LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-09 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into devrel-2115

Browse Source
This commit is contained in:
darrell-thobe-sp
2025-05-01 20:23:31 -04:00
parent a0d08e44d1 60f3f8f999
commit 62e2363f5f
787 changed files with 23630 additions and 10489 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/tools/sdk/go/creating-resources.md
View File

@@ -23,7 +23,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
"github.com/sailpoint-oss/golang-sdk/beta"
beta "github.com/sailpoint-oss/golang-sdk/v2/api_beta"
)
func main() {
@@ -32,7 +32,7 @@ func main() {
configuration := sailpoint.NewDefaultConfiguration()
apiClient := sailpoint.NewAPIClient(configuration)
resp, _, err := apiClient.V3.PublicIdentitiesApi.GetPublicIdentities(ctx).Limit(1).Execute()
resp, _, err := apiClient.V3.PublicIdentitiesAPI.GetPublicIdentities(ctx).Limit(1).Execute()
identity := "IDENTITY"
workgroupName := "DB Access Governance Group"
@@ -48,7 +48,7 @@ func main() {
},
}
newWorkgroup, request, errMessage := apiClient.Beta.GovernanceGroupsApi.CreateWorkgroup(ctx).WorkgroupDto(workgroup).Execute()
newWorkgroup, request, errMessage := apiClient.Beta.GovernanceGroupsAPI.CreateWorkgroup(ctx).WorkgroupDto(workgroup).Execute()
if errMessage != nil {
fmt.Fprintf(os.Stderr, "Error when calling `GovernanceGroupsApi.CreateWorkgroup``: %v\n", err)

5
docs/tools/sdk/go/deleting-resources.md
View File

@@ -22,6 +22,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
beta "github.com/sailpoint-oss/golang-sdk/v2/api_beta"
)
func main() {
@@ -30,14 +31,14 @@ func main() {
configuration := sailpoint.NewDefaultConfiguration()
apiClient := sailpoint.NewAPIClient(configuration)
workgroup, r, err := apiClient.Beta.GovernanceGroupsApi.ListWorkgroups(ctx).Filters(`name eq "DB Access Governance Group"`).Execute()
workgroup, r, err := apiClient.Beta.GovernanceGroupsAPI.ListWorkgroups(ctx).Filters(`name eq "DB Access Governance Group"`).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when retrieving workgroup`: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
response, errorMessage := apiClient.Beta.GovernanceGroupsApi.DeleteWorkgroup(ctx, *workgroup[0].Id).Execute()
response, errorMessage := apiClient.Beta.GovernanceGroupsAPI.DeleteWorkgroup(ctx, *workgroup[0].Id).Execute()
if errorMessage != nil {
fmt.Fprintf(os.Stderr, "Error when updating workgroup`: %v\n", errorMessage)

4
docs/tools/sdk/go/error-handling.md
View File

@@ -16,7 +16,7 @@ The SDK returns the response object, request and error object for each method. T
You can use an `if` statement to check whether there are any errors with the request and take actions on the results, such as logging the message or performing additional actions before exiting the program:
```go
resp, r, err := apiClient.V3.TransformsApi.ListTransforms(ctx).Filters("This is an incorrect string").Execute()
resp, r, err := apiClient.V3.TransformsAPI.ListTransforms(ctx).Filters("This is an incorrect string").Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `TransformsApi.ListTransforms``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
@@ -26,7 +26,7 @@ if err != nil {
The program will continue running unless you specify to end it. Use `os.Exit(0)` within the error check to stop execution after an error is found.
```go
resp, r, err := apiClient.V3.TransformsApi.ListTransforms(ctx).Filters("This is an incorrect string").Execute()
resp, r, err := apiClient.V3.TransformsAPI.ListTransforms(ctx).Filters("This is an incorrect string").Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `TransformsApi.ListTransforms``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)

3
docs/tools/sdk/go/getting-started.md
View File

@@ -26,6 +26,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
v3 "github.com/sailpoint-oss/golang-sdk/v2/api_v3"
)
func main() {
@@ -34,7 +35,7 @@ func main() {
configuration := sailpoint.NewDefaultConfiguration()
apiClient := sailpoint.NewAPIClient(configuration)
resp, r, err := apiClient.V3.TransformsApi.ListTransforms(ctx).Execute()
resp, r, err := apiClient.V3.TransformsAPI.ListTransforms(ctx).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `TransformsApi.ListTransforms``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)

8
docs/tools/sdk/go/pagination.md
View File

@@ -24,7 +24,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
v3 "github.com/sailpoint-oss/golang-sdk/v3"
v3 "github.com/sailpoint-oss/golang-sdk/v2/api_v3"
)
func main() {
@@ -33,7 +33,7 @@ func main() {
configuration := sailpoint.NewDefaultConfiguration()
apiClient := sailpoint.NewAPIClient(configuration)
resp, r, err := sailpoint.PaginateWithDefaults[v3.Account](apiClient.V3.AccountsApi.ListAccounts(ctx))
resp, r, err := sailpoint.PaginateWithDefaults[v3.Account](apiClient.V3.AccountsAPI.ListAccounts(ctx))
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `PaginateWithDefaults[v3.Account]``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
@@ -56,7 +56,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
v3 "github.com/sailpoint-oss/golang-sdk/v3"
v3 "github.com/sailpoint-oss/golang-sdk/v2/api_v3"
)
func main() {
@@ -65,7 +65,7 @@ func main() {
configuration := sailpoint.NewDefaultConfiguration()
apiClient := sailpoint.NewAPIClient(configuration)
resp, r, err := sailpoint.Paginate[v3.Account](apiClient.V3.AccountsApi.ListAccounts(ctx), 0, 250, 150000)
resp, r, err := sailpoint.Paginate[v3.Account](apiClient.V3.AccountsAPI.ListAccounts(ctx), 0, 250, 150000)
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `Paginate[v3.Account]``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)

3
docs/tools/sdk/go/retries.md
View File

@@ -24,6 +24,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
v3 "github.com/sailpoint-oss/golang-sdk/v2/api_v3"
)
func main() {
@@ -35,7 +36,7 @@ func main() {
configuration.HTTPClient.RetryMax = 10
configuration.HTTPClient.RetryWaitMax = time.Second * 2
resp, r, err := apiClient.V3.TransformsApi.ListTransforms(ctx).Filters("This is an incorrect string").Execute()
resp, r, err := apiClient.V3.TransformsAPI.ListTransforms(ctx).Filters("This is an incorrect string").Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `TransformsApi.ListTransforms``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)

4
docs/tools/sdk/go/search.md
View File

@@ -31,7 +31,7 @@ func getSearchResults(ctx context.Context, apiClient *sailpoint.APIClient) {
}
`)
search.UnmarshalJSON(searchString)
resp, r, err := sailpoint.PaginateSearchApi(ctx, apiClient, *search, 0, 10, 10000)
resp, r, err := sailpoint.PaginateSearchAPI(ctx, apiClient, *search, 0, 10, 10000)
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `PaginateSearchApi``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
@@ -80,7 +80,7 @@ In this example, the `"identities"` string represents an unmarshalled JSON. Chan
The search example includes the syntax you can use to paginate search results. Edit this line to configure the search result pagination:
```go
resp, r, err := sailpoint.PaginateSearchApi(ctx, apiClient, *search, 0, 10, 10000)
resp, r, err := sailpoint.PaginateSearchAPI(ctx, apiClient, *search, 0, 10, 10000)
```
The first value refers to the `initialOffset`, the starting number for the results, the second refers to the `increment`, the number of records per page, and the third refers to the `limit`, the last record that can be returned.

6
docs/tools/sdk/go/updating-resources.md
View File

@@ -23,7 +23,7 @@ import (
"os"
sailpoint "github.com/sailpoint-oss/golang-sdk"
"github.com/sailpoint-oss/golang-sdk/beta"
beta "github.com/sailpoint-oss/golang-sdk/v2/api_beta"
)
func main() {
@@ -32,7 +32,7 @@ func main() {
configuration := sailpoint.NewDefaultConfiguration()
apiClient := sailpoint.NewAPIClient(configuration)
workgroup, r, err := apiClient.Beta.GovernanceGroupsApi.ListWorkgroups(ctx).Filters(`name eq "DB Access Governance Group"`).Execute()
workgroup, r, err := apiClient.Beta.GovernanceGroupsAPI.ListWorkgroups(ctx).Filters(`name eq "DB Access Governance Group"`).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when retrieving workgroup`: %v\n", err)
@@ -43,7 +43,7 @@ func main() {
newDescriptionValue := beta.JsonPatchOperationValue{String: &updatedDescription}
patchArray := []beta.JsonPatchOperation{{Op: "replace", Path: "/description", Value: &newDescriptionValue}}
updatedWorkgroup, request, errorMessage := apiClient.Beta.GovernanceGroupsApi.PatchWorkgroup(ctx, *workgroup[0].Id).JsonPatchOperation(patchArray).Execute()
updatedWorkgroup, request, errorMessage := apiClient.Beta.GovernanceGroupsAPI.PatchWorkgroup(ctx, *workgroup[0].Id).JsonPatchOperation(patchArray).Execute()
if errorMessage != nil {
fmt.Fprintf(os.Stderr, "Error when updating workgroup`: %v\n", errorMessage)

8
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaAccessProfilesApi.md
View File

@@ -63,8 +63,9 @@ Method | HTTP request | Description
## create-access-profile
Create an access profile.
A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.
A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile's source.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
>**Note:** To use this endpoint, you need all the listed scopes.
[API Spec](https://developer.sailpoint.com/docs/api/beta/create-access-profile)
@@ -127,6 +128,7 @@ $AccessProfile = @"{
"segments" : [ "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", "29cb6c06-1da8-43ea-8be4-b3125f248f2a" ],
"accessRequestConfig" : {
"commentsRequired" : true,
"reauthorizationRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
@@ -409,7 +411,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error.
@@ -437,7 +439,7 @@ $ForSubadmin = "8c190e6787aa4ed9a90bd9d5344523fb" # String | Filters the returne
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error. (optional) (default to $true)

151
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaAccessRequestsApi.md
View File

@@ -174,6 +174,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -184,6 +185,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/beta/create-access-request)
@@ -213,7 +215,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -227,7 +229,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -236,7 +240,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -245,7 +251,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -254,7 +262,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -263,7 +273,136 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@

5
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaRolesApi.md
View File

@@ -218,6 +218,7 @@ $Role = @"{
},
"accessRequestConfig" : {
"commentsRequired" : true,
"reauthorizationRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
@@ -541,7 +542,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq*
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **dimensional**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
@@ -569,7 +570,7 @@ $ForSubadmin = "5168015d32f890ca15812c9180835d2e" # String | If provided, filter
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* (optional)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **dimensional**: *eq* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error. (optional) (default to $true)

15
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaServiceDeskIntegrationApi.md
View File

@@ -419,7 +419,7 @@ Update an existing Service Desk integration by ID with a PATCH request.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to update
Body | PatchServiceDeskIntegrationRequest | [**PatchServiceDeskIntegrationRequest**](../models/patch-service-desk-integration-request) | True | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
@@ -442,16 +442,21 @@ Code | Description | Data Type
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to update
$PatchServiceDeskIntegrationRequest = @""@
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
# Patch a Service Desk Integration
try {
$Result = ConvertFrom-JsonToPatchServiceDeskIntegrationRequest -Json $PatchServiceDeskIntegrationRequest
Update-BetaServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-BetaServiceDeskIntegration -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-BetaServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
# Update-BetaServiceDeskIntegration -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-BetaServiceDeskIntegration"
Write-Host $_.ErrorDetails

192
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaWorkflowsApi.md
View File

