LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding v3 docs back in

Browse Source
This commit is contained in:
darrell-thobe-sp
2025-01-23 20:41:57 -05:00
parent f36c734ca4
commit 7194b934e8
658 changed files with 47533 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

508
docs/tools/sdk/powershell/refrence/v3/Methods/AccessProfilesApi.md Normal file
View File

@@ -0,0 +1,508 @@
---
id: access-profiles
title: AccessProfiles
pagination_label: AccessProfiles
sidebar_label: AccessProfiles
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfiles']
slug: /tools/sdk/powershell/v3/methods/access-profiles
tags: ['SDK', 'Software Development Kit', 'AccessProfiles']
---
# AccessProfiles
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-AccessProfile**](#create-access-profile) | **POST** `/access-profiles` | Create Access Profile
[**Remove-AccessProfile**](#delete-access-profile) | **DELETE** `/access-profiles/{id}` | Delete the specified Access Profile
[**Remove-AccessProfilesInBulk**](#delete-access-profiles-in-bulk) | **POST** `/access-profiles/bulk-delete` | Delete Access Profile(s)
[**Get-AccessProfile**](#get-access-profile) | **GET** `/access-profiles/{id}` | Get an Access Profile
[**Get-AccessProfileEntitlements**](#get-access-profile-entitlements) | **GET** `/access-profiles/{id}/entitlements` | List Access Profile's Entitlements
[**Get-AccessProfiles**](#list-access-profiles) | **GET** `/access-profiles` | List Access Profiles
[**Update-AccessProfile**](#patch-access-profile) | **PATCH** `/access-profiles/{id}` | Patch a specified Access Profile
## create-access-profile
Use this API to create an access profile.
A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessProfile | [**AccessProfile**](../models/access-profile) | True |
### Return type
[**AccessProfile**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Access profile created. | AccessProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessProfile = @"{
"owner" : {
"name" : "support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"entitlements" : [ {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
}, {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
} ],
"created" : "2021-03-01T22:32:58.104Z",
"description" : "Collection of entitlements to read/write the employee database",
"source" : {
"name" : "ODS-AD-SOURCE",
"id" : "2c91809773dee3610173fdb0b6061ef4",
"type" : "SOURCE"
},
"enabled" : true,
"revocationRequestConfig" : {
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
}, {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
} ]
},
"segments" : [ "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", "29cb6c06-1da8-43ea-8be4-b3125f248f2a" ],
"accessRequestConfig" : {
"commentsRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
}, {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
} ],
"denialCommentsRequired" : true
},
"name" : "Employee-database-read-write",
"provisioningCriteria" : {
"children" : [ {
"children" : [ {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
}, {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
} ],
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
}, {
"children" : [ {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
}, {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
} ],
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
} ],
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
},
"modified" : "2021-03-02T20:22:28.104Z",
"id" : "2c91808a7190d06e01719938fcd20792",
"requestable" : true
}"@
# Create Access Profile
try {
$Result = ConvertFrom-JsonToAccessProfile -Json $AccessProfile
New-AccessProfile-AccessProfile $Result
# Below is a request that includes all optional parameters
# New-AccessProfile -AccessProfile $AccessProfile
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-access-profile
This API deletes an existing Access Profile.
The Access Profile must not be in use, for example, Access Profile can not be deleted if they belong to an Application, Life Cycle State or a Role. If it is, a 400 error is returned.
A user with SOURCE_SUBADMIN must be able to administer the Source associated with the Access Profile.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Access Profile to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Returned when an access profile cannot be deleted as it's being used. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the Access Profile to delete
# Delete the specified Access Profile
try {
Remove-AccessProfile-Id $Id
# Below is a request that includes all optional parameters
# Remove-AccessProfile -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-access-profiles-in-bulk
This endpoint initiates a bulk deletion of one or more access profiles.
When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information.
This endpoint can only bulk delete up to a limit of 50 access profiles per request.
By default, if any of the indicated access profiles are in use, no deletions will be performed and the **inUse** field of the response indicates the usages that must be removed first. If the request field **bestEffortOnly** is **true**, however, usages are reported in the **inUse** response field but all other indicated access profiles will be deleted.
A SOURCE_SUBADMIN user can only use this endpoint to delete access profiles associated with sources they're able to administer.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessProfileBulkDeleteRequest | [**AccessProfileBulkDeleteRequest**](../models/access-profile-bulk-delete-request) | True |
### Return type
[**AccessProfileBulkDeleteResponse**](../models/access-profile-bulk-delete-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returned only if **bestEffortOnly** is **false**, and one or more Access Profiles are in use. | AccessProfileBulkDeleteResponse
202 | Returned if at least one deletion will be performed. | AccessProfileBulkDeleteResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessProfileBulkDeleteRequest = @"{
"accessProfileIds" : [ "2c9180847812e0b1017817051919ecca", "2c9180887812e0b201781e129f151816" ],
"bestEffortOnly" : true
}"@
# Delete Access Profile(s)
try {
$Result = ConvertFrom-JsonToAccessProfileBulkDeleteRequest -Json $AccessProfileBulkDeleteRequest
Remove-AccessProfilesInBulk-AccessProfileBulkDeleteRequest $Result
# Below is a request that includes all optional parameters
# Remove-AccessProfilesInBulk -AccessProfileBulkDeleteRequest $AccessProfileBulkDeleteRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-AccessProfilesInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-profile
This API returns an Access Profile by its ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Access Profile
### Return type
[**AccessProfile**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An AccessProfile | AccessProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180837ca6693d017ca8d097500149" # String | ID of the Access Profile
# Get an Access Profile
try {
Get-AccessProfile-Id $Id
# Below is a request that includes all optional parameters
# Get-AccessProfile -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-profile-entitlements
Use this API to get a list of an access profile's entitlements.
A SOURCE_SUBADMIN user must have access to the source associated with the specified access profile.
>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the access profile containing the entitlements.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **attribute**: *eq, sw* **value**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, attribute, value, created, modified**
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of entitlements. | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the access profile containing the entitlements.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'attribute eq "memberOf"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **attribute**: *eq, sw* **value**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, attribute, value, created, modified** (optional)
# List Access Profile's Entitlements
try {
Get-AccessProfileEntitlements-Id $Id
# Below is a request that includes all optional parameters
# Get-AccessProfileEntitlements -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccessProfileEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-profiles
Use this API to get a list of access profiles.
>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ForSubadmin | **String** | (optional) | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Composite operators supported: *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
### Return type
[**AccessProfile[]**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of access profiles. | AccessProfile[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ForSubadmin = "8c190e6787aa4ed9a90bd9d5344523fb" # String | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**, which is shorthand for the calling identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not a subadmin. (optional)
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Composite operators supported: *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | If present and not empty, additionally filters access profiles to those which are assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Indicates whether the response list should contain unsegmented access profiles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error. (optional) (default to $true)
# List Access Profiles
try {
Get-AccessProfiles
# Below is a request that includes all optional parameters
# Get-AccessProfiles -ForSubadmin $ForSubadmin -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters -ForSegmentIds $ForSegmentIds -IncludeUnsegmented $IncludeUnsegmented
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccessProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-access-profile
This API updates an existing Access Profile. The following fields are patchable:
**name**
**description**
**enabled**
**owner**
**requestable**
**accessRequestConfig**
**revokeRequestConfig**
**segments**
**entitlements**
**provisioningCriteria**
**source** (must be updated with entitlements belonging to new source in the same API call)
If you need to change the `source` of the access profile, you can do so only if you update the `entitlements` in the same API call. The new entitlements can only come from the target source that you want to change to. Look for the example "Replace Source" in the examples dropdown.
A user with SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to administer.
> The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.
> You can only add or replace **entitlements** that exist on the source that the access profile is attached to. You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Access Profile to patch
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**AccessProfile**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the Access Profile as updated. | AccessProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the Access Profile to patch
# JsonPatchOperation[] |
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Patch a specified Access Profile
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-AccessProfile-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-AccessProfile -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

