id='2c91808874ff91550175097daaec161c',
name='LauncherTest2',
created='2020-10-08T18:33:52.029Z',
modified='2020-10-08T18:33:52.029Z',
description='CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local',
type='ENTITLEMENT',
source_id='2c9180827ca885d7017ca8ce28a000eb',
source_name='ODS-AD-Source',
owner=sailpoint.v2025.models.owner_dto.OwnerDto(
type = 'IDENTITY',
id = '2c9180a46faadee4016fb4e018c20639',
name = 'Support', ),
value='CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local',
flags=[privileged]
)
```
[[Back to top]](#)

62
docs/tools/sdk/python/Reference/V2025/Models/IdpDetails.md Normal file
View File

@@ -0,0 +1,62 @@
---
id: v2025-idp-details
title: IdpDetails
pagination_label: IdpDetails
sidebar_label: IdpDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'IdpDetails', 'V2025IdpDetails']
slug: /tools/sdk/python/v2025/models/idp-details
tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'V2025IdpDetails']
---
# IdpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**binding** | **str** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**authn_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**logout_url** | **str** | The IDP logout URL. Used with IDP configurations. | [optional]
**include_authn_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**name_id** | **str** | The name id format to use. Used with IDP configurations. | [optional]
**jit_configuration** | [**JITConfiguration**](jit-configuration) | | [optional]
**cert** | **str** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**login_url_post** | **str** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**login_url_redirect** | **str** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**certificate_expiration_date** | **str** | The expiration date extracted from the certificate. | [optional]
**certificate_name** | **str** | The name extracted from the certificate. | [optional]
}
## Example
```python
from sailpoint.v2025.models.idp_details import IdpDetails
idp_details = IdpDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
authn_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
logout_url='https://dev-206445.oktapreview.com/login/signout',
include_authn_context=False,
name_id='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
jit_configuration=sailpoint.v2025.models.jit_configuration.JITConfiguration(
enabled = False,
source_id = '2c9180857377ed2901739c12a2da5ac8',
source_attribute_mappings = {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}, ),
cert='-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----',
login_url_post='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
login_url_redirect='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
mapping_attribute='email',
certificate_expiration_date='Fri Mar 08 08:54:24 UTC 2013',
certificate_name='OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL'
)
```
[[Back to top]](#)

37
docs/tools/sdk/python/Reference/V2025/Models/JITConfiguration.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-jit-configuration
title: JITConfiguration
pagination_label: JITConfiguration
sidebar_label: JITConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'JITConfiguration', 'V2025JITConfiguration']
slug: /tools/sdk/python/v2025/models/jit-configuration
tags: ['SDK', 'Software Development Kit', 'JITConfiguration', 'V2025JITConfiguration']
---
# JITConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**enabled** | **bool** | The indicator for just-in-time provisioning enabled | [optional] [default to False]
**source_id** | **str** | the sourceId that mapped to just-in-time provisioning configuration | [optional]
**source_attribute_mappings** | **map[string]str** | A mapping of identity profile attribute names to SAML assertion attribute names | [optional]
}
## Example
```python
from sailpoint.v2025.models.jit_configuration import JITConfiguration
jit_configuration = JITConfiguration(
enabled=False,
source_id='2c9180857377ed2901739c12a2da5ac8',
source_attribute_mappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}
)
```
[[Back to top]](#)

37
docs/tools/sdk/python/Reference/V2025/Models/LockoutConfiguration.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-lockout-configuration
title: LockoutConfiguration
pagination_label: LockoutConfiguration
sidebar_label: LockoutConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'LockoutConfiguration', 'V2025LockoutConfiguration']
slug: /tools/sdk/python/v2025/models/lockout-configuration
tags: ['SDK', 'Software Development Kit', 'LockoutConfiguration', 'V2025LockoutConfiguration']
---
# LockoutConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**maximum_attempts** | **int** | The maximum attempts allowed before lockout occurs. | [optional]
**lockout_duration** | **int** | The total time in minutes a user will be locked out. | [optional]
**lockout_window** | **int** | A rolling window where authentication attempts in a series count towards the maximum before lockout occurs. | [optional]
}
## Example
```python
from sailpoint.v2025.models.lockout_configuration import LockoutConfiguration
lockout_configuration = LockoutConfiguration(
maximum_attempts=5,
lockout_duration=15,
lockout_window=5
)
```
[[Back to top]](#)

4
docs/tools/sdk/python/Reference/V2025/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -56,8 +56,8 @@ data={description=Auditing},
approval_status='APPROVED',