@@ -33,9 +33,9 @@ Method | HTTP request | Description
[**Update-BetaWorkflow**](#patch-workflow) | **PATCH** `/workflows/{id}` | Patch Workflow
[**Submit-BetaExternalExecuteWorkflow**](#post-external-execute-workflow) | **POST** `/workflows/execute/external/{id}` | Execute Workflow via External Trigger
[**Submit-BetaWorkflowExternalTrigger**](#post-workflow-external-trigger) | **POST** `/workflows/{id}/external/oauth-clients` | Generate External Trigger OAuth Client
[**Send-BetaWorkflow**](#put-workflow) | **PUT** `/workflows/{id}` | Update Workflow
[**Test-BetaExternalExecuteWorkflow**](#test-external-execute-workflow) | **POST** `/workflows/execute/external/{id}/test` | Test Workflow via External Trigger
[**Test-BetaWorkflow**](#test-workflow) | **POST** `/workflows/{id}/test` | Test Workflow By Id
[**Update-BetaWorkflow**](#update-workflow) | **PUT** `/workflows/{id}` | Update Workflow
## cancel-workflow-execution
@@ -184,6 +184,7 @@ Get a single workflow by id.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
Query | WorkflowMetrics | **Boolean** | (optional) (default to $true) | disable workflow metrics
### Return type
[**Workflow**](../models/workflow)
@@ -205,6 +206,7 @@ Code | Description | Data Type
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
$WorkflowMetrics = $false # Boolean | disable workflow metrics (optional) (default to $true)
# Get Workflow By Id
@@ -212,7 +214,7 @@ try {
Get-BetaWorkflow -Id $Id
# Below is a request that includes all optional parameters
# Get-BetaWorkflow -Id $Id
# Get-BetaWorkflow -Id $Id -WorkflowMetrics $WorkflowMetrics
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaWorkflow"
Write-Host $_.ErrorDetails
@@ -221,7 +223,7 @@ try {
[[Back to top]](#)
## get-workflow-execution
Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a "404 Not Found" response.
Get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a "404 Not Found" response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-workflow-execution)
@@ -572,6 +574,10 @@ List all workflows in the tenant.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | TriggerId | **String** | (optional) | Trigger ID
Query | ConnectorInstanceId | **String** | (optional) | Connector Instance ID
### Return type
[**Workflow[]**](../models/workflow)
@@ -592,6 +598,10 @@ Code | Description | Data Type
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$TriggerId = "idn:identity-created" # String | Trigger ID (optional)
$ConnectorInstanceId = "28541fec-bb81-4ad4-88ef-0f7d213adcad" # String | Connector Instance ID (optional)
# List Workflows
@@ -599,7 +609,7 @@ try {
Get-BetaWorkflows
# Below is a request that includes all optional parameters
# Get-BetaWorkflows
# Get-BetaWorkflows -Limit $Limit -Offset $Offset -TriggerId $TriggerId -ConnectorInstanceId $ConnectorInstanceId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaWorkflows"
Write-Host $_.ErrorDetails
@@ -752,6 +762,93 @@ try {
```
[[Back to top]](#)
## put-workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/put-workflow)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
Body | WorkflowBody | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
$WorkflowBody = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"formDefinitionId" : "Admin_Access_Request_Form",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}"@
# Update Workflow
try {
$Result = ConvertFrom-JsonToWorkflowBody -Json $WorkflowBody
Send-BetaWorkflow -Id $Id -WorkflowBody $Result
# Below is a request that includes all optional parameters
# Send-BetaWorkflow -Id $Id -WorkflowBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-BetaWorkflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-external-execute-workflow
Validate a workflow with an "External Trigger" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow.
@@ -848,90 +945,3 @@ try {
}
```
[[Back to top]](#)
## update-workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/update-workflow)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
Body | WorkflowBody | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
$WorkflowBody = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"formDefinitionId" : "Admin_Access_Request_Form",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}"@
# Update Workflow
try {
$Result = ConvertFrom-JsonToWorkflowBody -Json $WorkflowBody
Update-BetaWorkflow -Id $Id -WorkflowBody $Result
# Below is a request that includes all optional parameters
# Update-BetaWorkflow -Id $Id -WorkflowBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-BetaWorkflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

18
docs/tools/sdk/powershell/Reference/Beta/Models/AccessProfile.md
View File

@@ -16,19 +16,19 @@ tags: ['SDK', 'Software Development Kit', 'AccessProfile', 'BetaAccessProfile']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | The ID of the Access Profile | [optional] [readonly]
**Name** | **String** | Name of the Access Profile | [required]
**Description** | **String** | Information about the Access Profile | [optional]
**Created** | **System.DateTime** | Date the Access Profile was created | [optional] [readonly]
**Modified** | **System.DateTime** | Date the Access Profile was last modified. | [optional] [readonly]
**Enabled** | **Boolean** | Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. | [optional] [default to $false]
**Id** | **String** | Access profile ID. | [optional] [readonly]
**Name** | **String** | Access profile name. | [required]
**Description** | **String** | Access profile description. | [optional]
**Created** | **System.DateTime** | Date and time when the access profile was created. | [optional] [readonly]
**Modified** | **System.DateTime** | Date and time when the access profile was last modified. | [optional] [readonly]
**Enabled** | **Boolean** | Indicates whether the access profile is enabled. If it's enabled, you must include at least one entitlement. | [optional] [default to $false]
**Owner** | [**OwnerReference**](owner-reference) | | [required]
**Source** | [**AccessProfileSourceRef**](access-profile-source-ref) | | [required]
**Entitlements** | [**[]EntitlementRef**](entitlement-ref) | A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. | [optional]
**Requestable** | **Boolean** | Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error. | [optional] [default to $true]
**Entitlements** | [**[]EntitlementRef**](entitlement-ref) | List of entitlements associated with the access profile. If `enabled` is false, this can be empty. Otherwise, it must contain at least one entitlement. | [optional]
**Requestable** | **Boolean** | Indicates whether the access profile is requestable by access request. Currently, making an access profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an access profile with a value **false** in this field results in a 400 error. | [optional] [default to $true]
**AccessRequestConfig** | [**Requestability**](requestability) | | [optional]
**RevocationRequestConfig** | [**Revocability**](revocability) | | [optional]
**Segments** | **[]String** | List of IDs of segments, if any, to which this Access Profile is assigned. | [optional]
**Segments** | **[]String** | List of segment IDs, if any, that the access profile is assigned to. | [optional]
**ProvisioningCriteria** | [**ProvisioningCriteriaLevel1**](provisioning-criteria-level1) | | [optional]
## Examples

4
docs/tools/sdk/powershell/Reference/Beta/Models/AccessProfileApprovalScheme.md
View File

@@ -16,8 +16,8 @@ tags: ['SDK', 'Software Development Kit', 'AccessProfileApprovalScheme', 'BetaAc
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ApproverType** | **Enum** [ "APP_OWNER", "OWNER", "SOURCE_OWNER", "MANAGER", "GOVERNANCE_GROUP" ] | Describes the individual or group that is responsible for an approval step. Values are as follows. **APP_OWNER**: The owner of the Application **OWNER**: Owner of the associated Access Profile or Role **SOURCE_OWNER**: Owner of the Source associated with an Access Profile **MANAGER**: Manager of the Identity making the request **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field | [optional]
**ApproverId** | **String** | Id of the specific approver, used only when approverType is GOVERNANCE_GROUP | [optional]
**ApproverType** | **Enum** [ "APP_OWNER", "OWNER", "SOURCE_OWNER", "MANAGER", "GOVERNANCE_GROUP" ] | Describes the individual or group that is responsible for an approval step. These are the possible values: **APP_OWNER**: The owner of the Application **OWNER**: Owner of the associated Access Profile or Role **SOURCE_OWNER**: Owner of the Source associated with an Access Profile **MANAGER**: Manager of the Identity making the request **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field | [optional]
**ApproverId** | **String** | Specific approver ID. Only use this when the `approverType` is `GOVERNANCE_GROUP`. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/Beta/Models/AccessProfileSourceRef.md
View File

@@ -16,9 +16,9 @@ tags: ['SDK', 'Software Development Kit', 'AccessProfileSourceRef', 'BetaAccessP
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | The ID of the Source with with which the Access Profile is associated | [optional]
**Type** | **Enum** [ "SOURCE" ] | The type of the Source, will always be SOURCE | [optional]
**Name** | **String** | The display name of the associated Source | [optional]
**Id** | **String** | ID of the source the access profile is associated with. | [optional]
**Type** | **Enum** [ "SOURCE" ] | Source's DTO type. | [optional]
**Name** | **String** | Source name. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/Beta/Models/AccessRequest.md
View File

@@ -20,15 +20,17 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.BetaAccessRequest -RequestedFor null `
$AccessRequest = Initialize-PSSailpoint.BetaAccessRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app} `
-RequestedForWithRequestedItems null
```
- Convert the resource to JSON

6
docs/tools/sdk/powershell/Reference/Beta/Models/AccessRequestItem.md
View File

@@ -21,6 +21,8 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples
@@ -30,7 +32,9 @@ $AccessRequestItem = Initialize-PSSailpoint.BetaAccessRequestItem -Type ACCESS_
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN
```
- Convert the resource to JSON

37
docs/tools/sdk/powershell/Reference/Beta/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: beta-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountItemRef', 'BetaAccountItemRef']
slug: /tools/sdk/powershell/beta/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'BetaAccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountUuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
## Examples
- Prepare the resource
```powershell
$AccountItemRef = Initialize-PSSailpoint.BetaAccountItemRef -AccountUuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local
```
- Convert the resource to JSON
```powershell
$AccountItemRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/Beta/Models/AccountUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$AccountUsage = Initialize-PSSailpoint.BetaAccountUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
$AccountUsage = Initialize-PSSailpoint.BetaAccountUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
-Count 10
```

2
docs/tools/sdk/powershell/Reference/Beta/Models/AttributeDefinitionType.md
View File

@@ -23,6 +23,8 @@ tags: ['SDK', 'Software Development Kit', 'AttributeDefinitionType', 'BetaAttrib
* `BOOLEAN` (value: `"BOOLEAN"`)
* `DATE` (value: `"DATE"`)
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/Beta/Models/GetActiveCampaigns200ResponseInner.md
View File

@@ -25,7 +25,7 @@ Name | Type | Description | Notes
**AutoRevokeAllowed** | **Boolean** | Allows auto revoke for this campaign | [optional] [default to $false]
**RecommendationsEnabled** | **Boolean** | Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. | [optional] [default to $false]
**Status** | **Enum** [ "PENDING", "STAGED", "CANCELING", "ACTIVATING", "ACTIVE", "COMPLETING", "COMPLETED", "ERROR", "ARCHIVED" ] | The campaign's current status. | [optional] [readonly]
**CorrelatedStatus** | **Enum** [ "CORRELATED", "UNCORRELATED" ] | The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). | [optional]
**CorrelatedStatus** | **Enum** [ "CORRELATED", "UNCORRELATED" ] | The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). | [optional]
**Created** | **System.DateTime** | Created time of the campaign | [optional] [readonly]
**TotalCertifications** | **Int32** | The total number of certifications in this campaign. | [optional] [readonly]
**CompletedCertifications** | **Int32** | The number of completed certifications in this campaign. | [optional] [readonly]