349
docs/tools/sdk/powershell/refrence/v3/Methods/AccessRequestApprovalsApi.md Normal file
View File

@@ -0,0 +1,349 @@
---
id: access-request-approvals
title: AccessRequestApprovals
pagination_label: AccessRequestApprovals
sidebar_label: AccessRequestApprovals
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestApprovals']
slug: /tools/sdk/powershell/v3/methods/access-request-approvals
tags: ['SDK', 'Software Development Kit', 'AccessRequestApprovals']
---
# AccessRequestApprovals
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Approve-AccessRequest**](#approve-access-request) | **POST** `/access-request-approvals/{approvalId}/approve` | Approve Access Request Approval
[**Invoke-ForwardAccessRequest**](#forward-access-request) | **POST** `/access-request-approvals/{approvalId}/forward` | Forward Access Request Approval
[**Get-AccessRequestApprovalSummary**](#get-access-request-approval-summary) | **GET** `/access-request-approvals/approval-summary` | Get Access Requests Approvals Number
[**Get-CompletedApprovals**](#list-completed-approvals) | **GET** `/access-request-approvals/completed` | Completed Access Request Approvals List
[**Get-PendingApprovals**](#list-pending-approvals) | **GET** `/access-request-approvals/pending` | Pending Access Request Approvals List
[**Deny-AccessRequest**](#reject-access-request) | **POST** `/access-request-approvals/{approvalId}/reject` | Reject Access Request Approval
## approve-access-request
Use this endpoint to approve an access request approval. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ApprovalId | **String** | True | Approval ID.
Body | CommentDto | [**CommentDto**](../models/comment-dto) | (optional) | Reviewer's comment.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ApprovalId = "2c91808b7294bea301729568c68c002e" # String | Approval ID.
$CommentDto = @"{
"created" : "2017-07-11T18:45:37.098Z",
"author" : {
"name" : "john.doe",
"id" : "2c9180847e25f377017e2ae8cae4650b",
"type" : "IDENTITY"
},
"comment" : "This is a comment."
}"@
# Approve Access Request Approval
try {
Approve-AccessRequest-ApprovalId $ApprovalId
# Below is a request that includes all optional parameters
# Approve-AccessRequest -ApprovalId $ApprovalId -CommentDto $CommentDto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## forward-access-request
Use this API to forward an access request approval to a new owner. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ApprovalId | **String** | True | Approval ID.
Body | ForwardApprovalDto | [**ForwardApprovalDto**](../models/forward-approval-dto) | True | Information about the forwarded approval.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ApprovalId = "2c91808b7294bea301729568c68c002e" # String | Approval ID.
$ForwardApprovalDto = @"{
"newOwnerId" : "2c91808568c529c60168cca6f90c1314",
"comment" : "2c91808568c529c60168cca6f90c1313"
}"@
# Forward Access Request Approval
try {
$Result = ConvertFrom-JsonToForwardApprovalDto -Json $ForwardApprovalDto
Invoke-ForwardAccessRequest-ApprovalId $ApprovalId -ForwardApprovalDto $Result
# Below is a request that includes all optional parameters
# Invoke-ForwardAccessRequest -ApprovalId $ApprovalId -ForwardApprovalDto $ForwardApprovalDto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-ForwardAccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-approval-summary
Use this API to return the number of pending, approved and rejected access requests approvals. See the "owner-id" query parameter for authorization information. info.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN user can also fetch all the approvals in the org, when owner-id is not used. * Non ORG_ADMIN users can only specify *me* or pass their own identity ID value.
Query | FromDate | **String** | (optional) | This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.
### Return type
[**ApprovalSummary**](../models/approval-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Number of pending, approved, rejected access request approvals. | ApprovalSummary
400 | Client Error - Returned if the query parameter is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c91808568c529c60168cca6f90c1313" # String | The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN user can also fetch all the approvals in the org, when owner-id is not used. * Non ORG_ADMIN users can only specify *me* or pass their own identity ID value. (optional)
$FromDate = "from-date=2020-03-19T19:59:11Z" # String | This is the date and time the results will be shown from. It must be in a valid ISO-8601 format. (optional)
# Get Access Requests Approvals Number
try {
Get-AccessRequestApprovalSummary
# Below is a request that includes all optional parameters
# Get-AccessRequestApprovalSummary -OwnerId $OwnerId -FromDate $FromDate
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccessRequestApprovalSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-completed-approvals
This endpoint returns list of completed approvals. See *owner-id* query parameter below for authorization info.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | If present, the value returns only completed approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
[**CompletedApproval[]**](../models/completed-approval)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Completed Approvals. | CompletedApproval[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c91808568c529c60168cca6f90c1313" # String | If present, the value returns only completed approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, sw* (optional)
$Sorters = "modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Completed Access Request Approvals List
try {
Get-CompletedApprovals
# Below is a request that includes all optional parameters
# Get-CompletedApprovals -OwnerId $OwnerId -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CompletedApprovals"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-pending-approvals
This endpoint returns a list of pending approvals. See "owner-id" query parameter below for authorization info.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | If present, the value returns only pending approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
[**PendingApproval[]**](../models/pending-approval)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Pending Approvals. | PendingApproval[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c91808568c529c60168cca6f90c1313" # String | If present, the value returns only pending approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* (optional)
$Sorters = "modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Pending Access Request Approvals List
try {
Get-PendingApprovals
# Below is a request that includes all optional parameters
# Get-PendingApprovals -OwnerId $OwnerId -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PendingApprovals"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reject-access-request
Use this API to reject an access request approval. Only the owner of the approval and admin users are allowed to perform this action.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ApprovalId | **String** | True | Approval ID.
Body | CommentDto | [**CommentDto**](../models/comment-dto) | True | Reviewer's comment.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ApprovalId = "2c91808b7294bea301729568c68c002e" # String | Approval ID.
$CommentDto = @"{
"created" : "2017-07-11T18:45:37.098Z",
"author" : {
"name" : "john.doe",
"id" : "2c9180847e25f377017e2ae8cae4650b",
"type" : "IDENTITY"
},
"comment" : "This is a comment."
}"@
# Reject Access Request Approval
try {
$Result = ConvertFrom-JsonToCommentDto -Json $CommentDto
Deny-AccessRequest-ApprovalId $ApprovalId -CommentDto $Result
# Below is a request that includes all optional parameters
# Deny-AccessRequest -ApprovalId $ApprovalId -CommentDto $CommentDto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Deny-AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