comment='approved',
completion_date='2020-03-24T11:11:41.139-05:00',
start_date='Tue Mar 24 00:00:00 UTC 2020',
end_date='Thu Mar 25 00:00:00 UTC 2021',
start_date='Mon Mar 23 20:00:00 EDT 2020',
end_date='Wed Mar 24 20:00:00 EDT 2021',
modified='2020-03-24T11:11:41.139-05:00',
created='2020-03-24T11:11:41.139-05:00'
)

53
docs/tools/sdk/python/Reference/V2025/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,53 @@
---
id: v2025-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedForDtoRef', 'V2025RequestedForDtoRef']
slug: /tools/sdk/python/v2025/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'V2025RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identity_id** | **str** | The identity id for which the access is requested | [required]
**requested_items** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
}
## Example
```python
from sailpoint.v2025.models.requested_for_dto_ref import RequestedForDtoRef
requested_for_dto_ref = RequestedForDtoRef(
identity_id='cb89bc2f1ee6445fbea12224c526ba3a',
requested_items=[
sailpoint.v2025.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.v2025.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v2025.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
]
)
```
[[Back to top]](#)

57
docs/tools/sdk/python/Reference/V2025/Models/RequestedItemAccountSelections.md Normal file
View File

@@ -0,0 +1,57 @@
---
id: v2025-requested-item-account-selections
title: RequestedItemAccountSelections
pagination_label: RequestedItemAccountSelections
sidebar_label: RequestedItemAccountSelections
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedItemAccountSelections', 'V2025RequestedItemAccountSelections']
slug: /tools/sdk/python/v2025/models/requested-item-account-selections
tags: ['SDK', 'Software Development Kit', 'RequestedItemAccountSelections', 'V2025RequestedItemAccountSelections']
---
# RequestedItemAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**description** | **str** | The description for this requested item | [optional]
**accounts_selection_blocked** | **bool** | This field indicates if account selections are not allowed for this requested item. * If true, this field indicates that account selections will not be available for this item and user combination. In this case, no account selections should be provided in the access request for this item and user combination, irrespective of whether the user has single or multiple accounts on a source. * An example is where a user is requesting an access profile that is already assigned to one of their accounts. | [optional] [default to False]
**accounts_selection_blocked_reason** | **str** | If account selections are not allowed for an item, this field will denote the reason. | [optional]
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [optional]
**id** | **str** | The id of the requested item | [optional]
**name** | **str** | The name of the requested item | [optional]
**sources** | [**[]SourceAccountSelections**](source-account-selections) | The details for the sources and accounts for the requested item and identity combination | [optional]
}
## Example
```python
from sailpoint.v2025.models.requested_item_account_selections import RequestedItemAccountSelections
requested_item_account_selections = RequestedItemAccountSelections(
description='An access profile for the admins',
accounts_selection_blocked=False,
accounts_selection_blocked_reason='ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT',
type='ACCESS_PROFILE',
id='720fd239701344aea76c93ba91376aec',
name='Test Access Profile',
sources=[
sailpoint.v2025.models.source_account_selections.SourceAccountSelections(
type = 'IDENTITY',
id = '3ac3c43785a845fa9820b0c1ac767cd5',
name = 'Test Source_Name',
accounts = [
sailpoint.v2025.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
], )
]
)
```
[[Back to top]](#)

55
docs/tools/sdk/python/Reference/V2025/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,55 @@
---
id: v2025-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedItemDtoRef', 'V2025RequestedItemDtoRef']
slug: /tools/sdk/python/v2025/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'V2025RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [required]
**id** | **str** | ID of Role, Access Profile or Entitlement being requested. | [required]
**comment** | **str** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**remove_date** | **datetime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**assignment_id** | **str** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**native_identity** | **str** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**account_selection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
}
## Example
```python
from sailpoint.v2025.models.requested_item_dto_ref import RequestedItemDtoRef
requested_item_dto_ref = RequestedItemDtoRef(
type='ACCESS_PROFILE',
id='2c9180835d2e5168015d32f890ca1581',
comment='Requesting access profile for John Doe',
client_metadata={requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date='2020-07-11T21:23:15Z',
assignment_id='ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity='CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection=[
sailpoint.v2025.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v2025.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2025/Models/ScheduledActionPayload.md
View File

