LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-09 04:19:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update to python SDK docs: 14455009748

Browse Source
This commit is contained in:
developer-relations-sp
2025-04-14 20:23:46 +00:00
parent 5111ee7368
commit 59a220c8cd
90 changed files with 12638 additions and 7669 deletions
Download Patch File Download Diff File Expand all files Collapse all files

333
docs/tools/sdk/python/Reference/V2025/Methods/AccessRequestsApi.md
View File

@@ -36,8 +36,10 @@ Method | HTTP request | Description
[**close-access-request**](#close-access-request) | **POST** `/access-requests/close` | Close Access Request
[**create-access-request**](#create-access-request) | **POST** `/access-requests` | Submit Access Request
[**get-access-request-config**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**get-entitlement-details-for-identity**](#get-entitlement-details-for-identity) | **GET** `/access-requests/revocable-objects` | Identity Entitlement Details
[**list-access-request-status**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**list-administrators-access-request-status**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**load-account-selections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**set-access-request-config**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -339,6 +341,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -349,6 +352,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-request)
@@ -389,7 +393,7 @@ configuration = Configuration()
with ApiClient(configuration) as api_client:
access_request = '''{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -440,6 +444,133 @@ with ApiClient(configuration) as api_client:
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}''' # AccessRequest |
@@ -511,6 +642,81 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## get-entitlement-details-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
:::tip setting x-sailpoint-experimental header
on the configuration object you can set the `x-sailpoint-experimental` header to `true' to enable all experimantl endpoints within the SDK.
Example:
```python
configuration = Configuration()
configuration.experimental = True
```
:::
Identity Entitlement Details
Use this API to return the details for a entitlement on an identity including specific data relating to remove date and the ability to revoke the identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-details-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| x_sail_point_experimental | **str** | True (default to 'true') | Use this header to enable this experimental API.
Path | identity_id | **str** | True | The identity ID.
Path | entitlement_id | **str** | True | The entitlement ID
### Return type
[**IdentityEntitlementDetails**](../models/identity-entitlement-details)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Entitlement and Account Reference | IdentityEntitlementDetails | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.access_requests_api import AccessRequestsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.identity_entitlement_details import IdentityEntitlementDetails
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
identity_id = '7025c863c2704ba6beeaedf3cb091573' # str | The identity ID. # str | The identity ID.
entitlement_id = 'ef38f94347e94562b5bb8424a56397d8' # str | The entitlement ID # str | The entitlement ID
try:
# Identity Entitlement Details
results = AccessRequestsApi(api_client).get_entitlement_details_for_identity(x_sail_point_experimental=x_sail_point_experimental, identity_id=identity_id, entitlement_id=entitlement_id)
# Below is a request that includes all optional parameters
# results = AccessRequestsApi(api_client).get_entitlement_details_for_identity(x_sail_point_experimental, identity_id, entitlement_id)
print("The response of AccessRequestsApi->get_entitlement_details_for_identity:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccessRequestsApi->get_entitlement_details_for_identity: %s\n" % e)
```
[[Back to top]](#)
## list-access-request-status
@@ -668,6 +874,131 @@ with ApiClient(configuration) as api_client:
[[Back to top]](#)
## load-account-selections
Get accounts selections for identity
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | accounts_selection_request | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type | Response headers |
------------- | ------------- | ------------- |------------------|
200 | Accounts Selection Response | AccountsSelectionResponse | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```python
from sailpoint.v2025.api.access_requests_api import AccessRequestsApi
from sailpoint.v2025.api_client import ApiClient
from sailpoint.v2025.models.accounts_selection_request import AccountsSelectionRequest
from sailpoint.v2025.models.accounts_selection_response import AccountsSelectionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
accounts_selection_request = '''{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}''' # AccountsSelectionRequest |
try:
# Get accounts selections for identity
new_accounts_selection_request = AccountsSelectionRequest.from_json(accounts_selection_request)
results = AccessRequestsApi(api_client).load_account_selections(accounts_selection_request=new_accounts_selection_request)
# Below is a request that includes all optional parameters
# results = AccessRequestsApi(api_client).load_account_selections(new_accounts_selection_request)
print("The response of AccessRequestsApi->load_account_selections:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccessRequestsApi->load_account_selections: %s\n" % e)
```
[[Back to top]](#)
## set-access-request-config