mirror of
https://github.com/LukeHagar/developer.sailpoint.com.git
synced 2025-12-10 12:27:47 +00:00
Automated commit by github action: 3649858103
This commit is contained in:
GitHub Action Bot
@@ -45,10 +45,16 @@ patch:
|
|||||||
description: >-
|
description: >-
|
||||||
This API updates an existing Access Profile. The following fields are patchable:
|
This API updates an existing Access Profile. The following fields are patchable:
|
||||||
|
|
||||||
|
|
||||||
**name**, **description**, **enabled**, **owner**, **requestable**,
|
**name**, **description**, **enabled**, **owner**, **requestable**,
|
||||||
**accessRequestConfig**, **revokeRequestConfig**, **segments**, **entitlements**, **provisioningCriteria**
|
**accessRequestConfig**, **revokeRequestConfig**, **segments**, **entitlements**, **provisioningCriteria**
|
||||||
|
|
||||||
|
A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a
|
||||||
|
SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to
|
||||||
|
administer.
|
||||||
|
|
||||||
|
> The maximum supported length for the description field is 2000 characters.
|
||||||
|
Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.
|
||||||
|
|
||||||
|
|
||||||
> You can only add or replace **entitlements** that exist on the source that the access profile is attached to.
|
> You can only add or replace **entitlements** that exist on the source that the access profile is attached to.
|
||||||
You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.
|
You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.
|
||||||
@@ -56,11 +62,6 @@ patch:
|
|||||||
|
|
||||||
> Patching the value of the **requestable** field is only supported for customers enabled with the new Request
|
> Patching the value of the **requestable** field is only supported for customers enabled with the new Request
|
||||||
Center. Otherwise, attempting to modify this field results in a 400 error.
|
Center. Otherwise, attempting to modify this field results in a 400 error.
|
||||||
|
|
||||||
|
|
||||||
A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a
|
|
||||||
SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to
|
|
||||||
administer.
|
|
||||||
parameters:
|
parameters:
|
||||||
- name: id
|
- name: id
|
||||||
in: path
|
in: path
|
||||||
|
|||||||
@@ -120,10 +120,12 @@ post:
|
|||||||
description: >-
|
description: >-
|
||||||
This API creates an Access Profile.
|
This API creates an Access Profile.
|
||||||
|
|
||||||
|
|
||||||
A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to
|
A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to
|
||||||
call this API. In addition, a token with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the
|
call this API. In addition, a token with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the
|
||||||
Access Profile's Source.
|
Access Profile's Source.
|
||||||
|
|
||||||
|
The maximum supported length for the description field is 2000 characters.
|
||||||
|
Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
|||||||
@@ -51,10 +51,12 @@ patch:
|
|||||||
**name**, **description**, **enabled**, **owner**, **accessProfiles**, **membership**, **requestable**,
|
**name**, **description**, **enabled**, **owner**, **accessProfiles**, **membership**, **requestable**,
|
||||||
**accessRequestConfig**, **revokeRequestConfig**, **segments**
|
**accessRequestConfig**, **revokeRequestConfig**, **segments**
|
||||||
|
|
||||||
|
|
||||||
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a
|
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a
|
||||||
token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated
|
token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated
|
||||||
to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
|
to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
|
||||||
|
|
||||||
|
The maximum supported length for the description field is 2000 characters.
|
||||||
|
Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.
|
||||||
parameters:
|
parameters:
|
||||||
- name: id
|
- name: id
|
||||||
in: path
|
in: path
|
||||||
|
|||||||
@@ -109,6 +109,9 @@ post:
|
|||||||
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to
|
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to
|
||||||
call this API. In addition, a ROLE_SUBADMIN may not create a Role including an Access Profile if that Access Profile
|
call this API. In addition, a ROLE_SUBADMIN may not create a Role including an Access Profile if that Access Profile
|
||||||
is associated with a Source with which the ROLE_SUBADMIN is not themselves associated.
|
is associated with a Source with which the ROLE_SUBADMIN is not themselves associated.
|
||||||
|
|
||||||
|
The maximum supported length for the description field is 2000 characters.
|
||||||
|
Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ properties:
|
|||||||
example: Employee-database-read-write
|
example: Employee-database-read-write
|
||||||
description:
|
description:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: Information about the Access Profile
|
description: Information about the Access Profile
|
||||||
example: Collection of entitlements to read/write the employee database
|
example: Collection of entitlements to read/write the employee database
|
||||||
created:
|
created:
|
||||||
@@ -48,13 +49,16 @@ properties:
|
|||||||
example: true
|
example: true
|
||||||
accessRequestConfig:
|
accessRequestConfig:
|
||||||
$ref: './Requestability.yaml'
|
$ref: './Requestability.yaml'
|
||||||
|
nullable: true
|
||||||
description: Access request configuration for this object
|
description: Access request configuration for this object
|
||||||
revocationRequestConfig:
|
revocationRequestConfig:
|
||||||
$ref: './Revocability.yaml'
|
$ref: './Revocability.yaml'
|
||||||
|
nullable: true
|
||||||
description: >-
|
description: >-
|
||||||
Revocation request configuration for this object.
|
Revocation request configuration for this object.
|
||||||
segments:
|
segments:
|
||||||
type: array
|
type: array
|
||||||
|
nullable: true
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
description: List of IDs of segments, if any, to which this Access Profile is assigned.
|
description: List of IDs of segments, if any, to which this Access Profile is assigned.