4
docs/tools/sdk/powershell/Reference/Beta/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -51,8 +51,8 @@ $NonEmployeeRequestWithoutApprovalItem = Initialize-PSSailpoint.BetaNonEmployeeR
-ApprovalStatus null `
-Comment approved `
-CompletionDate 2020-03-24T11:11:41.139-05:00 `
-StartDate Tue Mar 24 00:00:00 UTC 2020 `
-EndDate Thu Mar 25 00:00:00 UTC 2021 `
-StartDate Mon Mar 23 20:00:00 EDT 2020 `
-EndDate Wed Mar 24 20:00:00 EDT 2021 `
-Modified 2020-03-24T11:11:41.139-05:00 `
-Created 2020-03-24T11:11:41.139-05:00
```

4
docs/tools/sdk/powershell/Reference/Beta/Models/OwnerReference.md
View File

@@ -17,8 +17,8 @@ tags: ['SDK', 'Software Development Kit', 'OwnerReference', 'BetaOwnerReference'
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "IDENTITY" ] | Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result. | [optional]
**Id** | **String** | Identity id | [optional]
**Name** | **String** | Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result. | [optional]
**Id** | **String** | Owner's identity ID. | [optional]
**Name** | **String** | Owner's name. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result. | [optional]
## Examples

35
docs/tools/sdk/powershell/Reference/Beta/Models/PatchServiceDeskIntegrationRequest.md
View File

@@ -1,35 +0,0 @@
---
id: beta-patch-service-desk-integration-request
title: PatchServiceDeskIntegrationRequest
pagination_label: PatchServiceDeskIntegrationRequest
sidebar_label: PatchServiceDeskIntegrationRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PatchServiceDeskIntegrationRequest', 'BetaPatchServiceDeskIntegrationRequest']
slug: /tools/sdk/powershell/beta/models/patch-service-desk-integration-request
tags: ['SDK', 'Software Development Kit', 'PatchServiceDeskIntegrationRequest', 'BetaPatchServiceDeskIntegrationRequest']
---
# PatchServiceDeskIntegrationRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operations** | [**[]JsonPatchOperation**](json-patch-operation) | Operations to be applied | [optional]
## Examples
- Prepare the resource
```powershell
$PatchServiceDeskIntegrationRequest = Initialize-PSSailpoint.BetaPatchServiceDeskIntegrationRequest -Operations null
```
- Convert the resource to JSON
```powershell
$PatchServiceDeskIntegrationRequest | ConvertTo-JSON
```
[[Back to top]](#)

6
docs/tools/sdk/powershell/Reference/Beta/Models/ProvisioningCriteriaLevel1.md
View File

@@ -17,9 +17,9 @@ tags: ['SDK', 'Software Development Kit', 'ProvisioningCriteriaLevel1', 'BetaPro
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operation** | [**ProvisioningCriteriaOperation**](provisioning-criteria-operation) | | [optional]
**Attribute** | **String** | Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error. | [optional]
**Value** | **String** | String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel2**](provisioning-criteria-level2) | Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
**Attribute** | **String** | Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error. | [optional]
**Value** | **String** | String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel2**](provisioning-criteria-level2) | Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/Beta/Models/ProvisioningCriteriaLevel2.md
View File

@@ -17,9 +17,9 @@ tags: ['SDK', 'Software Development Kit', 'ProvisioningCriteriaLevel2', 'BetaPro
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operation** | [**ProvisioningCriteriaOperation**](provisioning-criteria-operation) | | [optional]
**Attribute** | **String** | Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error. | [optional]
**Value** | **String** | String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel3**](provisioning-criteria-level3) | Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
**Attribute** | **String** | Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error. | [optional]
**Value** | **String** | String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel3**](provisioning-criteria-level3) | Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/Beta/Models/ProvisioningCriteriaLevel3.md
View File

@@ -17,9 +17,9 @@ tags: ['SDK', 'Software Development Kit', 'ProvisioningCriteriaLevel3', 'BetaPro
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operation** | [**ProvisioningCriteriaOperation**](provisioning-criteria-operation) | | [optional]
**Attribute** | **String** | Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error. | [optional]
**Value** | **String** | String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type. | [optional]
**Children** | **String** | Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
**Attribute** | **String** | Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error. | [optional]
**Value** | **String** | String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type. | [optional]
**Children** | **String** | Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
## Examples

8
docs/tools/sdk/powershell/Reference/Beta/Models/Requestability.md
View File

@@ -16,9 +16,10 @@ tags: ['SDK', 'Software Development Kit', 'Requestability', 'BetaRequestability'
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**CommentsRequired** | **Boolean** | Whether the requester of the containing object must provide comments justifying the request | [optional] [default to $false]
**DenialCommentsRequired** | **Boolean** | Whether an approver must provide comments when denying the request | [optional] [default to $false]
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps in approving the request | [optional]
**CommentsRequired** | **Boolean** | Indicates whether the requester of the containing object must provide comments justifying the request. | [optional] [default to $false]
**DenialCommentsRequired** | **Boolean** | Indicates whether an approver must provide comments when denying the request. | [optional] [default to $false]
**ReauthorizationRequired** | **Boolean** | Indicates whether reauthorization is required for the request. | [optional] [default to $false]
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps involved in approving the request. | [optional]
## Examples
@@ -26,6 +27,7 @@ Name | Type | Description | Notes
```powershell
$Requestability = Initialize-PSSailpoint.BetaRequestability -CommentsRequired true `
-DenialCommentsRequired true `
-ReauthorizationRequired true `
-ApprovalSchemes null
```

2
docs/tools/sdk/powershell/Reference/Beta/Models/RequestabilityForRole.md
View File

@@ -18,6 +18,7 @@ Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**CommentsRequired** | **Boolean** | Whether the requester of the containing object must provide comments justifying the request | [optional] [default to $false]
**DenialCommentsRequired** | **Boolean** | Whether an approver must provide comments when denying the request | [optional] [default to $false]
**ReauthorizationRequired** | **Boolean** | Indicates whether reauthorization is required for the request. | [optional] [default to $false]
**ApprovalSchemes** | [**[]ApprovalSchemeForRole**](approval-scheme-for-role) | List describing the steps in approving the request | [optional]
## Examples
@@ -26,6 +27,7 @@ Name | Type | Description | Notes
```powershell
$RequestabilityForRole = Initialize-PSSailpoint.BetaRequestabilityForRole -CommentsRequired true `
-DenialCommentsRequired true `
-ReauthorizationRequired true `
-ApprovalSchemes null
```

37
docs/tools/sdk/powershell/Reference/Beta/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: beta-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedForDtoRef', 'BetaRequestedForDtoRef']
slug: /tools/sdk/powershell/beta/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'BetaRequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | The identity id for which the access is requested | [required]
**RequestedItems** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
## Examples
- Prepare the resource
```powershell
$RequestedForDtoRef = Initialize-PSSailpoint.BetaRequestedForDtoRef -IdentityId cb89bc2f1ee6445fbea12224c526ba3a `
-RequestedItems null
```
- Convert the resource to JSON
```powershell
$RequestedForDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/Beta/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: beta-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemDtoRef', 'BetaRequestedItemDtoRef']
slug: /tools/sdk/powershell/beta/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'BetaRequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemDtoRef = Initialize-PSSailpoint.BetaRequestedItemDtoRef -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```
- Convert the resource to JSON
```powershell
$RequestedItemDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/Beta/Models/Revocability.md
View File

@@ -16,7 +16,7 @@ tags: ['SDK', 'Software Development Kit', 'Revocability', 'BetaRevocability']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps in approving the revocation request | [optional]
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps involved in approving the revocation request. | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/Beta/Models/Schema.md
View File

@@ -22,7 +22,7 @@ Name | Type | Description | Notes
**IdentityAttribute** | **String** | The name of the attribute used to calculate the unique identifier for an object in the schema. | [optional]
**DisplayAttribute** | **String** | The name of the attribute used to calculate the display value for an object in the schema. | [optional]
**HierarchyAttribute** | **String** | The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas. | [optional]
**IncludePermissions** | **Boolean** | Flag indicating whether or not the include permissions with the object data when aggregating the schema. | [optional]
**IncludePermissions** | **Boolean** | Flag indicating whether or not the include permissions with the object data when aggregating the schema. | [optional] [default to $false]
**Features** | **[]String** | Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors. * AUTHENTICATE: The source supports pass-through authentication. * COMPOSITE: The source supports composite source creation. * DIRECT_PERMISSIONS: The source supports returning DirectPermissions. * DISCOVER_SCHEMA: The source supports discovering schemas for users and groups. * ENABLE The source supports reading if an account is enabled or disabled. * MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS. * NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform. * PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source. * SEARCH * TEMPLATE * UNLOCK: The source supports reading if an account is locked or unlocked. * UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets. * SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources. * PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation. * GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented. * SYNC_PROVISIONING: The source can provision accounts synchronously. * PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature. * CURRENT_PASSWORD: Some source types support verification of the current password * ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements. * ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts. * NO_AGGREGATION: A source that does not support aggregation. * GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation. * NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts. * NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups. * NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. * NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING. * USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure. * PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning. * ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM * ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM * ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM | [optional]
**Configuration** | [**SystemCollectionsHashtable**]https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0 | Holds any extra configuration data that the schema may require. | [optional]
**Attributes** | [**[]AttributeDefinition**](attribute-definition) | The attribute definitions which form the schema. | [optional]

37
docs/tools/sdk/powershell/Reference/Beta/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: beta-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceItemRef', 'BetaSourceItemRef']
slug: /tools/sdk/powershell/beta/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'BetaSourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | The id for the source on which account selections are made | [optional]
**Accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
## Examples
- Prepare the resource
```powershell
$SourceItemRef = Initialize-PSSailpoint.BetaSourceItemRef -SourceId cb89bc2f1ee6445fbea12224c526ba3a `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceItemRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/Beta/Models/SourceUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$SourceUsage = Initialize-PSSailpoint.BetaSourceUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
$SourceUsage = Initialize-PSSailpoint.BetaSourceUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
-Count 10.45
```

2
docs/tools/sdk/powershell/Reference/Beta/Models/WorkflowExecution.md
View File

@@ -21,7 +21,7 @@ Name | Type | Description | Notes
**RequestId** | **String** | Backend ID that tracks a workflow request in the system. Provide this ID in a customer support ticket for debugging purposes. | [optional]
**StartTime** | **System.DateTime** | Date/time when the workflow started. | [optional]
**CloseTime** | **System.DateTime** | Date/time when the workflow ended. | [optional]
**Status** | **Enum** [ "Completed", "Failed", "Canceled", "Running" ] | Workflow execution status. | [optional]
**Status** | **Enum** [ "Completed", "Failed", "Canceled", "Queued", "Running" ] | Workflow execution status. | [optional]
## Examples

8
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024AccessProfilesApi.md
View File

@@ -63,8 +63,9 @@ Method | HTTP request | Description
## create-access-profile
Create an access profile.
A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.
A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile's source.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
>**Note:** To use this endpoint, you need all the listed scopes.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/create-access-profile)
@@ -127,6 +128,7 @@ $AccessProfile = @"{
"segments" : [ "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", "29cb6c06-1da8-43ea-8be4-b3125f248f2a" ],
"accessRequestConfig" : {
"commentsRequired" : true,
"reauthorizationRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
@@ -411,7 +413,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error.
@@ -439,7 +441,7 @@ $ForSubadmin = "8c190e6787aa4ed9a90bd9d5344523fb" # String | Filters the returne
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error. (optional) (default to $true)

4
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024AccessRequestApprovalsApi.md
View File

@@ -318,7 +318,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in*
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* **created**: *gt, lt, ge, le, eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
@@ -344,7 +344,7 @@ $OwnerId = "2c91808568c529c60168cca6f90c1313" # String | If present, the value r
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* (optional)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* **created**: *gt, lt, ge, le, eq, in* (optional)
$Sorters = "modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Pending Access Request Approvals List

264
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024AccessRequestsApi.md
View File

@@ -40,6 +40,7 @@ Method | HTTP request | Description
[**Get-V2024AccessRequestConfig**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**Get-V2024AccessRequestStatus**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**Get-V2024AdministratorsAccessRequestStatus**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**Invoke-V2024LoadAccountSelections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**Set-V2024AccessRequestConfig**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -283,6 +284,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -293,6 +295,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/create-access-request)
@@ -322,7 +325,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -336,7 +339,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -345,7 +350,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -354,7 +361,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -363,7 +372,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -372,7 +383,136 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@
@@ -563,6 +703,118 @@ try {
```
[[Back to top]](#)
## load-account-selections
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccountsSelectionRequest | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Accounts Selection Response | AccountsSelectionResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccountsSelectionRequest = @"{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}"@
# Get accounts selections for identity
try {
$Result = ConvertFrom-JsonToAccountsSelectionRequest -Json $AccountsSelectionRequest
Invoke-V2024LoadAccountSelections -AccountsSelectionRequest $Result
# Below is a request that includes all optional parameters
# Invoke-V2024LoadAccountSelections -AccountsSelectionRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2024LoadAccountSelections"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-config
This endpoint replaces the current access-request configuration.