@@ -31,7 +31,7 @@ from sailpoint.v2025.models.scheduled_action_payload import ScheduledActionPaylo
scheduled_action_payload = ScheduledActionPayload(
job_type='BACKUP',
start_time='2024-08-16T14:16:58.389Z',
cron_string='0 0 12 * * ?',
cron_string='0 0 * * * *',
time_zone_id='America/Chicago',
content=sailpoint.v2025.models.scheduled_action_payload_content.ScheduledActionPayload_content(
name = 'Daily Backup',

2
docs/tools/sdk/python/Reference/V2025/Models/ScheduledActionResponse.md
View File

@@ -43,7 +43,7 @@ content=sailpoint.v2025.models.scheduled_action_response_content.ScheduledAction
source_tenant = 'tenant-name',
draft_id = '9012b87d-48ca-439a-868f-2160001da8c3', ),
start_time='2021-05-12T10:00Z',
cron_string='0 0 12 * * ?',
cron_string='0 0 * * * *',
time_zone_id='America/Chicago'
)

40
docs/tools/sdk/python/Reference/V2025/Models/ServiceProviderConfiguration.md Normal file
View File

@@ -0,0 +1,40 @@
---
id: v2025-service-provider-configuration
title: ServiceProviderConfiguration
pagination_label: ServiceProviderConfiguration
sidebar_label: ServiceProviderConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'ServiceProviderConfiguration', 'V2025ServiceProviderConfiguration']
slug: /tools/sdk/python/v2025/models/service-provider-configuration
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfiguration', 'V2025ServiceProviderConfiguration']
---
# ServiceProviderConfiguration
Represents the IdentityNow as Service Provider Configuration allowing customers to log into IDN via an Identity Provider
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**enabled** | **bool** | This determines whether or not the SAML authentication flow is enabled for an org | [optional] [default to False]
**bypass_idp** | **bool** | This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP. | [optional] [default to False]
**saml_configuration_valid** | **bool** | This indicates whether or not the SAML configuration is valid. | [optional] [default to False]
**federation_protocol_details** | [**[]ServiceProviderConfigurationFederationProtocolDetailsInner**](service-provider-configuration-federation-protocol-details-inner) | A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer's identity provider and a customer's SailPoint instance (i.e., the service provider). | [optional]
}
## Example
```python
from sailpoint.v2025.models.service_provider_configuration import ServiceProviderConfiguration
service_provider_configuration = ServiceProviderConfiguration(
enabled=True,
bypass_idp=True,
saml_configuration_valid=True,
federation_protocol_details=[{role=SAML_IDP, entityId=http://www.okta.com/exktq4o24bmQA4fr60h7, cert=MIIDpDCCAoygAwIBAgIGAYhZ+b29MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0yMDY0NDUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjMwNTI2MjEzMDU5WhcNMzMwNTI2MjEzMTU5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMjA2NDQ1MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvi1+WbF2ceGlLCrLl5PrG1lpj04IsrHX6OE666ObC2WFh+Nxvpxy+Vmzon9c9+akhK3bTv+9ifEoVc6tA1qWuCfXISAn9g81JqI68I1PGUbe6eF8pmOA18rjOrt7x94k4QukpR3+I8DfPJ+TynatltB51laLb8H4jchMafA4rDTjV/ZiYPxV0LMEIbprVyGuvBEhiEWha3wwVdDuJq996okX36YNS8PcGH+5CJ8c3YWZp/wrspgJmfCooMXeV+6zBpZfXqPpMWlUo0gcZqDOFgy3r4vkXehJdVYRlInMfDv04Lvy8VI1YAZClG/duO/6o9YVUFLjD9s+mQfhgaF5wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB1CTrA/pTHkarbhMHsdSFAjVoYWwdAfrssG99rIjwwr/CW9tavTC3keaoUmUeddcnLY4V/TfL07+xgQGHCBR88cnzG9h6rC9qWxt6C3nug3YDVQfkdCDgnW9A8QEvLeq/KVLoRccpJNEENb2Y5ESUXHi1+PtjkFBtvfSgZ4eEhVggirL0bJdWVm700hCnjb2iCGSbSX7WflfPi0GSmjht983caG9OwZDnDzNFt8qGWCxo4bNSThT00JnWEN/6f1BWNOt9YDrxqEyNclqhLL+RDqFsPBFIrQlsoXzqpWqCL8oS9UMNxbGATK2v3d5ueE9+SswBAFBhirCuqZw19Ri2W, loginUrlPost=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, loginUrlRedirect=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, logoutUrl=https://dev-206445.oktapreview.com/login/signout, nameId=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, authnContext=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, includeAuthnContext=true, mappingAttribute=email, jitConfiguration={enabled=true, sourceId=2c9180897427f3a501745042afc83144, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}}, certificateExpirationDate=Thu May 26 21:31:59 GMT 2033, certificateName=EMAILADDRESS=info@okta.com, CN=dev-206445, OU=SSOProvider, O=Okta, L=San Francisco, ST=California, C=US}, {role=SAML_SP, entityId=https://acme.identitysoon.com/sp, alias=acme-sp, callbackUrl=https://acme.test-login.sailpoint.com/saml/SSO/alias/acme-sp, legacyAcsUrl=https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp}]
)
```
[[Back to top]](#)