385
docs/tools/sdk/powershell/refrence/v3/Methods/AccessRequestsApi.md Normal file
View File

@@ -0,0 +1,385 @@
---
id: access-requests
title: AccessRequests
pagination_label: AccessRequests
sidebar_label: AccessRequests
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequests']
slug: /tools/sdk/powershell/v3/methods/access-requests
tags: ['SDK', 'Software Development Kit', 'AccessRequests']
---
# AccessRequests
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Suspend-AccessRequest**](#cancel-access-request) | **POST** `/access-requests/cancel` | Cancel Access Request
[**New-AccessRequest**](#create-access-request) | **POST** `/access-requests` | Submit Access Request
[**Get-AccessRequestConfig**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**Get-AccessRequestStatus**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**Set-AccessRequestConfig**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
## cancel-access-request
This API endpoint cancels a pending access request. An access request can be cancelled only if it has not passed the approval step.
In addition to users with ORG_ADMIN, any user who originally submitted the access request may cancel it.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CancelAccessRequest | [**CancelAccessRequest**](../models/cancel-access-request) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CancelAccessRequest = @"{
"accountActivityId" : "2c9180835d2e5168015d32f890ca1581",
"comment" : "I requested this role by mistake."
}"@
# Cancel Access Request
try {
$Result = ConvertFrom-JsonToCancelAccessRequest -Json $CancelAccessRequest
Suspend-AccessRequest-CancelAccessRequest $Result
# Below is a request that includes all optional parameters
# Suspend-AccessRequest -CancelAccessRequest $CancelAccessRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-access-request
Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.
Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request
has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn't return an error
if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.
It's best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can
be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also
use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting
an access request to ensure that you aren't requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.
These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.
There are two types of access request:
__GRANT_ACCESS__
* Can be requested for multiple identities in a single request.
* Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
* You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.
* Does not support self request. Only manager can request to revoke access for their directly managed employees.
* If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements.
* Roles, access profiles, and entitlements can be requested for revocation.
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessRequest | [**AccessRequest**](../models/access-request) | True |
### Return type
[**AccessRequestResponse**](../models/access-request-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Access Request Response. | AccessRequestResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
} ]
}"@
# Submit Access Request
try {
$Result = ConvertFrom-JsonToAccessRequest -Json $AccessRequest
New-AccessRequest-AccessRequest $Result
# Below is a request that includes all optional parameters
# New-AccessRequest -AccessRequest $AccessRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-config
This endpoint returns the current access-request configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**AccessRequestConfig**](../models/access-request-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Access Request Configuration Details. | AccessRequestConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Access Request Configuration
try {
Get-AccessRequestConfig
# Below is a request that includes all optional parameters
# Get-AccessRequestConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccessRequestConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-request-status
Use this API to return a list of access request statuses based on the specified query parameters.
If an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses.
Any user with any user level can get the status of their own access requests. A user with ORG_ADMIN is required to call this API to get a list of statuses for other users.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | RequestedFor | **String** | (optional) | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RequestedBy | **String** | (optional) | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RegardingIdentity | **String** | (optional) | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.
Query | AssignedTo | **String** | (optional) | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.
Query | Count | **Boolean** | (optional) (default to $false) | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return.
Query | Offset | **Int32** | (optional) | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **accessRequestId**: *in* **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified, accountActivityItemId, name**
Query | RequestState | **String** | (optional) | Filter the results by the state of the request. The only valid value is *EXECUTING*.
### Return type
[**RequestedItemStatus[]**](../models/requested-item-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of requested item statuses. | RequestedItemStatus[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RequestedFor = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$AssignedTo = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user. (optional)
$Count = $false # Boolean | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored. (optional) (default to $false)
$Limit = 100 # Int32 | Max number of results to return. (optional) (default to 250)
$Offset = 10 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. (optional)
$Filters = 'accountActivityItemId eq "2c918086771c86df0177401efcdf54c0"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **accessRequestId**: *in* **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified, accountActivityItemId, name** (optional)
$RequestState = "request-state=EXECUTING" # String | Filter the results by the state of the request. The only valid value is *EXECUTING*. (optional)
# Access Request Status
try {
Get-AccessRequestStatus