4
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024CertificationCampaignsApi.md
View File

@@ -706,12 +706,12 @@ Path | Id | **String** | True | ID of the campaign to be retrieved.
Query | Detail | **String** | (optional) | Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.
### Return type
[**GetActiveCampaigns200ResponseInner**](../models/get-active-campaigns200-response-inner)
[**GetCampaign200Response**](../models/get-campaign200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Requested campaign object. | GetActiveCampaigns200ResponseInner
200 | Requested campaign object. | GetCampaign200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto

2
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024ConfigurationHubApi.md
View File

@@ -252,7 +252,7 @@ Code | Description | Data Type
### Example
```powershell
$ScheduledActionPayload = @"{
"cronString" : "0 0 12 * * ?",
"cronString" : "0 0 12 * * * *",
"timeZoneId" : "America/Chicago",
"startTime" : "2024-08-16T14:16:58.389Z",
"jobType" : "BACKUP",

295
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024GlobalTenantSecuritySettingsApi.md
View File

@@ -21,8 +21,14 @@ All URIs are relative to *https://sailpoint.api.identitynow.com/v2024*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2024AuthOrgNetworkConfig**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**Get-V2024AuthOrgLockoutConfig**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**Get-V2024AuthOrgNetworkConfig**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**Get-V2024AuthOrgServiceProviderConfig**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**Get-V2024AuthOrgSessionConfig**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**Update-V2024AuthOrgLockoutConfig**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**Update-V2024AuthOrgNetworkConfig**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**Update-V2024AuthOrgServiceProviderConfig**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**Update-V2024AuthOrgSessionConfig**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
@@ -76,6 +82,50 @@ try {
```
[[Back to top]](#)
## get-auth-org-lockout-config
This API returns the details of an org's lockout auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Lockout configuration for the tenant's auth org. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Lockout Configuration.
try {
Get-V2024AuthOrgLockoutConfig
# Below is a request that includes all optional parameters
# Get-V2024AuthOrgLockoutConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-network-config
This API returns the details of an org's network auth configuration.
@@ -120,6 +170,147 @@ try {
```
[[Back to top]](#)
## get-auth-org-service-provider-config
This API returns the details of an org's service provider auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Service Provider Configuration.
try {
Get-V2024AuthOrgServiceProviderConfig
# Below is a request that includes all optional parameters
# Get-V2024AuthOrgServiceProviderConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-session-config
This API returns the details of an org's session auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Session configuration for the tenant's auth org. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Session Configuration.
try {
Get-V2024AuthOrgSessionConfig
# Below is a request that includes all optional parameters
# Get-V2024AuthOrgSessionConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-lockout-config
This API updates an existing lockout configuration for an org using PATCH
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org lockout configuration. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
# Update Auth Org Lockout Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024AuthOrgLockoutConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024AuthOrgLockoutConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-network-config
This API updates an existing network configuration for an org using PATCH
Requires security scope of: 'sp:auth-org:manage'
@@ -172,3 +363,107 @@ try {
}
```
[[Back to top]](#)
## patch-auth-org-service-provider-config
This API updates an existing service provider configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
# Update Service Provider Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024AuthOrgServiceProviderConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024AuthOrgServiceProviderConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-session-config
This API updates an existing session configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org session configuration. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
# Update Auth Org Session Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024AuthOrgSessionConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024AuthOrgSessionConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024MachineAccountsApi.md
View File

@@ -171,7 +171,7 @@ Code | Description | Data Type
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Account ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
$RequestBody = @"{Add machine identity attribute={value=[{op=add, path=/environment, value=test}]}, Replace machine identity attribute={value=[{op=replace, path=/environment, value=test}]}, Remove machine identity attribute={value=[{op=remove, path=/environment}]}}"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
$RequestBody = @"[{op=add, path=/environment, value=test}]"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
# Update a Machine Account

2
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024MachineIdentitiesApi.md
View File

@@ -286,7 +286,7 @@ Code | Description | Data Type
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"{Add machine identity attribute={value=[{op=add, path=/attributes/securityRisk, value=medium}]}, Replace machine identity attribute={value=[{op=replace, path=/attributes/securityRisk, value=medium}]}, Remove machine identity attribute={value=[{op=remove, path=/attributes/securityRisk}]}}"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"[{op=add, path=/attributes/securityRisk, value=medium}]"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Update a Machine Identity

4
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024ManagedClustersApi.md
View File

@@ -235,7 +235,7 @@ Param Type | Name | Data Type | Required | Description
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq*
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq* **name**: *eq* **type**: *eq* **status**: *eq*
### Return type
[**ManagedCluster[]**](../models/managed-cluster)
@@ -259,7 +259,7 @@ Code | Description | Data Type
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'operational eq "operation"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq* (optional)
$Filters = 'operational eq "operation"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq* **name**: *eq* **type**: *eq* **status**: *eq* (optional)
# Get Managed Clusters

5
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024RolesApi.md
View File

@@ -226,6 +226,7 @@ $Role = @"{
},
"accessRequestConfig" : {
"commentsRequired" : true,
"reauthorizationRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
@@ -693,7 +694,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq*
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **dimensional**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
@@ -721,7 +722,7 @@ $ForSubadmin = "5168015d32f890ca15812c9180835d2e" # String | If provided, filter
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* (optional)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **dimensional**: *eq* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error. (optional) (default to $true)

15
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024ServiceDeskIntegrationApi.md
View File

@@ -422,7 +422,7 @@ Update an existing Service Desk integration by ID with a PATCH request.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to update
Body | PatchServiceDeskIntegrationRequest | [**PatchServiceDeskIntegrationRequest**](../models/patch-service-desk-integration-request) | True | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
@@ -445,16 +445,21 @@ Code | Description | Data Type
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to update
$PatchServiceDeskIntegrationRequest = @""@
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
# Patch a Service Desk Integration
try {
$Result = ConvertFrom-JsonToPatchServiceDeskIntegrationRequest -Json $PatchServiceDeskIntegrationRequest
Update-V2024ServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024ServiceDeskIntegration -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024ServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
# Update-V2024ServiceDeskIntegration -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024ServiceDeskIntegration"
Write-Host $_.ErrorDetails

18
docs/tools/sdk/powershell/Reference/V2024/Models/AccessProfile.md
View File

@@ -16,19 +16,19 @@ tags: ['SDK', 'Software Development Kit', 'AccessProfile', 'V2024AccessProfile']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | The ID of the Access Profile | [optional] [readonly]
**Name** | **String** | Name of the Access Profile | [required]
**Description** | **String** | Information about the Access Profile | [optional]
**Created** | **System.DateTime** | Date the Access Profile was created | [optional] [readonly]
**Modified** | **System.DateTime** | Date the Access Profile was last modified. | [optional] [readonly]
**Enabled** | **Boolean** | Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. | [optional] [default to $true]
**Id** | **String** | Access profile ID. | [optional] [readonly]
**Name** | **String** | Access profile name. | [required]
**Description** | **String** | Access profile description. | [optional]
**Created** | **System.DateTime** | Date and time when the access profile was created. | [optional] [readonly]
**Modified** | **System.DateTime** | Date and time when the access profile was last modified. | [optional] [readonly]
**Enabled** | **Boolean** | Indicates whether the access profile is enabled. If it's enabled, you must include at least one entitlement. | [optional] [default to $false]
**Owner** | [**OwnerReference**](owner-reference) | | [required]
**Source** | [**AccessProfileSourceRef**](access-profile-source-ref) | | [required]
**Entitlements** | [**[]EntitlementRef**](entitlement-ref) | A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. | [optional]
**Requestable** | **Boolean** | Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error. | [optional] [default to $true]
**Entitlements** | [**[]EntitlementRef**](entitlement-ref) | List of entitlements associated with the access profile. If `enabled` is false, this can be empty. Otherwise, it must contain at least one entitlement. | [optional]
**Requestable** | **Boolean** | Indicates whether the access profile is requestable by access request. Currently, making an access profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an access profile with a value **false** in this field results in a 400 error. | [optional] [default to $true]
**AccessRequestConfig** | [**Requestability**](requestability) | | [optional]
**RevocationRequestConfig** | [**Revocability**](revocability) | | [optional]
**Segments** | **[]String** | List of IDs of segments, if any, to which this Access Profile is assigned. | [optional]
**Segments** | **[]String** | List of segment IDs, if any, that the access profile is assigned to. | [optional]
**ProvisioningCriteria** | [**ProvisioningCriteriaLevel1**](provisioning-criteria-level1) | | [optional]
## Examples

4
docs/tools/sdk/powershell/Reference/V2024/Models/AccessProfileApprovalScheme.md
View File

@@ -16,8 +16,8 @@ tags: ['SDK', 'Software Development Kit', 'AccessProfileApprovalScheme', 'V2024A
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ApproverType** | **Enum** [ "APP_OWNER", "OWNER", "SOURCE_OWNER", "MANAGER", "GOVERNANCE_GROUP" ] | Describes the individual or group that is responsible for an approval step. Values are as follows. **APP_OWNER**: The owner of the Application **OWNER**: Owner of the associated Access Profile or Role **SOURCE_OWNER**: Owner of the Source associated with an Access Profile **MANAGER**: Manager of the Identity making the request **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field | [optional]
**ApproverId** | **String** | Id of the specific approver, used only when approverType is GOVERNANCE_GROUP | [optional]
**ApproverType** | **Enum** [ "APP_OWNER", "OWNER", "SOURCE_OWNER", "MANAGER", "GOVERNANCE_GROUP" ] | Describes the individual or group that is responsible for an approval step. These are the possible values: **APP_OWNER**: The owner of the Application **OWNER**: Owner of the associated Access Profile or Role **SOURCE_OWNER**: Owner of the Source associated with an Access Profile **MANAGER**: Manager of the Identity making the request **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field | [optional]
**ApproverId** | **String** | Specific approver ID. Only use this when the `approverType` is `GOVERNANCE_GROUP`. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/V2024/Models/AccessProfileSourceRef.md
View File

@@ -16,9 +16,9 @@ tags: ['SDK', 'Software Development Kit', 'AccessProfileSourceRef', 'V2024Access
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | The ID of the Source with with which the Access Profile is associated | [optional]
**Type** | **Enum** [ "SOURCE" ] | The type of the Source, will always be SOURCE | [optional]
**Name** | **String** | The display name of the associated Source | [optional]
**Id** | **String** | ID of the source the access profile is associated with. | [optional]
**Type** | **Enum** [ "SOURCE" ] | Source's DTO type. | [optional]
**Name** | **String** | Source name. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/V2024/Models/AccessRequest.md
View File