68
docs/tools/sdk/python/Reference/V2025/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md Normal file
View File

@@ -0,0 +1,68 @@
---
id: v2025-service-provider-configuration-federation-protocol-details-inner
title: ServiceProviderConfigurationFederationProtocolDetailsInner
pagination_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2025ServiceProviderConfigurationFederationProtocolDetailsInner']
slug: /tools/sdk/python/v2025/models/service-provider-configuration-federation-protocol-details-inner
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2025ServiceProviderConfigurationFederationProtocolDetailsInner']
---
# ServiceProviderConfigurationFederationProtocolDetailsInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**binding** | **str** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**authn_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**logout_url** | **str** | The IDP logout URL. Used with IDP configurations. | [optional]
**include_authn_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**name_id** | **str** | The name id format to use. Used with IDP configurations. | [optional]
**jit_configuration** | [**JITConfiguration**](jit-configuration) | | [optional]
**cert** | **str** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**login_url_post** | **str** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**login_url_redirect** | **str** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**certificate_expiration_date** | **str** | The expiration date extracted from the certificate. | [optional]
**certificate_name** | **str** | The name extracted from the certificate. | [optional]
**alias** | **str** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**legacy_acs_url** | **str** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
}
## Example
```python
from sailpoint.v2025.models.service_provider_configuration_federation_protocol_details_inner import ServiceProviderConfigurationFederationProtocolDetailsInner
service_provider_configuration_federation_protocol_details_inner = ServiceProviderConfigurationFederationProtocolDetailsInner(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
authn_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
logout_url='https://dev-206445.oktapreview.com/login/signout',
include_authn_context=False,
name_id='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
jit_configuration=sailpoint.v2025.models.jit_configuration.JITConfiguration(
enabled = False,
source_id = '2c9180857377ed2901739c12a2da5ac8',
source_attribute_mappings = {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}, ),
cert='-----BEGIN CERTIFICATE-----****-----END CERTIFICATE-----',
login_url_post='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
login_url_redirect='https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml',
mapping_attribute='email',
certificate_expiration_date='Fri Mar 08 08:54:24 UTC 2013',
certificate_name='OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL',
alias='acme-sp',
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp',
legacy_acs_url='https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp'
)
```
[[Back to top]](#)