# Below is a request that includes all optional parameters
# Get-AccessRequestStatus -RequestedFor $RequestedFor -RequestedBy $RequestedBy -RegardingIdentity $RegardingIdentity -AssignedTo $AssignedTo -Count $Count -Limit $Limit -Offset $Offset -Filters $Filters -Sorters $Sorters -RequestState $RequestState
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccessRequestStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-config
This endpoint replaces the current access-request configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessRequestConfig | [**AccessRequestConfig**](../models/access-request-config) | True |
### Return type
[**AccessRequestConfig**](../models/access-request-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Access Request Configuration Details. | AccessRequestConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessRequestConfig = @"{
"requestOnBehalfOfConfig" : {
"allowRequestOnBehalfOfEmployeeByManager" : true,
"allowRequestOnBehalfOfAnyoneByAnyone" : true
},
"approvalReminderAndEscalationConfig" : {
"fallbackApproverRef" : {
"name" : "Alison Ferguso",
"id" : "5168015d32f890ca15812c9180835d2e",
"type" : "IDENTITY",
"email" : "alison.ferguso@identitysoon.com"
},
"maxReminders" : 1,
"daysUntilEscalation" : 0,
"daysBetweenReminders" : 0
},
"autoApprovalEnabled" : true,
"entitlementRequestConfig" : {
"requestCommentsRequired" : false,
"deniedCommentsRequired" : false,
"allowEntitlementRequest" : true,
"grantRequestApprovalSchemes" : "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584"
},
"reauthorizationEnabled" : true,
"approvalsMustBeExternal" : true
}"@
# Update Access Request Configuration
try {
$Result = ConvertFrom-JsonToAccessRequestConfig -Json $AccessRequestConfig
Set-AccessRequestConfig-AccessRequestConfig $Result
# Below is a request that includes all optional parameters
# Set-AccessRequestConfig -AccessRequestConfig $AccessRequestConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-AccessRequestConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

128
docs/tools/sdk/powershell/refrence/v3/Methods/AccountActivitiesApi.md Normal file
View File

@@ -0,0 +1,128 @@
---
id: account-activities
title: AccountActivities
pagination_label: AccountActivities
sidebar_label: AccountActivities
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivities']
slug: /tools/sdk/powershell/v3/methods/account-activities
tags: ['SDK', 'Software Development Kit', 'AccountActivities']
---
# AccountActivities
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-AccountActivity**](#get-account-activity) | **GET** `/account-activities/{id}` | Get an Account Activity
[**Get-AccountActivities**](#list-account-activities) | **GET** `/account-activities` | List Account Activities
## get-account-activity
This gets a single account activity by its id.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account activity id
### Return type
[**AccountActivity**](../models/account-activity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An account activity object | AccountActivity
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account activity id
# Get an Account Activity
try {
Get-AccountActivity-Id $Id
# Below is a request that includes all optional parameters
# Get-AccountActivity -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccountActivity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-account-activities
This gets a collection of account activities that satisfy the given query parameters.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | RequestedFor | **String** | (optional) | The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RequestedBy | **String** | (optional) | The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RegardingIdentity | **String** | (optional) | The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **type**: *eq, in, ge, le, lt, ne, isnull, sw* **created**: *gt, lt, ge, le, eq, in, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **type, created, modified**
### Return type
[**AccountActivity[]**](../models/account-activity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of account activities | AccountActivity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RequestedFor = "2c91808568c529c60168cca6f90c1313" # String | The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c91808568c529c60168cca6f90c1313" # String | The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c91808568c529c60168cca6f90c1313" # String | The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'type eq "Identity Refresh"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **type**: *eq, in, ge, le, lt, ne, isnull, sw* **created**: *gt, lt, ge, le, eq, in, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **type, created, modified** (optional)
# List Account Activities
try {
Get-AccountActivities
# Below is a request that includes all optional parameters
# Get-AccountActivities -RequestedFor $RequestedFor -RequestedBy $RequestedBy -RegardingIdentity $RegardingIdentity -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccountActivities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

75
docs/tools/sdk/powershell/refrence/v3/Methods/AccountUsagesApi.md Normal file
View File

@@ -0,0 +1,75 @@
---
id: account-usages
title: AccountUsages
pagination_label: AccountUsages
sidebar_label: AccountUsages
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountUsages']
slug: /tools/sdk/powershell/v3/methods/account-usages
tags: ['SDK', 'Software Development Kit', 'AccountUsages']
---
# AccountUsages
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-UsagesByAccountId**](#get-usages-by-account-id) | **GET** `/account-usages/{accountId}/summaries` | Returns account usage insights
## get-usages-by-account-id
This API returns a summary of account usage insights for past 12 months.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | AccountId | **String** | True | ID of IDN account
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date**
### Return type
[**AccountUsage[]**](../models/account-usage)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of account usage insights for past 12 months. | AccountUsage[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$AccountId = "ef38f94347e94562b5bb8424a56397d8" # String | ID of IDN account
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "-date" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date** (optional)
# Returns account usage insights
try {
Get-UsagesByAccountId-AccountId $AccountId
# Below is a request that includes all optional parameters
# Get-UsagesByAccountId -AccountId $AccountId -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-UsagesByAccountId"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