@@ -20,15 +20,17 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.V2024AccessRequest -RequestedFor null `
$AccessRequest = Initialize-PSSailpoint.V2024AccessRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app} `
-RequestedForWithRequestedItems null
```
- Convert the resource to JSON

6
docs/tools/sdk/powershell/Reference/V2024/Models/AccessRequestItem.md
View File

@@ -21,6 +21,8 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples
@@ -30,7 +32,9 @@ $AccessRequestItem = Initialize-PSSailpoint.V2024AccessRequestItem -Type ACCESS
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN
```
- Convert the resource to JSON

43
docs/tools/sdk/powershell/Reference/V2024/Models/AccountInfoRef.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2024-account-info-ref
title: AccountInfoRef
pagination_label: AccountInfoRef
sidebar_label: AccountInfoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountInfoRef', 'V2024AccountInfoRef']
slug: /tools/sdk/powershell/v2024/models/account-info-ref
tags: ['SDK', 'Software Development Kit', 'AccountInfoRef', 'V2024AccountInfoRef']
---
# AccountInfoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Uuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The account id | [optional]
**Name** | **String** | The account display name | [optional]
## Examples
- Prepare the resource
```powershell
$AccountInfoRef = Initialize-PSSailpoint.V2024AccountInfoRef -Uuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local `
-Type null `
-Id f19d168c27374fd1aff3b483573f997f `
-Name UserAccount.761a2248b
```
- Convert the resource to JSON
```powershell
$AccountInfoRef | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountItemRef', 'V2024AccountItemRef']
slug: /tools/sdk/powershell/v2024/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'V2024AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountUuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
## Examples
- Prepare the resource
```powershell
$AccountItemRef = Initialize-PSSailpoint.V2024AccountItemRef -AccountUuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local
```
- Convert the resource to JSON
```powershell
$AccountItemRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/AccountUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$AccountUsage = Initialize-PSSailpoint.V2024AccountUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
$AccountUsage = Initialize-PSSailpoint.V2024AccountUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
-Count 10
```

41
docs/tools/sdk/powershell/Reference/V2024/Models/AccountsSelectionRequest.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-accounts-selection-request
title: AccountsSelectionRequest
pagination_label: AccountsSelectionRequest
sidebar_label: AccountsSelectionRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountsSelectionRequest', 'V2024AccountsSelectionRequest']
slug: /tools/sdk/powershell/v2024/models/accounts-selection-request
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionRequest', 'V2024AccountsSelectionRequest']
---
# AccountsSelectionRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedFor** | **[]String** | A list of Identity IDs for whom the Access is requested. | [required]
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountsSelectionRequest = Initialize-PSSailpoint.V2024AccountsSelectionRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
```
- Convert the resource to JSON
```powershell
$AccountsSelectionRequest | ConvertTo-JSON
```
[[Back to top]](#)

35
docs/tools/sdk/powershell/Reference/V2024/Models/AccountsSelectionResponse.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2024-accounts-selection-response
title: AccountsSelectionResponse
pagination_label: AccountsSelectionResponse
sidebar_label: AccountsSelectionResponse
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountsSelectionResponse', 'V2024AccountsSelectionResponse']
slug: /tools/sdk/powershell/v2024/models/accounts-selection-response
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionResponse', 'V2024AccountsSelectionResponse']
---
# AccountsSelectionResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Identities** | [**[]IdentityAccountSelections**](identity-account-selections) | A list of available account selections per identity in the request, for all the requested items | [optional]
## Examples
- Prepare the resource
```powershell
$AccountsSelectionResponse = Initialize-PSSailpoint.V2024AccountsSelectionResponse -Identities null
```
- Convert the resource to JSON
```powershell
$AccountsSelectionResponse | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/AttributeDefinitionType.md
View File

@@ -23,6 +23,8 @@ tags: ['SDK', 'Software Development Kit', 'AttributeDefinitionType', 'V2024Attri
* `BOOLEAN` (value: `"BOOLEAN"`)
* `DATE` (value: `"DATE"`)
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/FederationProtocolDetails.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-federation-protocol-details
title: FederationProtocolDetails
pagination_label: FederationProtocolDetails
sidebar_label: FederationProtocolDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'FederationProtocolDetails', 'V2024FederationProtocolDetails']
slug: /tools/sdk/powershell/v2024/models/federation-protocol-details
tags: ['SDK', 'Software Development Kit', 'FederationProtocolDetails', 'V2024FederationProtocolDetails']
---
# FederationProtocolDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
## Examples
- Prepare the resource
```powershell
$FederationProtocolDetails = Initialize-PSSailpoint.V2024FederationProtocolDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6
```
- Convert the resource to JSON
```powershell
$FederationProtocolDetails | ConvertTo-JSON
```
[[Back to top]](#)

79
docs/tools/sdk/powershell/Reference/V2024/Models/GetCampaign200Response.md Normal file
View File

@@ -0,0 +1,79 @@
---
id: v2024-get-campaign200-response
title: GetCampaign200Response
pagination_label: GetCampaign200Response
sidebar_label: GetCampaign200Response
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'GetCampaign200Response', 'V2024GetCampaign200Response']
slug: /tools/sdk/powershell/v2024/models/get-campaign200-response
tags: ['SDK', 'Software Development Kit', 'GetCampaign200Response', 'V2024GetCampaign200Response']
---
# GetCampaign200Response
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | Id of the campaign | [optional] [readonly]
**Name** | **String** | The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details. | [required]
**Description** | **String** | The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details. | [required]
**Deadline** | **System.DateTime** | The campaign's completion deadline. This date must be in the future in order to activate the campaign. If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response. | [optional]
**Type** | **Enum** [ "MANAGER", "SOURCE_OWNER", "SEARCH", "ROLE_COMPOSITION", "MACHINE_ACCOUNT" ] | The type of campaign. Could be extended in the future. | [required]
**EmailNotificationEnabled** | **Boolean** | Enables email notification for this campaign | [optional] [default to $false]
**AutoRevokeAllowed** | **Boolean** | Allows auto revoke for this campaign | [optional] [default to $false]
**RecommendationsEnabled** | **Boolean** | Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future. | [optional] [default to $false]
**Status** | **Enum** [ "PENDING", "STAGED", "CANCELING", "ACTIVATING", "ACTIVE", "COMPLETING", "COMPLETED", "ERROR", "ARCHIVED" ] | The campaign's current status. | [optional] [readonly]
**CorrelatedStatus** | **Enum** [ "CORRELATED", "UNCORRELATED" ] | The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source). | [optional]
**Created** | **System.DateTime** | Created time of the campaign | [optional] [readonly]
**TotalCertifications** | **Int32** | The total number of certifications in this campaign. | [optional] [readonly]
**CompletedCertifications** | **Int32** | The number of completed certifications in this campaign. | [optional] [readonly]
**Alerts** | [**[]CampaignAlert**](campaign-alert) | A list of errors and warnings that have accumulated. | [optional] [readonly]
**Modified** | **System.DateTime** | Modified time of the campaign | [optional] [readonly]
**VarFilter** | [**CampaignAllOfFilter**](campaign-all-of-filter) | | [optional]
**SunsetCommentsRequired** | **Boolean** | Determines if comments on sunset date changes are required. | [optional] [default to $true]
**SourceOwnerCampaignInfo** | [**CampaignAllOfSourceOwnerCampaignInfo**](campaign-all-of-source-owner-campaign-info) | | [optional]
**SearchCampaignInfo** | [**CampaignAllOfSearchCampaignInfo**](campaign-all-of-search-campaign-info) | | [optional]
**RoleCompositionCampaignInfo** | [**CampaignAllOfRoleCompositionCampaignInfo**](campaign-all-of-role-composition-campaign-info) | | [optional]
**MachineAccountCampaignInfo** | [**CampaignAllOfMachineAccountCampaignInfo**](campaign-all-of-machine-account-campaign-info) | | [optional]
**SourcesWithOrphanEntitlements** | [**[]CampaignAllOfSourcesWithOrphanEntitlements**](campaign-all-of-sources-with-orphan-entitlements) | A list of sources in the campaign that contain \""orphan entitlements\"" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented). | [optional] [readonly]
**MandatoryCommentRequirement** | **Enum** [ "ALL_DECISIONS", "REVOKE_ONLY_DECISIONS", "NO_DECISIONS" ] | Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions. | [optional]
## Examples
- Prepare the resource
```powershell
$GetCampaign200Response = Initialize-PSSailpoint.V2024GetCampaign200Response -Id 2c9079b270a266a60170a2779fcb0007 `
-Name Manager Campaign `
-Description Everyone needs to be reviewed by their manager `
-Deadline 2020-03-15T10:00:01.456Z `
-Type MANAGER `
-EmailNotificationEnabled false `
-AutoRevokeAllowed false `
-RecommendationsEnabled true `
-Status ACTIVE `
-CorrelatedStatus CORRELATED `
-Created 2020-03-03T22:15:13.611Z `
-TotalCertifications 100 `
-CompletedCertifications 10 `
-Alerts null `
-Modified 2020-03-03T22:20:12.674Z `
-VarFilter null `
-SunsetCommentsRequired true `
-SourceOwnerCampaignInfo null `
-SearchCampaignInfo null `
-RoleCompositionCampaignInfo null `
-MachineAccountCampaignInfo null `
-SourcesWithOrphanEntitlements null `
-MandatoryCommentRequirement NO_DECISIONS
```
- Convert the resource to JSON
```powershell
$GetCampaign200Response | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/Reference/V2024/Models/IdentityAccountSelections.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2024-identity-account-selections
title: IdentityAccountSelections
pagination_label: IdentityAccountSelections
sidebar_label: IdentityAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityAccountSelections', 'V2024IdentityAccountSelections']
slug: /tools/sdk/powershell/v2024/models/identity-account-selections
tags: ['SDK', 'Software Development Kit', 'IdentityAccountSelections', 'V2024IdentityAccountSelections']
---
# IdentityAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedItems** | [**[]RequestedItemAccountSelections**](requested-item-account-selections) | Available account selections for the identity, per requested item | [optional]
**AccountsSelectionRequired** | **Boolean** | A boolean indicating whether any account selections will be required for the user to raise an access request | [optional] [default to $false]
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The identity id for the user | [optional]
**Name** | **String** | The name of the identity | [optional]
## Examples
- Prepare the resource
```powershell
$IdentityAccountSelections = Initialize-PSSailpoint.V2024IdentityAccountSelections -RequestedItems null `
-AccountsSelectionRequired false `
-Type null `
-Id 70016590f2df4b879bdb1313a9e4e19e `
-Name User name
```
- Convert the resource to JSON
```powershell
$IdentityAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

61
docs/tools/sdk/powershell/Reference/V2024/Models/IdpDetails.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: v2024-idp-details
title: IdpDetails
pagination_label: IdpDetails
sidebar_label: IdpDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdpDetails', 'V2024IdpDetails']
slug: /tools/sdk/powershell/v2024/models/idp-details
tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'V2024IdpDetails']
---
# IdpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
## Examples
- Prepare the resource
```powershell
$IdpDetails = Initialize-PSSailpoint.V2024IdpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
-LoginUrlPost https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-LoginUrlRedirect https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-MappingAttribute email `
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL
```
- Convert the resource to JSON
```powershell
$IdpDetails | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2024/Models/JITConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-jit-configuration
title: JITConfiguration
pagination_label: JITConfiguration
sidebar_label: JITConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'JITConfiguration', 'V2024JITConfiguration']
slug: /tools/sdk/powershell/v2024/models/jit-configuration
tags: ['SDK', 'Software Development Kit', 'JITConfiguration', 'V2024JITConfiguration']
---
# JITConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Enabled** | **Boolean** | The indicator for just-in-time provisioning enabled | [optional] [default to $false]
**SourceId** | **String** | the sourceId that mapped to just-in-time provisioning configuration | [optional]
**SourceAttributeMappings** | **map[string]String** | A mapping of identity profile attribute names to SAML assertion attribute names | [optional]
## Examples
- Prepare the resource
```powershell
$JITConfiguration = Initialize-PSSailpoint.V2024JITConfiguration -Enabled false `
-SourceId 2c9180857377ed2901739c12a2da5ac8 `
-SourceAttributeMappings {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}
```
- Convert the resource to JSON
```powershell
$JITConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/LifecyclestateDeleted.md
View File

@@ -16,7 +16,7 @@ tags: ['SDK', 'Software Development Kit', 'LifecyclestateDeleted', 'V2024Lifecyc
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "LIFECYCLE_STATE" ] | Deleted lifecycle state's DTO type. | [optional]
**Type** | **Enum** [ "LIFECYCLE_STATE", "TASK_RESULT" ] | Deleted lifecycle state's DTO type. | [optional]
**Id** | **String** | Deleted lifecycle state ID. | [optional]
**Name** | **String** | Deleted lifecycle state's display name. | [optional]

39
docs/tools/sdk/powershell/Reference/V2024/Models/LockoutConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-lockout-configuration
title: LockoutConfiguration
pagination_label: LockoutConfiguration
sidebar_label: LockoutConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'LockoutConfiguration', 'V2024LockoutConfiguration']
slug: /tools/sdk/powershell/v2024/models/lockout-configuration
tags: ['SDK', 'Software Development Kit', 'LockoutConfiguration', 'V2024LockoutConfiguration']
---
# LockoutConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**MaximumAttempts** | **Int32** | The maximum attempts allowed before lockout occurs. | [optional]
**LockoutDuration** | **Int32** | The total time in minutes a user will be locked out. | [optional]
**LockoutWindow** | **Int32** | A rolling window where authentication attempts in a series count towards the maximum before lockout occurs. | [optional]
## Examples
- Prepare the resource
```powershell
$LockoutConfiguration = Initialize-PSSailpoint.V2024LockoutConfiguration -MaximumAttempts 5 `
-LockoutDuration 15 `
-LockoutWindow 5
```
- Convert the resource to JSON
```powershell
$LockoutConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