37
docs/tools/sdk/python/Reference/V2025/Models/SessionConfiguration.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-session-configuration
title: SessionConfiguration
pagination_label: SessionConfiguration
sidebar_label: SessionConfiguration
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SessionConfiguration', 'V2025SessionConfiguration']
slug: /tools/sdk/python/v2025/models/session-configuration
tags: ['SDK', 'Software Development Kit', 'SessionConfiguration', 'V2025SessionConfiguration']
---
# SessionConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**max_idle_time** | **int** | The maximum time in minutes a session can be idle. | [optional]
**remember_me** | **bool** | Denotes if 'remember me' is enabled. | [optional] [default to False]
**max_session_time** | **int** | The maximum allowable session time in minutes. | [optional]
}
## Example
```python
from sailpoint.v2025.models.session_configuration import SessionConfiguration
session_configuration = SessionConfiguration(
max_idle_time=15,
remember_me=True,
max_session_time=45
)
```
[[Back to top]](#)

46
docs/tools/sdk/python/Reference/V2025/Models/SourceAccountSelections.md Normal file
View File

@@ -0,0 +1,46 @@
---
id: v2025-source-account-selections
title: SourceAccountSelections
pagination_label: SourceAccountSelections
sidebar_label: SourceAccountSelections
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SourceAccountSelections', 'V2025SourceAccountSelections']
slug: /tools/sdk/python/v2025/models/source-account-selections
tags: ['SDK', 'Software Development Kit', 'SourceAccountSelections', 'V2025SourceAccountSelections']
---
# SourceAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | [**DtoType**](dto-type) | | [optional]
**id** | **str** | The source id | [optional]
**name** | **str** | The source name | [optional]
**accounts** | [**[]AccountInfoRef**](account-info-ref) | The accounts information for a particular source in the requested item | [optional]
}
## Example
```python
from sailpoint.v2025.models.source_account_selections import SourceAccountSelections
source_account_selections = SourceAccountSelections(
type='IDENTITY',
id='3ac3c43785a845fa9820b0c1ac767cd5',
name='Test Source_Name',
accounts=[
sailpoint.v2025.models.account_info_ref.AccountInfoRef(
uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local',
type = 'IDENTITY',
id = 'f19d168c27374fd1aff3b483573f997f',
name = 'UserAccount.761a2248b', )
]
)
```
[[Back to top]](#)