627
docs/tools/sdk/powershell/refrence/v3/Methods/AccountsApi.md Normal file
View File

@@ -0,0 +1,627 @@
---
id: accounts
title: Accounts
pagination_label: Accounts
sidebar_label: Accounts
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Accounts']
slug: /tools/sdk/powershell/v3/methods/accounts
tags: ['SDK', 'Software Development Kit', 'Accounts']
---
# Accounts
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-Account**](#create-account) | **POST** `/accounts` | Create Account
[**Remove-Account**](#delete-account) | **DELETE** `/accounts/{id}` | Delete Account
[**Disable-Account**](#disable-account) | **POST** `/accounts/{id}/disable` | Disable Account
[**Enable-Account**](#enable-account) | **POST** `/accounts/{id}/enable` | Enable Account
[**Get-Account**](#get-account) | **GET** `/accounts/{id}` | Account Details
[**Get-AccountEntitlements**](#get-account-entitlements) | **GET** `/accounts/{id}/entitlements` | Account Entitlements
[**Get-Accounts**](#list-accounts) | **GET** `/accounts` | Accounts List
[**Send-Account**](#put-account) | **PUT** `/accounts/{id}` | Update Account
[**Submit-ReloadAccount**](#submit-reload-account) | **POST** `/accounts/{id}/reload` | Reload Account
[**Unlock-Account**](#unlock-account) | **POST** `/accounts/{id}/unlock` | Unlock Account
[**Update-Account**](#update-account) | **PATCH** `/accounts/{id}` | Update Account
## create-account
Submit an account creation task - the API then returns the task ID.
You must include the `sourceId` where the account will be created in the `attributes` object.
This endpoint creates an account on the source record in your ISC tenant.
This is useful for Flat File (`DelimitedFile`) type sources because it allows you to aggregate new accounts without needing to import a new CSV file every time.
However, if you use this endpoint to create an account for a Direct Connection type source, you must ensure that the account also exists on the target source.
The endpoint doesn't actually provision the account on the target source, which means that if the account doesn't also exist on the target source, an aggregation between the source and your tenant will remove it from your tenant.
By providing the account ID of an existing account in the request body, this API will function as a PATCH operation and update the account.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccountAttributesCreate | [**AccountAttributesCreate**](../models/account-attributes-create) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details. | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccountAttributesCreate = @"{
"attributes" : {
"sourceId" : "34bfcbe116c9407464af37acbaf7a4dc",
"city" : "Austin",
"displayName" : "John Doe",
"userName" : "jdoe",
"sAMAccountName" : "jDoe",
"mail" : "john.doe@sailpoint.com"
}
}"@
# Create Account
try {
$Result = ConvertFrom-JsonToAccountAttributesCreate -Json $AccountAttributesCreate
New-Account-AccountAttributesCreate $Result
# Below is a request that includes all optional parameters
# New-Account -AccountAttributesCreate $AccountAttributesCreate
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-account
Use this API to delete an account.
This endpoint submits an account delete task and returns the task ID.
This endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you [disable accounts](https://developer.sailpoint.com/idn/api/v3/disable-account) rather than delete them. This will also allow you to reenable the accounts in the future.
>**NOTE: You can only delete accounts from sources of the "DelimitedFile" type.**
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details. | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
# Delete Account
try {
Remove-Account-Id $Id
# Below is a request that includes all optional parameters
# Remove-Account -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## disable-account
This API submits a task to disable the account and returns the task ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
Body | AccountToggleRequest | [**AccountToggleRequest**](../models/account-toggle-request) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
$AccountToggleRequest = @"{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581"
}"@
# Disable Account
try {
$Result = ConvertFrom-JsonToAccountToggleRequest -Json $AccountToggleRequest
Disable-Account-Id $Id -AccountToggleRequest $Result
# Below is a request that includes all optional parameters
# Disable-Account -Id $Id -AccountToggleRequest $AccountToggleRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Disable-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## enable-account
This API submits a task to enable account and returns the task ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
Body | AccountToggleRequest | [**AccountToggleRequest**](../models/account-toggle-request) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
$AccountToggleRequest = @"{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581"
}"@
# Enable Account
try {
$Result = ConvertFrom-JsonToAccountToggleRequest -Json $AccountToggleRequest
Enable-Account-Id $Id -AccountToggleRequest $Result
# Below is a request that includes all optional parameters
# Enable-Account -Id $Id -AccountToggleRequest $AccountToggleRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Enable-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-account
Use this API to return the details for a single account by its ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
### Return type
[**Account**](../models/account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Account object. | Account
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
# Account Details
try {
Get-Account-Id $Id
# Below is a request that includes all optional parameters
# Get-Account -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-account-entitlements
This API returns entitlements of the account.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**EntitlementDto[]**](../models/entitlement-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An array of account entitlements | EntitlementDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Account Entitlements