8
docs/tools/sdk/powershell/Reference/V2024/Models/ManagedClient.md
View File

@@ -18,8 +18,8 @@ Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | ManagedClient ID | [optional] [readonly]
**AlertKey** | **String** | ManagedClient alert key | [optional] [readonly]
**ApiGatewayBaseUrl** | **String** | | [optional]
**Cookbook** | **String** | | [optional]
**ApiGatewayBaseUrl** | **String** | apiGatewayBaseUrl for the Managed client | [optional]
**Cookbook** | **String** | cookbook id for the Managed client | [optional]
**CcId** | **Int64** | Previous CC ID to be used in data migration. (This field will be deleted after CC migration!) | [optional]
**ClientId** | **String** | The client ID used in API management | [required]
**ClusterId** | **String** | Cluster ID that the ManagedClient is linked to | [required]
@@ -37,6 +37,7 @@ Name | Type | Description | Notes
**CreatedAt** | **System.DateTime** | The date/time this ManagedClient was created | [optional]
**UpdatedAt** | **System.DateTime** | The date/time this ManagedClient was last updated | [optional]
**ProvisionStatus** | **Enum** [ "PROVISIONED", "DRAFT" ] | The provisioning status of the ManagedClient | [optional] [readonly]
**HealthIndicators** | [**SystemCollectionsHashtable**]https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0 | The health indicators of the ManagedClient | [optional]
## Examples
@@ -62,7 +63,8 @@ $ManagedClient = Initialize-PSSailpoint.V2024ManagedClient -Id 2c9180878eaf4204
-Secret ef878e15eaa8c8d3e2fa52f41125e2a0eeadadc6a14f931a33ad3e1b62d56381 `
-CreatedAt 2023-08-04T20:48:01.865Z `
-UpdatedAt 2023-08-04T20:48:01.865Z `
-ProvisionStatus PROVISIONED
-ProvisionStatus PROVISIONED `
-HealthIndicators { "network": { "errors": [], "warnings": [] }, "memory": { "errors": [], "warnings": [] }, "cpu": { "errors": [], "warnings": [] } }
```
- Convert the resource to JSON

14
docs/tools/sdk/powershell/Reference/V2024/Models/ManagedCluster.md
View File

@@ -41,6 +41,12 @@ Name | Type | Description | Notes
**CcId** | **String** | CC ID only used in calling CC, will be removed without notice when Migration to CEGS is finished | [optional] [default to "0"]
**CreatedAt** | **System.DateTime** | The date/time this cluster was created | [optional]
**UpdatedAt** | **System.DateTime** | The date/time this cluster was last updated | [optional]
**LastReleaseNotifiedAt** | **System.DateTime** | The date/time this cluster was notified for the last release | [optional]
**UpdatePreferences** | [**ManagedClusterUpdatePreferences**](managed-cluster-update-preferences) | | [optional]
**CurrentInstalledReleaseVersion** | **String** | The current installed release on the Managed cluster | [optional]
**UpdatePackage** | **String** | New available updates for the Managed cluster | [optional]
**IsOutOfDateNotifiedAt** | **System.DateTime** | The time at which out of date notification was sent for the Managed cluster | [optional]
**ConsolidatedHealthIndicatorsStatus** | **Enum** [ "NORMAL", "WARNING", "ERROR" ] | The consolidated Health Status for the Managed cluster | [optional]
## Examples
@@ -70,7 +76,13 @@ $ManagedCluster = Initialize-PSSailpoint.V2024ManagedCluster -Id e1ff7bb24c9342
-ServiceCount 6 `
-CcId 1533 `
-CreatedAt 2023-08-04T20:48:01.865Z `
-UpdatedAt 2023-08-04T20:48:01.865Z
-UpdatedAt 2023-08-04T20:48:01.865Z `
-LastReleaseNotifiedAt 2025-03-11T07:00:13.729721Z `
-UpdatePreferences null `
-CurrentInstalledReleaseVersion 123.1 `
-UpdatePackage null `
-IsOutOfDateNotifiedAt 2025-03-11T07:00:13.734393Z `
-ConsolidatedHealthIndicatorsStatus ERROR
```
- Convert the resource to JSON

39
docs/tools/sdk/powershell/Reference/V2024/Models/ManagedClusterUpdatePreferences.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-managed-cluster-update-preferences
title: ManagedClusterUpdatePreferences
pagination_label: ManagedClusterUpdatePreferences
sidebar_label: ManagedClusterUpdatePreferences
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ManagedClusterUpdatePreferences', 'V2024ManagedClusterUpdatePreferences']
slug: /tools/sdk/powershell/v2024/models/managed-cluster-update-preferences
tags: ['SDK', 'Software Development Kit', 'ManagedClusterUpdatePreferences', 'V2024ManagedClusterUpdatePreferences']
---
# ManagedClusterUpdatePreferences
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ProcessGroups** | **String** | The processGroups for updatePreferences | [optional]
**UpdateState** | **Enum** [ "AUTO", "DISABLED" ] | The current updateState for the cluster | [optional]
**NotificationEmail** | **String** | The mail id to which new releases will be notified | [optional]
## Examples
- Prepare the resource
```powershell
$ManagedClusterUpdatePreferences = Initialize-PSSailpoint.V2024ManagedClusterUpdatePreferences -ProcessGroups null `
-UpdateState DISABLED `
-NotificationEmail test@mail.com
```
- Convert the resource to JSON
```powershell
$ManagedClusterUpdatePreferences | ConvertTo-JSON
```
[[Back to top]](#)

4
docs/tools/sdk/powershell/Reference/V2024/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -51,8 +51,8 @@ $NonEmployeeRequestWithoutApprovalItem = Initialize-PSSailpoint.V2024NonEmployee
-ApprovalStatus null `
-Comment approved `
-CompletionDate 2020-03-24T11:11:41.139-05:00 `
-StartDate Tue Mar 24 00:00:00 UTC 2020 `
-EndDate Thu Mar 25 00:00:00 UTC 2021 `
-StartDate Mon Mar 23 20:00:00 EDT 2020 `
-EndDate Wed Mar 24 20:00:00 EDT 2021 `
-Modified 2020-03-24T11:11:41.139-05:00 `
-Created 2020-03-24T11:11:41.139-05:00
```

4
docs/tools/sdk/powershell/Reference/V2024/Models/OwnerReference.md
View File

@@ -17,8 +17,8 @@ tags: ['SDK', 'Software Development Kit', 'OwnerReference', 'V2024OwnerReference
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "IDENTITY" ] | Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result. | [optional]
**Id** | **String** | Identity id | [optional]
**Name** | **String** | Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result. | [optional]
**Id** | **String** | Owner's identity ID. | [optional]
**Name** | **String** | Owner's name. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result. | [optional]
## Examples

35
docs/tools/sdk/powershell/Reference/V2024/Models/PatchServiceDeskIntegrationRequest.md
View File

@@ -1,35 +0,0 @@
---
id: v2024-patch-service-desk-integration-request
title: PatchServiceDeskIntegrationRequest
pagination_label: PatchServiceDeskIntegrationRequest
sidebar_label: PatchServiceDeskIntegrationRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PatchServiceDeskIntegrationRequest', 'V2024PatchServiceDeskIntegrationRequest']
slug: /tools/sdk/powershell/v2024/models/patch-service-desk-integration-request
tags: ['SDK', 'Software Development Kit', 'PatchServiceDeskIntegrationRequest', 'V2024PatchServiceDeskIntegrationRequest']
---
# PatchServiceDeskIntegrationRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operations** | [**[]JsonPatchOperation**](json-patch-operation) | Operations to be applied | [optional]
## Examples
- Prepare the resource
```powershell
$PatchServiceDeskIntegrationRequest = Initialize-PSSailpoint.V2024PatchServiceDeskIntegrationRequest -Operations null
```
- Convert the resource to JSON
```powershell
$PatchServiceDeskIntegrationRequest | ConvertTo-JSON
```
[[Back to top]](#)

6
docs/tools/sdk/powershell/Reference/V2024/Models/ProvisioningCriteriaLevel1.md
View File

@@ -17,9 +17,9 @@ tags: ['SDK', 'Software Development Kit', 'ProvisioningCriteriaLevel1', 'V2024Pr
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operation** | [**ProvisioningCriteriaOperation**](provisioning-criteria-operation) | | [optional]
**Attribute** | **String** | Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error. | [optional]
**Value** | **String** | String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel2**](provisioning-criteria-level2) | Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
**Attribute** | **String** | Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error. | [optional]
**Value** | **String** | String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel2**](provisioning-criteria-level2) | Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/V2024/Models/ProvisioningCriteriaLevel2.md
View File

@@ -17,9 +17,9 @@ tags: ['SDK', 'Software Development Kit', 'ProvisioningCriteriaLevel2', 'V2024Pr
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operation** | [**ProvisioningCriteriaOperation**](provisioning-criteria-operation) | | [optional]
**Attribute** | **String** | Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error. | [optional]
**Value** | **String** | String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel3**](provisioning-criteria-level3) | Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
**Attribute** | **String** | Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error. | [optional]
**Value** | **String** | String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type. | [optional]
**Children** | [**[]ProvisioningCriteriaLevel3**](provisioning-criteria-level3) | Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/V2024/Models/ProvisioningCriteriaLevel3.md
View File

@@ -17,9 +17,9 @@ tags: ['SDK', 'Software Development Kit', 'ProvisioningCriteriaLevel3', 'V2024Pr
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Operation** | [**ProvisioningCriteriaOperation**](provisioning-criteria-operation) | | [optional]
**Attribute** | **String** | Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error. | [optional]
**Value** | **String** | String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type. | [optional]
**Children** | **String** | Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
**Attribute** | **String** | Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error. | [optional]
**Value** | **String** | String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type. | [optional]
**Children** | **String** | Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes. | [optional]
## Examples

8
docs/tools/sdk/powershell/Reference/V2024/Models/Requestability.md
View File

@@ -16,9 +16,10 @@ tags: ['SDK', 'Software Development Kit', 'Requestability', 'V2024Requestability
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**CommentsRequired** | **Boolean** | Whether the requester of the containing object must provide comments justifying the request | [optional] [default to $false]
**DenialCommentsRequired** | **Boolean** | Whether an approver must provide comments when denying the request | [optional] [default to $false]
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps in approving the request | [optional]
**CommentsRequired** | **Boolean** | Indicates whether the requester of the containing object must provide comments justifying the request. | [optional] [default to $false]
**DenialCommentsRequired** | **Boolean** | Indicates whether an approver must provide comments when denying the request. | [optional] [default to $false]
**ReauthorizationRequired** | **Boolean** | Indicates whether reauthorization is required for the request. | [optional] [default to $false]
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps involved in approving the request. | [optional]
## Examples
@@ -26,6 +27,7 @@ Name | Type | Description | Notes
```powershell
$Requestability = Initialize-PSSailpoint.V2024Requestability -CommentsRequired true `
-DenialCommentsRequired true `
-ReauthorizationRequired true `
-ApprovalSchemes null
```

2
docs/tools/sdk/powershell/Reference/V2024/Models/RequestabilityForRole.md
View File

@@ -18,6 +18,7 @@ Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**CommentsRequired** | **Boolean** | Whether the requester of the containing object must provide comments justifying the request | [optional] [default to $false]
**DenialCommentsRequired** | **Boolean** | Whether an approver must provide comments when denying the request | [optional] [default to $false]
**ReauthorizationRequired** | **Boolean** | Indicates whether reauthorization is required for the request. | [optional] [default to $false]
**ApprovalSchemes** | [**[]ApprovalSchemeForRole**](approval-scheme-for-role) | List describing the steps in approving the request | [optional]
## Examples
@@ -26,6 +27,7 @@ Name | Type | Description | Notes
```powershell
$RequestabilityForRole = Initialize-PSSailpoint.V2024RequestabilityForRole -CommentsRequired true `
-DenialCommentsRequired true `
-ReauthorizationRequired true `
-ApprovalSchemes null
```

37
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedForDtoRef', 'V2024RequestedForDtoRef']
slug: /tools/sdk/powershell/v2024/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'V2024RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | The identity id for which the access is requested | [required]
**RequestedItems** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
## Examples
- Prepare the resource
```powershell
$RequestedForDtoRef = Initialize-PSSailpoint.V2024RequestedForDtoRef -IdentityId cb89bc2f1ee6445fbea12224c526ba3a `
-RequestedItems null
```
- Convert the resource to JSON
```powershell
$RequestedForDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