39
docs/tools/sdk/python/Reference/V2025/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2025-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SourceItemRef', 'V2025SourceItemRef']
slug: /tools/sdk/python/v2025/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'V2025SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**source_id** | **str** | The id for the source on which account selections are made | [optional]
**accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
}
## Example
```python
from sailpoint.v2025.models.source_item_ref import SourceItemRef
source_item_ref = SourceItemRef(
source_id='cb89bc2f1ee6445fbea12224c526ba3a',
accounts=[
sailpoint.v2025.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V2025/Models/SourceUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.v2025.models.source_usage import SourceUsage
source_usage = SourceUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10.45
)

41
docs/tools/sdk/python/Reference/V2025/Models/SpDetails.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2025-sp-details
title: SpDetails
pagination_label: SpDetails
sidebar_label: SpDetails
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SpDetails', 'V2025SpDetails']
slug: /tools/sdk/python/v2025/models/sp-details
tags: ['SDK', 'Software Development Kit', 'SpDetails', 'V2025SpDetails']
---
# SpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**alias** | **str** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**legacy_acs_url** | **str** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
}
## Example
```python
from sailpoint.v2025.models.sp_details import SpDetails
sp_details = SpDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
alias='acme-sp',
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp',
legacy_acs_url='https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp'
)
```
[[Back to top]](#)

131
docs/tools/sdk/python/Reference/V3/Methods/AccessRequestsApi.md
View File

@@ -122,6 +122,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -132,6 +133,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v3/create-access-request)
@@ -172,7 +174,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
access_request = '''{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -233,6 +235,133 @@ with ApiClient(configuration) as api_client:
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}''' # AccessRequest |

18
docs/tools/sdk/python/Reference/V3/Methods/WorkflowsApi.md
View File

@@ -336,6 +336,7 @@ Get a single workflow by id.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | id | **str** | True | Id of the workflow
Query | workflow_metrics | **bool** | (optional) (default to True) | disable workflow metrics
### Return type
[**Workflow**](../models/workflow)
@@ -366,13 +367,14 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'c17bea3a-574d-453c-9e04-4365fbf5af0b' # str | Id of the workflow # str | Id of the workflow
workflow_metrics = True # bool | disable workflow metrics (optional) (default to True) # bool | disable workflow metrics (optional) (default to True)
try:
# Get Workflow By Id
results = WorkflowsApi(api_client).get_workflow(id=id)
# Below is a request that includes all optional parameters
# results = WorkflowsApi(api_client).get_workflow(id)
# results = WorkflowsApi(api_client).get_workflow(id, workflow_metrics)
print("The response of WorkflowsApi->get_workflow:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
@@ -828,7 +830,13 @@ List all workflows in the tenant.
[API Spec](https://developer.sailpoint.com/docs/api/v3/list-workflows)
### Parameters
This endpoint does not need any parameter.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | trigger_id | **str** | (optional) | Trigger ID
Query | connector_instance_id | **str** | (optional) | Connector Instance ID
Query | limit | **int** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | offset | **int** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**List[Workflow]**](../models/workflow)
@@ -858,13 +866,17 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
trigger_id = 'idn:identity-created' # str | Trigger ID (optional) # str | Trigger ID (optional)
connector_instance_id = '28541fec-bb81-4ad4-88ef-0f7d213adcad' # str | Connector Instance ID (optional) # str | Connector Instance ID (optional)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
try:
# List Workflows
results = WorkflowsApi(api_client).list_workflows()
# Below is a request that includes all optional parameters
# results = WorkflowsApi(api_client).list_workflows()
# results = WorkflowsApi(api_client).list_workflows(trigger_id, connector_instance_id, limit, offset)
print("The response of WorkflowsApi->list_workflows:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))

30
docs/tools/sdk/python/Reference/V3/Models/AccessRequest.md
View File

@@ -20,6 +20,7 @@ Name | Type | Description | Notes
**request_type** | [**AccessRequestType**](access-request-type) | | [optional]
**requested_items** | [**[]AccessRequestItem**](access-request-item) | | [required]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**requested_for_with_requested_items** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
}
## Example
@@ -28,9 +29,7 @@ Name | Type | Description | Notes
from sailpoint.v3.models.access_request import AccessRequest
access_request = AccessRequest(
requested_for=[
'2c918084660f45d6016617daa9210584'
],
requested_for=2c918084660f45d6016617daa9210584,
request_type='GRANT_ACCESS',
requested_items=[
sailpoint.v3.models.access_request_item.AccessRequestItem(
@@ -42,7 +41,30 @@ requested_items=[
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN', )
],
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
client_metadata={requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app},
requested_for_with_requested_items=[
sailpoint.v3.models.requested_for_dto_ref.RequestedForDtoRef(
identity_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
requested_items = [
sailpoint.v3.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.v3.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v3.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
], )
]
)
```