try {
Get-AccountEntitlements-Id $Id
# Below is a request that includes all optional parameters
# Get-AccountEntitlements -Id $Id -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AccountEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-accounts
List accounts.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | DetailLevel | **String** | (optional) | This value determines whether the API provides `SLIM` or increased level of detail (`FULL`) for each account in the returned list. `FULL` is the default behavior.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **identityId**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **sourceId**: *eq, in, sw* **uncorrelated**: *eq* **entitlements**: *eq* **origin**: *eq, in* **manuallyCorrelated**: *eq* **identity.name**: *eq, in, sw* **identity.correlated**: *eq* **identity.identityState**: *eq, in* **source.displayableName**: *eq, in* **source.authoritative**: *eq* **source.connectionType**: *eq, in* **recommendation.method**: *eq, in, isnull*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**
### Return type
[**Account[]**](../models/account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of account objects. | Account[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$DetailLevel = "SLIM" # String | This value determines whether the API provides `SLIM` or increased level of detail (`FULL`) for each account in the returned list. `FULL` is the default behavior. (optional)
$Filters = 'identityId eq "2c9180858082150f0180893dbaf44201"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **identityId**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **sourceId**: *eq, in, sw* **uncorrelated**: *eq* **entitlements**: *eq* **origin**: *eq, in* **manuallyCorrelated**: *eq* **identity.name**: *eq, in, sw* **identity.correlated**: *eq* **identity.identityState**: *eq, in* **source.displayableName**: *eq, in* **source.authoritative**: *eq* **source.connectionType**: *eq, in* **recommendation.method**: *eq, in, isnull* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType** (optional)
# Accounts List
try {
Get-Accounts
# Below is a request that includes all optional parameters
# Get-Accounts -Limit $Limit -Offset $Offset -Count $Count -DetailLevel $DetailLevel -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Accounts"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-account
Use this API to update an account with a PUT request.
This endpoint submits an account update task and returns the task ID.
>**Note: You can only use this PUT endpoint to update accounts from flat file sources.**
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
Body | AccountAttributes | [**AccountAttributes**](../models/account-attributes) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details. | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
$AccountAttributes = @"{
"attributes" : {
"city" : "Austin",
"displayName" : "John Doe",
"userName" : "jdoe",
"sAMAccountName" : "jDoe",
"mail" : "john.doe@sailpoint.com"
}
}"@
# Update Account
try {
$Result = ConvertFrom-JsonToAccountAttributes -Json $AccountAttributes
Send-Account-Id $Id -AccountAttributes $Result
# Below is a request that includes all optional parameters
# Send-Account -Id $Id -AccountAttributes $AccountAttributes
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-reload-account
This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
# Reload Account
try {
Submit-ReloadAccount-Id $Id
# Below is a request that includes all optional parameters
# Submit-ReloadAccount -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-ReloadAccount"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## unlock-account
This API submits a task to unlock an account and returns the task ID.
To use this endpoint to unlock an account that has the `forceProvisioning` option set to true, the `idn:accounts-provisioning:manage` scope is required.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account ID.
Body | AccountUnlockRequest | [**AccountUnlockRequest**](../models/account-unlock-request) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account ID.
$AccountUnlockRequest = @"{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581",
"unlockIDNAccount" : false
}"@
# Unlock Account
try {
$Result = ConvertFrom-JsonToAccountUnlockRequest -Json $AccountUnlockRequest
Unlock-Account-Id $Id -AccountUnlockRequest $Result
# Below is a request that includes all optional parameters
# Unlock-Account -Id $Id -AccountUnlockRequest $AccountUnlockRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Unlock-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-account
Use this API to update account details.
This API supports updating an account's correlation by modifying the `identityId` and `manuallyCorrelated` fields.
To reassign an account from one identity to another, replace the current `identityId` with a new value.
If the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account
for the previous identity as soon as the account is moved. If the account you're assigning is authoritative,
this causes the previous identity to become uncorrelated and can even result in its deletion.
All accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise.
>**Note:** The `attributes` field can only be modified for flat file accounts.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
$RequestBody = # SystemCollectionsHashtable[] | A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"[{op=remove, path=/identityId}]"@
# Update Account
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-Account-Id $Id -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-Account -Id $Id -RequestBody $RequestBody
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