47
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedItemAccountSelections.md Normal file
View File

@@ -0,0 +1,47 @@
---
id: v2024-requested-item-account-selections
title: RequestedItemAccountSelections
pagination_label: RequestedItemAccountSelections
sidebar_label: RequestedItemAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemAccountSelections', 'V2024RequestedItemAccountSelections']
slug: /tools/sdk/powershell/v2024/models/requested-item-account-selections
tags: ['SDK', 'Software Development Kit', 'RequestedItemAccountSelections', 'V2024RequestedItemAccountSelections']
---
# RequestedItemAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Description** | **String** | The description for this requested item | [optional]
**AccountsSelectionBlocked** | **Boolean** | This field indicates if account selections are not allowed for this requested item. * If true, this field indicates that account selections will not be available for this item and user combination. In this case, no account selections should be provided in the access request for this item and user combination, irrespective of whether the user has single or multiple accounts on a source. * An example is where a user is requesting an access profile that is already assigned to one of their accounts. | [optional] [default to $false]
**AccountsSelectionBlockedReason** | **String** | If account selections are not allowed for an item, this field will denote the reason. | [optional]
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [optional]
**Id** | **String** | The id of the requested item | [optional]
**Name** | **String** | The name of the requested item | [optional]
**Sources** | [**[]SourceAccountSelections**](source-account-selections) | The details for the sources and accounts for the requested item and identity combination | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemAccountSelections = Initialize-PSSailpoint.V2024RequestedItemAccountSelections -Description An access profile for the admins `
-AccountsSelectionBlocked false `
-AccountsSelectionBlockedReason ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT `
-Type ACCESS_PROFILE `
-Id 720fd239701344aea76c93ba91376aec `
-Name Test Access Profile `
-Sources null
```
- Convert the resource to JSON
```powershell
$RequestedItemAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: v2024-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemDtoRef', 'V2024RequestedItemDtoRef']
slug: /tools/sdk/powershell/v2024/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'V2024RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemDtoRef = Initialize-PSSailpoint.V2024RequestedItemDtoRef -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```
- Convert the resource to JSON
```powershell
$RequestedItemDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/Revocability.md
View File

@@ -16,7 +16,7 @@ tags: ['SDK', 'Software Development Kit', 'Revocability', 'V2024Revocability']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps in approving the revocation request | [optional]
**ApprovalSchemes** | [**[]AccessProfileApprovalScheme**](access-profile-approval-scheme) | List describing the steps involved in approving the revocation request. | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/V2024/Models/ScheduledActionPayload.md
View File

@@ -28,7 +28,7 @@ Name | Type | Description | Notes
```powershell
$ScheduledActionPayload = Initialize-PSSailpoint.V2024ScheduledActionPayload -JobType BACKUP `
-StartTime 2024-08-16T14:16:58.389Z `
-CronString 0 0 12 * * ? `
-CronString 0 0 12 * * * * `
-TimeZoneId America/Chicago `
-Content null
```

2
docs/tools/sdk/powershell/Reference/V2024/Models/ScheduledActionResponse.md
View File

@@ -33,7 +33,7 @@ $ScheduledActionResponse = Initialize-PSSailpoint.V2024ScheduledActionResponse
-JobType BACKUP `
-Content null `
-StartTime 2021-05-12T10:00Z `
-CronString 0 0 12 * * ? `
-CronString 0 0 12 * * * * `
-TimeZoneId America/Chicago
```

41
docs/tools/sdk/powershell/Reference/V2024/Models/ServiceProviderConfiguration.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-service-provider-configuration
title: ServiceProviderConfiguration
pagination_label: ServiceProviderConfiguration
sidebar_label: ServiceProviderConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceProviderConfiguration', 'V2024ServiceProviderConfiguration']
slug: /tools/sdk/powershell/v2024/models/service-provider-configuration
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfiguration', 'V2024ServiceProviderConfiguration']
---
# ServiceProviderConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Enabled** | **Boolean** | This determines whether or not the SAML authentication flow is enabled for an org | [optional] [default to $false]
**BypassIdp** | **Boolean** | This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP. | [optional] [default to $false]
**SamlConfigurationValid** | **Boolean** | This indicates whether or not the SAML configuration is valid. | [optional] [default to $false]
**FederationProtocolDetails** | [**[]ServiceProviderConfigurationFederationProtocolDetailsInner**](service-provider-configuration-federation-protocol-details-inner) | A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer's identity provider and a customer's SailPoint instance (i.e., the service provider). | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfiguration = Initialize-PSSailpoint.V2024ServiceProviderConfiguration -Enabled true `
-BypassIdp true `
-SamlConfigurationValid true `
-FederationProtocolDetails [{role=SAML_IDP, entityId=http://www.okta.com/exktq4o24bmQA4fr60h7, cert=MIIDpDCCAoygAwIBAgIGAYhZ+b29MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0yMDY0NDUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjMwNTI2MjEzMDU5WhcNMzMwNTI2MjEzMTU5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMjA2NDQ1MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvi1+WbF2ceGlLCrLl5PrG1lpj04IsrHX6OE666ObC2WFh+Nxvpxy+Vmzon9c9+akhK3bTv+9ifEoVc6tA1qWuCfXISAn9g81JqI68I1PGUbe6eF8pmOA18rjOrt7x94k4QukpR3+I8DfPJ+TynatltB51laLb8H4jchMafA4rDTjV/ZiYPxV0LMEIbprVyGuvBEhiEWha3wwVdDuJq996okX36YNS8PcGH+5CJ8c3YWZp/wrspgJmfCooMXeV+6zBpZfXqPpMWlUo0gcZqDOFgy3r4vkXehJdVYRlInMfDv04Lvy8VI1YAZClG/duO/6o9YVUFLjD9s+mQfhgaF5wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB1CTrA/pTHkarbhMHsdSFAjVoYWwdAfrssG99rIjwwr/CW9tavTC3keaoUmUeddcnLY4V/TfL07+xgQGHCBR88cnzG9h6rC9qWxt6C3nug3YDVQfkdCDgnW9A8QEvLeq/KVLoRccpJNEENb2Y5ESUXHi1+PtjkFBtvfSgZ4eEhVggirL0bJdWVm700hCnjb2iCGSbSX7WflfPi0GSmjht983caG9OwZDnDzNFt8qGWCxo4bNSThT00JnWEN/6f1BWNOt9YDrxqEyNclqhLL+RDqFsPBFIrQlsoXzqpWqCL8oS9UMNxbGATK2v3d5ueE9+SswBAFBhirCuqZw19Ri2W, loginUrlPost=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, loginUrlRedirect=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, logoutUrl=https://dev-206445.oktapreview.com/login/signout, nameId=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, authnContext=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, includeAuthnContext=true, mappingAttribute=email, jitConfiguration={enabled=true, sourceId=2c9180897427f3a501745042afc83144, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}}, certificateExpirationDate=Thu May 26 21:31:59 GMT 2033, certificateName=EMAILADDRESS=info@okta.com, CN=dev-206445, OU=SSOProvider, O=Okta, L=San Francisco, ST=California, C=US}, {role=SAML_SP, entityId=https://acme.identitysoon.com/sp, alias=acme-sp, callbackUrl=https://acme.test-login.sailpoint.com/saml/SSO/alias/acme-sp, legacyAcsUrl=https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp}]
```
- Convert the resource to JSON
```powershell
$ServiceProviderConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

67
docs/tools/sdk/powershell/Reference/V2024/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md Normal file
View File