35
docs/tools/sdk/python/Reference/V3/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'AccountItemRef', 'AccountItemRef']
slug: /tools/sdk/python/v3/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**account_uuid** | **str** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**native_identity** | **str** | The 'distinguishedName' attribute for the account | [optional]
}
## Example
```python
from sailpoint.v3.models.account_item_ref import AccountItemRef
account_item_ref = AccountItemRef(
account_uuid='{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity='CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local'
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V3/Models/AccountUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.v3.models.account_usage import AccountUsage
account_usage = AccountUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10
)

2
docs/tools/sdk/python/Reference/V3/Models/AttributeDefinitionType.md
View File

@@ -23,5 +23,7 @@ The underlying type of the value which an AttributeDefinition represents.
* `BOOLEAN` (value: `'BOOLEAN'`)
* `DATE` (value: `'DATE'`)
[[Back to top]](#)

12
docs/tools/sdk/python/Reference/V3/Models/IdpDetails.md
View File

@@ -16,18 +16,18 @@ tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'IdpDetails']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_IDP' ] | Federation protocol role | [optional]
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**binding** | **str** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**auth_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**authn_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**logout_url** | **str** | The IDP logout URL. Used with IDP configurations. | [optional]
**include_auth_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**include_authn_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**name_id** | **str** | The name id format to use. Used with IDP configurations. | [optional]
**jit_configuration** | [**JITConfiguration**](jit-configuration) | | [optional]
**cert** | **str** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**login_url_post** | **str** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**login_url_redirect** | **str** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**certificate_expiration_date** | **str** | The expiration date extracted from the certificate. | [optional]
**certificate_name** | **str** | The name extracted from the certificate. | [optional]
}
@@ -41,9 +41,9 @@ idp_details = IdpDetails(
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
auth_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
authn_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
logout_url='https://dev-206445.oktapreview.com/login/signout',
include_auth_context=False,
include_authn_context=False,
name_id='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
jit_configuration=sailpoint.v3.models.jit_configuration.JITConfiguration(
enabled = False,

4
docs/tools/sdk/python/Reference/V3/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -56,8 +56,8 @@ data={description=Auditing},
approval_status='APPROVED',
comment='approved',
completion_date='2020-03-24T11:11:41.139-05:00',
start_date='Tue Mar 24 00:00:00 UTC 2020',
end_date='Thu Mar 25 00:00:00 UTC 2021',
start_date='Mon Mar 23 20:00:00 EDT 2020',
end_date='Wed Mar 24 20:00:00 EDT 2021',
modified='2020-03-24T11:11:41.139-05:00',
created='2020-03-24T11:11:41.139-05:00'
)

53
docs/tools/sdk/python/Reference/V3/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,53 @@
---
id: requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedForDtoRef', 'RequestedForDtoRef']
slug: /tools/sdk/python/v3/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**identity_id** | **str** | The identity id for which the access is requested | [required]
**requested_items** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
}
## Example
```python
from sailpoint.v3.models.requested_for_dto_ref import RequestedForDtoRef
requested_for_dto_ref = RequestedForDtoRef(
identity_id='cb89bc2f1ee6445fbea12224c526ba3a',
requested_items=[
sailpoint.v3.models.requested_item_dto_ref.RequestedItemDtoRef(
type = 'ACCESS_PROFILE',
id = '2c9180835d2e5168015d32f890ca1581',
comment = 'Requesting access profile for John Doe',
client_metadata = {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date = '2020-07-11T21:23:15Z',
assignment_id = 'ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity = 'CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection = [
sailpoint.v3.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v3.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
], )
]
)
```
[[Back to top]](#)

55
docs/tools/sdk/python/Reference/V3/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,55 @@
---
id: requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'RequestedItemDtoRef', 'RequestedItemDtoRef']
slug: /tools/sdk/python/v3/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**type** | **Enum** [ 'ACCESS_PROFILE', 'ROLE', 'ENTITLEMENT' ] | The type of the item being requested. | [required]
**id** | **str** | ID of Role, Access Profile or Entitlement being requested. | [required]
**comment** | **str** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**client_metadata** | **map[string]str** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**remove_date** | **datetime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**assignment_id** | **str** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**native_identity** | **str** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**account_selection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
}
## Example
```python
from sailpoint.v3.models.requested_item_dto_ref import RequestedItemDtoRef
requested_item_dto_ref = RequestedItemDtoRef(
type='ACCESS_PROFILE',
id='2c9180835d2e5168015d32f890ca1581',
comment='Requesting access profile for John Doe',
client_metadata={requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1},
remove_date='2020-07-11T21:23:15Z',
assignment_id='ee48a191c00d49bf9264eb0a4fc3a9fc',
native_identity='CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN',
account_selection=[
sailpoint.v3.models.source_item_ref.SourceItemRef(
source_id = 'cb89bc2f1ee6445fbea12224c526ba3a',
accounts = [
sailpoint.v3.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
], )
]
)
```
[[Back to top]](#)

20
docs/tools/sdk/python/Reference/V3/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md
View File

@@ -16,22 +16,23 @@ tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederatio
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_SP' ] | Federation protocol role | [optional]
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**binding** | **str** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**auth_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**authn_context** | **str** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**logout_url** | **str** | The IDP logout URL. Used with IDP configurations. | [optional]
**include_auth_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**include_authn_context** | **bool** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to False]
**name_id** | **str** | The name id format to use. Used with IDP configurations. | [optional]
**jit_configuration** | [**JITConfiguration**](jit-configuration) | | [optional]
**cert** | **str** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**login_url_post** | **str** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**login_url_redirect** | **str** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [optional]
**mapping_attribute** | **str** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**certificate_expiration_date** | **str** | The expiration date extracted from the certificate. | [optional]
**certificate_name** | **str** | The name extracted from the certificate. | [optional]
**alias** | **str** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**legacy_acs_url** | **str** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
}
## Example
@@ -40,12 +41,12 @@ Name | Type | Description | Notes
from sailpoint.v3.models.service_provider_configuration_federation_protocol_details_inner import ServiceProviderConfigurationFederationProtocolDetailsInner
service_provider_configuration_federation_protocol_details_inner = ServiceProviderConfigurationFederationProtocolDetailsInner(
role='SAML_SP',
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
binding='urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
auth_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
authn_context='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
logout_url='https://dev-206445.oktapreview.com/login/signout',
include_auth_context=False,
include_authn_context=False,
name_id='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
jit_configuration=sailpoint.v3.models.jit_configuration.JITConfiguration(
enabled = False,
@@ -58,7 +59,8 @@ mapping_attribute='email',
certificate_expiration_date='Fri Mar 08 08:54:24 UTC 2013',
certificate_name='OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL',
alias='acme-sp',
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp'
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp',
legacy_acs_url='https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp'
)
```