170
docs/tools/sdk/powershell/refrence/v3/Methods/ApplicationDiscoveryApi.md Normal file
View File

@@ -0,0 +1,170 @@
---
id: application-discovery
title: ApplicationDiscovery
pagination_label: ApplicationDiscovery
sidebar_label: ApplicationDiscovery
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ApplicationDiscovery']
slug: /tools/sdk/powershell/v3/methods/application-discovery
tags: ['SDK', 'Software Development Kit', 'ApplicationDiscovery']
---
# ApplicationDiscovery
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-DiscoveredApplications**](#get-discovered-applications) | **GET** `/discovered-applications` | Get Discovered Applications for Tenant
[**Get-ManualDiscoverApplicationsCsvTemplate**](#get-manual-discover-applications-csv-template) | **GET** `/manual-discover-applications-template` | Download CSV Template for Discovery
[**Send-ManualDiscoverApplicationsCsvTemplate**](#send-manual-discover-applications-csv-template) | **POST** `/manual-discover-applications` | Upload CSV to Discover Applications
## get-discovered-applications
Get a list of applications that have been identified within the environment. This includes details such as application names, discovery dates, potential correlated saas_vendors and related suggested connectors.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Detail | **String** | (optional) | Determines whether slim, or increased level of detail is provided for each discovered application in the returned list. SLIM is the default behavior.
Query | Filter | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq, sw, co* **description**: *eq, sw, co* **createdAtStart**: *eq, le, ge* **createdAtEnd**: *eq, le, ge* **discoveredAtStart**: *eq, le, ge* **discoveredAtEnd**: *eq, le, ge* **discoverySource**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, description, discoveredAt, discoverySource**
### Return type
[**GetDiscoveredApplications200ResponseInner[]**](../models/get-discovered-applications200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of discovered applications. By default, the API returns a list of SLIM discovered applications. | GetDiscoveredApplications200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Detail = "SLIM" # String | Determines whether slim, or increased level of detail is provided for each discovered application in the returned list. SLIM is the default behavior. (optional)
$Filter = "name eq "Okta" and description co "Okta" and discoverySource in ("csv", "Okta Saas")" # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq, sw, co* **description**: *eq, sw, co* **createdAtStart**: *eq, le, ge* **createdAtEnd**: *eq, le, ge* **discoveredAtStart**: *eq, le, ge* **discoveredAtEnd**: *eq, le, ge* **discoverySource**: *eq, in* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, description, discoveredAt, discoverySource** (optional)
# Get Discovered Applications for Tenant
try {
Get-DiscoveredApplications
# Below is a request that includes all optional parameters
# Get-DiscoveredApplications -Limit $Limit -Offset $Offset -Detail $Detail -Filter $Filter -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-DiscoveredApplications"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-manual-discover-applications-csv-template
Download an example CSV file with two columns `application_name` and `description`. The CSV file contains a single row with the values 'Example Application' and 'Example Description'.
The downloaded template is specifically designed for use with the `/manual-discover-applications` endpoint.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ManualDiscoverApplicationsTemplate**](../models/manual-discover-applications-template)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A CSV file download was successful. | ManualDiscoverApplicationsTemplate
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/csv, application/json
### Example
```powershell
# Download CSV Template for Discovery
try {
Get-ManualDiscoverApplicationsCsvTemplate
# Below is a request that includes all optional parameters
# Get-ManualDiscoverApplicationsCsvTemplate
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ManualDiscoverApplicationsCsvTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-manual-discover-applications-csv-template
Uploading a CSV file with application data for manual correlation to specific ISC connectors.
If a suitable ISC connector is unavailable, the system will recommend generic connectors instead.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| File | **System.IO.FileInfo** | True | The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The CSV has been successfully processed. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$File = # System.IO.FileInfo | The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.
# Upload CSV to Discover Applications
try {
Send-ManualDiscoverApplicationsCsvTemplate-File $File
# Below is a request that includes all optional parameters
# Send-ManualDiscoverApplicationsCsvTemplate -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ManualDiscoverApplicationsCsvTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

128
docs/tools/sdk/powershell/refrence/v3/Methods/AuthUsersApi.md Normal file
View File

@@ -0,0 +1,128 @@
---
id: auth-users
title: AuthUsers
pagination_label: AuthUsers
sidebar_label: AuthUsers
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AuthUsers']
slug: /tools/sdk/powershell/v3/methods/auth-users
tags: ['SDK', 'Software Development Kit', 'AuthUsers']
---
# AuthUsers
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-AuthUser**](#get-auth-user) | **GET** `/auth-users/{id}` | Auth User Details
[**Update-AuthUser**](#patch-auth-user) | **PATCH** `/auth-users/{id}` | Auth User Update
## get-auth-user
Return the specified user's authentication system details.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Identity ID
### Return type
[**AuthUser**](../models/auth-user)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The specified user's authentication system details. | AuthUser
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity ID
# Auth User Details
try {
Get-AuthUser-Id $Id
# Below is a request that includes all optional parameters
# Get-AuthUser -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AuthUser"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-user
Use a PATCH request to update an existing user in the authentication system.
Use this endpoint to modify these fields:
* `capabilities`
A '400.1.1 Illegal update attempt' detail code indicates that you attempted to PATCH a field that is not allowed.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Identity ID
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth user update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**AuthUser**](../models/auth-user)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth user updated. | AuthUser
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity ID
# JsonPatchOperation[] | A list of auth user update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Auth User Update
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-AuthUser-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-AuthUser -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-AuthUser"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

282
docs/tools/sdk/powershell/refrence/v3/Methods/BrandingApi.md Normal file
View File

@@ -0,0 +1,282 @@
---
id: branding
title: Branding
pagination_label: Branding
sidebar_label: Branding
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Branding']
slug: /tools/sdk/powershell/v3/methods/branding
tags: ['SDK', 'Software Development Kit', 'Branding']
---
# Branding
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-BrandingItem**](#create-branding-item) | **POST** `/brandings` | Create a branding item
[**Remove-Branding**](#delete-branding) | **DELETE** `/brandings/{name}` | Delete a branding item
[**Get-Branding**](#get-branding) | **GET** `/brandings/{name}` | Get a branding item
[**Get-BrandingList**](#get-branding-list) | **GET** `/brandings` | List of branding items
[**Set-BrandingItem**](#set-branding-item) | **PUT** `/brandings/{name}` | Update a branding item
## create-branding-item
This API endpoint creates a branding item.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| Name | **String** | True | name of branding item
| ProductName | **String** | True | product name
| ActionButtonColor | **String** | (optional) | hex value of color for action button
| ActiveLinkColor | **String** | (optional) | hex value of color for link
| NavigationColor | **String** | (optional) | hex value of color for navigation bar
| EmailFromAddress | **String** | (optional) | email from address