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ properties:
|
|||||||
approverType:
|
approverType:
|
||||||
type: string
|
type: string
|
||||||
enum:
|
enum:
|
||||||
|
- APP_OWNER
|
||||||
- OWNER
|
- OWNER
|
||||||
- SOURCE_OWNER
|
- SOURCE_OWNER
|
||||||
- MANAGER
|
- MANAGER
|
||||||
@@ -10,6 +11,8 @@ properties:
|
|||||||
description: >-
|
description: >-
|
||||||
Describes the individual or group that is responsible for an approval step. Values are as follows.
|
Describes the individual or group that is responsible for an approval step. Values are as follows.
|
||||||
|
|
||||||
|
**APP_OWNER**: The owner of the Application
|
||||||
|
|
||||||
|
|
||||||
**OWNER**: Owner of the associated Access Profile or Role
|
**OWNER**: Owner of the associated Access Profile or Role
|
||||||
|
|
||||||
@@ -25,6 +28,7 @@ properties:
|
|||||||
example: GOVERNANCE_GROUP
|
example: GOVERNANCE_GROUP
|
||||||
approverId:
|
approverId:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
|
description: Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
|
||||||
example: 46c79819-a69f-49a2-becb-12c971ae66c6
|
example: 46c79819-a69f-49a2-becb-12c971ae66c6
|
||||||
|
|
||||||
|
|||||||
@@ -21,6 +21,7 @@ properties:
|
|||||||
example: GOVERNANCE_GROUP
|
example: GOVERNANCE_GROUP
|
||||||
approverId:
|
approverId:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
|
description: Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
|
||||||
example: 46c79819-a69f-49a2-becb-12c971ae66c6
|
example: 46c79819-a69f-49a2-becb-12c971ae66c6
|
||||||
|
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
type: object
|
type: object
|
||||||
|
nullable: true
|
||||||
description: Defines matching criteria for an Account to be provisioned with a specific Access Profile
|
description: Defines matching criteria for an Account to be provisioned with a specific Access Profile
|
||||||
properties:
|
properties:
|
||||||
operation:
|
operation:
|
||||||
@@ -12,6 +13,7 @@ properties:
|
|||||||
nullable: true
|
nullable: true
|
||||||
value:
|
value:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: >-
|
description: >-
|
||||||
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
|
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
|
||||||
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
|
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
|
||||||
|
|||||||
@@ -12,6 +12,7 @@ properties:
|
|||||||
nullable: true
|
nullable: true
|
||||||
value:
|
value:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: >-
|
description: >-
|
||||||
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
|
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
|
||||||
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
|
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
type: object
|
type: object
|
||||||
|
nullable: true
|
||||||
description: Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria
|
description: Refers to a specific Identity attribute, Account attibute, or Entitlement used in Role membership criteria
|
||||||
properties:
|
properties:
|
||||||
type:
|
type:
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
type: object
|
type: object
|
||||||
|
nullable: true
|
||||||
description: Defines STANDARD type Role membership
|
description: Defines STANDARD type Role membership
|
||||||
properties:
|
properties:
|
||||||
operation:
|
operation:
|
||||||
@@ -7,6 +8,7 @@ properties:
|
|||||||
$ref: './RoleCriteriaKey.yaml'
|
$ref: './RoleCriteriaKey.yaml'
|
||||||
stringValue:
|
stringValue:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: >-
|
description: >-
|
||||||
String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t
|
String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t
|
||||||
the specified operation. If this criteria is a leaf node, that is, if the operation is one of
|
the specified operation. If this criteria is a leaf node, that is, if the operation is one of
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
type: object
|
type: object
|
||||||
|
nullable: true
|
||||||
description: Defines STANDARD type Role membership
|
description: Defines STANDARD type Role membership
|
||||||
properties:
|
properties:
|
||||||
operation:
|
operation:
|
||||||
@@ -7,6 +8,7 @@ properties:
|
|||||||
$ref: './RoleCriteriaKey.yaml'
|
$ref: './RoleCriteriaKey.yaml'
|
||||||
stringValue:
|
stringValue:
|
||||||
type: string
|
type: string
|
||||||
|
nullable: true
|
||||||
description: >-
|
description: >-
|
||||||
String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t
|
String value to test the Identity attribute, Account attribute, or Entitlement specified in the key w/r/t
|
||||||
the specified operation. If this criteria is a leaf node, that is, if the operation is one of
|
the specified operation. If this criteria is a leaf node, that is, if the operation is one of
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
type: object
|
type: object
|
||||||
|
nullable: true
|
||||||
description: >-
|
description: >-
|
||||||
When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or
|
When present, specifies that the Role is to be granted to Identities which either satisfy specific criteria or
|
||||||
which are members of a given list of Identities.
|
which are members of a given list of Identities.
|
||||||
|
|||||||
Reference in New Issue
Block a user