39
docs/tools/sdk/python/Reference/V3/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: pythonsdk
keywords: ['python', 'Python', 'sdk', 'SourceItemRef', 'SourceItemRef']
slug: /tools/sdk/python/v3/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**source_id** | **str** | The id for the source on which account selections are made | [optional]
**accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
}
## Example
```python
from sailpoint.v3.models.source_item_ref import SourceItemRef
source_item_ref = SourceItemRef(
source_id='cb89bc2f1ee6445fbea12224c526ba3a',
accounts=[
sailpoint.v3.models.account_item_ref.AccountItemRef(
account_uuid = '{fab7119e-004f-4822-9c33-b8d570d6c6a6}',
native_identity = 'CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local', )
]
)
```
[[Back to top]](#)

2
docs/tools/sdk/python/Reference/V3/Models/SourceUsage.md
View File

@@ -26,7 +26,7 @@ Name | Type | Description | Notes
from sailpoint.v3.models.source_usage import SourceUsage
source_usage = SourceUsage(
var_date='Fri Apr 21 00:00:00 UTC 2023',
var_date='Thu Apr 20 20:00:00 EDT 2023',
count=10.45
)

10
docs/tools/sdk/python/Reference/V3/Models/SpDetails.md
View File

@@ -16,10 +16,11 @@ tags: ['SDK', 'Software Development Kit', 'SpDetails', 'SpDetails']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**role** | **Enum** [ 'SAML_SP' ] | Federation protocol role | [optional]
**role** | **Enum** [ 'SAML_IDP', 'SAML_SP' ] | Federation protocol role | [optional]
**entity_id** | **str** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**alias** | **str** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [optional]
**callback_url** | **str** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**legacy_acs_url** | **str** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
}
## Example
@@ -28,10 +29,11 @@ Name | Type | Description | Notes
from sailpoint.v3.models.sp_details import SpDetails
sp_details = SpDetails(
role='SAML_SP',
role='SAML_IDP',
entity_id='http://www.okta.com/exkdaruy8Ln5Ry7C54x6',
alias='acme-sp',
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp'
callback_url='https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp',
legacy_acs_url='https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp'
)
```