@@ -0,0 +1,67 @@
---
id: v2024-service-provider-configuration-federation-protocol-details-inner
title: ServiceProviderConfigurationFederationProtocolDetailsInner
pagination_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2024ServiceProviderConfigurationFederationProtocolDetailsInner']
slug: /tools/sdk/powershell/v2024/models/service-provider-configuration-federation-protocol-details-inner
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2024ServiceProviderConfigurationFederationProtocolDetailsInner']
---
# ServiceProviderConfigurationFederationProtocolDetailsInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner = Initialize-PSSailpoint.V2024ServiceProviderConfigurationFederationProtocolDetailsInner -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
-LoginUrlPost https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-LoginUrlRedirect https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-MappingAttribute email `
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2024/Models/SessionConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-session-configuration
title: SessionConfiguration
pagination_label: SessionConfiguration
sidebar_label: SessionConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SessionConfiguration', 'V2024SessionConfiguration']
slug: /tools/sdk/powershell/v2024/models/session-configuration
tags: ['SDK', 'Software Development Kit', 'SessionConfiguration', 'V2024SessionConfiguration']
---
# SessionConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**MaxIdleTime** | **Int32** | The maximum time in minutes a session can be idle. | [optional]
**RememberMe** | **Boolean** | Denotes if 'remember me' is enabled. | [optional] [default to $false]
**MaxSessionTime** | **Int32** | The maximum allowable session time in minutes. | [optional]
## Examples
- Prepare the resource
```powershell
$SessionConfiguration = Initialize-PSSailpoint.V2024SessionConfiguration -MaxIdleTime 15 `
-RememberMe true `
-MaxSessionTime 45
```
- Convert the resource to JSON
```powershell
$SessionConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/Reference/V2024/Models/SourceAccountSelections.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-source-account-selections
title: SourceAccountSelections
pagination_label: SourceAccountSelections
sidebar_label: SourceAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceAccountSelections', 'V2024SourceAccountSelections']
slug: /tools/sdk/powershell/v2024/models/source-account-selections
tags: ['SDK', 'Software Development Kit', 'SourceAccountSelections', 'V2024SourceAccountSelections']
---
# SourceAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The source id | [optional]
**Name** | **String** | The source name | [optional]
**Accounts** | [**[]AccountInfoRef**](account-info-ref) | The accounts information for a particular source in the requested item | [optional]
## Examples
- Prepare the resource
```powershell
$SourceAccountSelections = Initialize-PSSailpoint.V2024SourceAccountSelections -Type null `
-Id 3ac3c43785a845fa9820b0c1ac767cd5 `
-Name Test Source_Name `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceItemRef', 'V2024SourceItemRef']
slug: /tools/sdk/powershell/v2024/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'V2024SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | The id for the source on which account selections are made | [optional]
**Accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
## Examples
- Prepare the resource
```powershell
$SourceItemRef = Initialize-PSSailpoint.V2024SourceItemRef -SourceId cb89bc2f1ee6445fbea12224c526ba3a `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceItemRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/SourceUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$SourceUsage = Initialize-PSSailpoint.V2024SourceUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
$SourceUsage = Initialize-PSSailpoint.V2024SourceUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
-Count 10.45
```

43
docs/tools/sdk/powershell/Reference/V2024/Models/SpDetails.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2024-sp-details
title: SpDetails
pagination_label: SpDetails
sidebar_label: SpDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SpDetails', 'V2024SpDetails']
slug: /tools/sdk/powershell/v2024/models/sp-details
tags: ['SDK', 'Software Development Kit', 'SpDetails', 'V2024SpDetails']
---
# SpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$SpDetails = Initialize-PSSailpoint.V2024SpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON
```powershell
$SpDetails | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/WorkflowExecution.md
View File

@@ -21,7 +21,7 @@ Name | Type | Description | Notes
**RequestId** | **String** | Backend ID that tracks a workflow request in the system. Provide this ID in a customer support ticket for debugging purposes. | [optional]
**StartTime** | **System.DateTime** | Date/time when the workflow started. | [optional]
**CloseTime** | **System.DateTime** | Date/time when the workflow ended. | [optional]
**Status** | **Enum** [ "Completed", "Failed", "Canceled", "Running" ] | Workflow execution status. | [optional]
**Status** | **Enum** [ "Completed", "Failed", "Canceled", "Queued", "Running" ] | Workflow execution status. | [optional]
## Examples

8
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessProfilesApi.md
View File

@@ -63,8 +63,9 @@ Method | HTTP request | Description
## create-access-profile
Create an access profile.
A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.
A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile's source.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
>**Note:** To use this endpoint, you need all the listed scopes.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-profile)
@@ -127,6 +128,7 @@ $AccessProfile = @"{
"segments" : [ "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", "29cb6c06-1da8-43ea-8be4-b3125f248f2a" ],
"accessRequestConfig" : {
"commentsRequired" : true,
"reauthorizationRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
@@ -411,7 +413,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error.
@@ -439,7 +441,7 @@ $ForSubadmin = "8c190e6787aa4ed9a90bd9d5344523fb" # String | Filters the returne
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error. (optional) (default to $true)

4
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestApprovalsApi.md
View File

@@ -318,7 +318,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in*
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* **created**: *gt, lt, ge, le, eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
@@ -344,7 +344,7 @@ $OwnerId = "2c91808568c529c60168cca6f90c1313" # String | If present, the value r
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* (optional)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* **created**: *gt, lt, ge, le, eq, in* (optional)
$Sorters = "modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Pending Access Request Approvals List

298
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestsApi.md
View File

@@ -38,8 +38,10 @@ Method | HTTP request | Description
[**Close-V2025AccessRequest**](#close-access-request) | **POST** `/access-requests/close` | Close Access Request
[**New-V2025AccessRequest**](#create-access-request) | **POST** `/access-requests` | Submit Access Request
[**Get-V2025AccessRequestConfig**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**Get-V2025EntitlementDetailsForIdentity**](#get-entitlement-details-for-identity) | **GET** `/access-requests/revocable-objects` | Identity Entitlement Details
[**Get-V2025AccessRequestStatus**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**Get-V2025AdministratorsAccessRequestStatus**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**Invoke-V2025LoadAccountSelections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**Set-V2025AccessRequestConfig**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -283,6 +285,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -293,6 +296,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-request)
@@ -322,7 +326,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -373,6 +377,133 @@ $AccessRequest = @"{
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@
@@ -434,6 +565,59 @@ try {
```
[[Back to top]](#)
## get-entitlement-details-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to return the details for a entitlement on an identity including specific data relating to remove date and the ability to revoke the identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-details-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Path | IdentityId | **String** | True | The identity ID.
Path | EntitlementId | **String** | True | The entitlement ID
### Return type
[**IdentityEntitlementDetails**](../models/identity-entitlement-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Entitlement and Account Reference | IdentityEntitlementDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityId = "7025c863c2704ba6beeaedf3cb091573" # String | The identity ID.
$EntitlementId = "ef38f94347e94562b5bb8424a56397d8" # String | The entitlement ID
# Identity Entitlement Details
try {
Get-V2025EntitlementDetailsForIdentity -XSailPointExperimental $XSailPointExperimental -IdentityId $IdentityId -EntitlementId $EntitlementId
# Below is a request that includes all optional parameters
# Get-V2025EntitlementDetailsForIdentity -XSailPointExperimental $XSailPointExperimental -IdentityId $IdentityId -EntitlementId $EntitlementId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementDetailsForIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-request-status
Use this API to return a list of access request statuses based on the specified query parameters.
If an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses.
@@ -563,6 +747,118 @@ try {
```
[[Back to top]](#)
## load-account-selections
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccountsSelectionRequest | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Accounts Selection Response | AccountsSelectionResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccountsSelectionRequest = @"{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}"@
# Get accounts selections for identity
try {
$Result = ConvertFrom-JsonToAccountsSelectionRequest -Json $AccountsSelectionRequest
Invoke-V2025LoadAccountSelections -AccountsSelectionRequest $Result
# Below is a request that includes all optional parameters
# Invoke-V2025LoadAccountSelections -AccountsSelectionRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025LoadAccountSelections"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-config
This endpoint replaces the current access-request configuration.

4
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CertificationCampaignsApi.md
View File

@@ -706,12 +706,12 @@ Path | Id | **String** | True | ID of the campaign to be retrieved.
Query | Detail | **String** | (optional) | Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior.
### Return type
[**GetActiveCampaigns200ResponseInner**](../models/get-active-campaigns200-response-inner)
[**GetCampaign200Response**](../models/get-campaign200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Requested campaign object. | GetActiveCampaigns200ResponseInner
200 | Requested campaign object. | GetCampaign200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto

2
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ConfigurationHubApi.md
View File

@@ -252,7 +252,7 @@ Code | Description | Data Type
### Example
```powershell
$ScheduledActionPayload = @"{
"cronString" : "0 0 12 * * ?",
"cronString" : "0 0 * * * *",
"timeZoneId" : "America/Chicago",
"startTime" : "2024-08-16T14:16:58.389Z",
"jobType" : "BACKUP",

295
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025GlobalTenantSecuritySettingsApi.md
View File

@@ -21,8 +21,14 @@ All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025AuthOrgNetworkConfig**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**Get-V2025AuthOrgLockoutConfig**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**Get-V2025AuthOrgNetworkConfig**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**Get-V2025AuthOrgServiceProviderConfig**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**Get-V2025AuthOrgSessionConfig**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**Update-V2025AuthOrgLockoutConfig**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**Update-V2025AuthOrgNetworkConfig**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**Update-V2025AuthOrgServiceProviderConfig**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**Update-V2025AuthOrgSessionConfig**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
@@ -76,6 +82,50 @@ try {
```
[[Back to top]](#)
## get-auth-org-lockout-config
This API returns the details of an org's lockout auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Lockout configuration for the tenant&#39;s auth org. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Lockout Configuration.
try {
Get-V2025AuthOrgLockoutConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgLockoutConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-network-config
This API returns the details of an org's network auth configuration.
@@ -120,6 +170,147 @@ try {
```
[[Back to top]](#)
## get-auth-org-service-provider-config
This API returns the details of an org's service provider auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Service Provider Configuration.
try {
Get-V2025AuthOrgServiceProviderConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgServiceProviderConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-session-config
This API returns the details of an org's session auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Session configuration for the tenant&#39;s auth org. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Session Configuration.
try {
Get-V2025AuthOrgSessionConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgSessionConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-lockout-config
This API updates an existing lockout configuration for an org using PATCH
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org lockout configuration. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
# Update Auth Org Lockout Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgLockoutConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgLockoutConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-network-config
This API updates an existing network configuration for an org using PATCH
Requires security scope of: 'sp:auth-org:manage'
@@ -172,3 +363,107 @@ try {
}
```
[[Back to top]](#)
## patch-auth-org-service-provider-config
This API updates an existing service provider configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
# Update Service Provider Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgServiceProviderConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgServiceProviderConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-session-config
This API updates an existing session configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org session configuration. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
# Update Auth Org Session Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgSessionConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgSessionConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025MachineAccountsApi.md
View File

@@ -171,7 +171,7 @@ Code | Description | Data Type
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Account ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
$RequestBody = @"{Add machine identity attribute={value=[{op=add, path=/environment, value=test}]}, Replace machine identity attribute={value=[{op=replace, path=/environment, value=test}]}, Remove machine identity attribute={value=[{op=remove, path=/environment}]}}"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
$RequestBody = @"[{op=add, path=/environment, value=test}]"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
# Update a Machine Account

2
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025MachineIdentitiesApi.md
View File

@@ -286,7 +286,7 @@ Code | Description | Data Type
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"{Add machine identity attribute={value=[{op=add, path=/attributes/securityRisk, value=medium}]}, Replace machine identity attribute={value=[{op=replace, path=/attributes/securityRisk, value=medium}]}, Remove machine identity attribute={value=[{op=remove, path=/attributes/securityRisk}]}}"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"[{op=add, path=/attributes/securityRisk, value=medium}]"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Update a Machine Identity

5
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025RolesApi.md
View File

@@ -226,6 +226,7 @@ $Role = @"{
},
"accessRequestConfig" : {
"commentsRequired" : true,
"reauthorizationRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
@@ -693,7 +694,7 @@ Param Type | Name | Data Type | Required | Description
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq*
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **dimensional**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
@@ -721,7 +722,7 @@ $ForSubadmin = "5168015d32f890ca15812c9180835d2e" # String | If provided, filter
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* (optional)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, ge, le* **modified**: *lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **dimensional**: *eq* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error. (optional) (default to $true)

Some files were not shown because too many files have changed in this diff Show More