| LoginInformationalMessage | **String** | (optional) | login information message
| FileStandard | **System.IO.FileInfo** | (optional) | png file with logo
### Return type
[**BrandingItem**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Branding item created | BrandingItem
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Name = "MyName" # String | name of branding item
$ProductName = "MyProductName" # String | product name
$ActionButtonColor = "MyActionButtonColor" # String | hex value of color for action button (optional)
$ActiveLinkColor = "MyActiveLinkColor" # String | hex value of color for link (optional)
$NavigationColor = "MyNavigationColor" # String | hex value of color for navigation bar (optional)
$EmailFromAddress = "MyEmailFromAddress" # String | email from address (optional)
$LoginInformationalMessage = "MyLoginInformationalMessage" # String | login information message (optional)
$FileStandard = # System.IO.FileInfo | png file with logo (optional)
# Create a branding item
try {
New-BrandingItem-Name $Name -ProductName $ProductName
# Below is a request that includes all optional parameters
# New-BrandingItem -Name $Name -ProductName $ProductName -ActionButtonColor $ActionButtonColor -ActiveLinkColor $ActiveLinkColor -NavigationColor $NavigationColor -EmailFromAddress $EmailFromAddress -LoginInformationalMessage $LoginInformationalMessage -FileStandard $FileStandard
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-BrandingItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-branding
This API endpoint delete information for an existing branding item by name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The name of the branding item to be deleted
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "default" # String | The name of the branding item to be deleted
# Delete a branding item
try {
Remove-Branding-Name $Name
# Below is a request that includes all optional parameters
# Remove-Branding -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Branding"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-branding
This API endpoint retrieves information for an existing branding item by name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The name of the branding item to be retrieved
### Return type
[**BrandingItem**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A branding item object | BrandingItem
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "default" # String | The name of the branding item to be retrieved
# Get a branding item
try {
Get-Branding-Name $Name
# Below is a request that includes all optional parameters
# Get-Branding -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Branding"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-branding-list
This API endpoint returns a list of branding items.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**BrandingItem[]**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of branding items. | BrandingItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List of branding items
try {
Get-BrandingList
# Below is a request that includes all optional parameters
# Get-BrandingList
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BrandingList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-branding-item
This API endpoint updates information for an existing branding item.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The name of the branding item to be retrieved
| Name2 | **String** | True | name of branding item
| ProductName | **String** | True | product name
| ActionButtonColor | **String** | (optional) | hex value of color for action button
| ActiveLinkColor | **String** | (optional) | hex value of color for link
| NavigationColor | **String** | (optional) | hex value of color for navigation bar
| EmailFromAddress | **String** | (optional) | email from address
| LoginInformationalMessage | **String** | (optional) | login information message
| FileStandard | **System.IO.FileInfo** | (optional) | png file with logo
### Return type
[**BrandingItem**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Branding item updated | BrandingItem
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Name = "default" # String | The name of the branding item to be retrieved
$Name2 = "Name_example" # String | name of branding item
$ProductName = "MyProductName" # String | product name
$ActionButtonColor = "MyActionButtonColor" # String | hex value of color for action button (optional)
$ActiveLinkColor = "MyActiveLinkColor" # String | hex value of color for link (optional)
$NavigationColor = "MyNavigationColor" # String | hex value of color for navigation bar (optional)
$EmailFromAddress = "MyEmailFromAddress" # String | email from address (optional)
$LoginInformationalMessage = "MyLoginInformationalMessage" # String | login information message (optional)
$FileStandard = # System.IO.FileInfo | png file with logo (optional)
# Update a branding item
try {
Set-BrandingItem-Name $Name -Name2 $Name2 -ProductName $ProductName
# Below is a request that includes all optional parameters
# Set-BrandingItem -Name $Name -Name2 $Name2 -ProductName $ProductName -ActionButtonColor $ActionButtonColor -ActiveLinkColor $ActiveLinkColor -NavigationColor $NavigationColor -EmailFromAddress $EmailFromAddress -LoginInformationalMessage $LoginInformationalMessage -FileStandard $FileStandard
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-BrandingItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

298
docs/tools/sdk/powershell/refrence/v3/Methods/CertificationCampaignFiltersApi.md Normal file
View File

@@ -0,0 +1,298 @@
---
id: certification-campaign-filters
title: CertificationCampaignFilters
pagination_label: CertificationCampaignFilters
sidebar_label: CertificationCampaignFilters
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'CertificationCampaignFilters']
slug: /tools/sdk/powershell/v3/methods/certification-campaign-filters
tags: ['SDK', 'Software Development Kit', 'CertificationCampaignFilters']
---
# CertificationCampaignFilters
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-CampaignFilter**](#create-campaign-filter) | **POST** `/campaign-filters` | Create Campaign Filter
[**Remove-CampaignFilters**](#delete-campaign-filters) | **POST** `/campaign-filters/delete` | Deletes Campaign Filters
[**Get-CampaignFilterById**](#get-campaign-filter-by-id) | **GET** `/campaign-filters/{id}` | Get Campaign Filter by ID
[**Get-CampaignFilters**](#list-campaign-filters) | **GET** `/campaign-filters` | List Campaign Filters
[**Update-CampaignFilter**](#update-campaign-filter) | **POST** `/campaign-filters/{id}` | Updates a Campaign Filter
## create-campaign-filter
Use this API to create a campaign filter based on filter details and criteria.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CampaignFilterDetails | [**CampaignFilterDetails**](../models/campaign-filter-details) | True |
### Return type
[**CampaignFilterDetails**](../models/campaign-filter-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created successfully. | CampaignFilterDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CampaignFilterDetails = @"{
"owner" : "SailPoint Support",
"mode" : "INCLUSION",
"isSystemFilter" : false,
"name" : "Identity Attribute Campaign Filter",
"description" : "Campaign filter to certify data based on an identity attribute's specified property.",
"id" : "5ec18cef39020d6fd7a60ad3970aba61",
"criteriaList" : [ {
"type" : "IDENTITY_ATTRIBUTE",
"property" : "displayName",
"value" : "support",
"operation" : "CONTAINS",
"negateResult" : false,
"shortCircuit" : false,
"recordChildMatches" : false,
"suppressMatchedItems" : false
} ]
}"@
# Create Campaign Filter
try {
$Result = ConvertFrom-JsonToCampaignFilterDetails -Json $CampaignFilterDetails
New-CampaignFilter-CampaignFilterDetails $Result
# Below is a request that includes all optional parameters
# New-CampaignFilter -CampaignFilterDetails $CampaignFilterDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-CampaignFilter"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-campaign-filters
Deletes campaign filters whose Ids are specified in the provided list of campaign filter Ids. Authorized callers must be an ORG_ADMIN or a CERT_ADMIN.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | RequestBody | **[]String** | True | A json list of IDs of campaign filters to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RequestBody = "MyRequestBody" # String[] | A json list of IDs of campaign filters to delete.
$RequestBody = @""@
# Deletes Campaign Filters
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Remove-CampaignFilters-RequestBody $Result
# Below is a request that includes all optional parameters
# Remove-CampaignFilters -RequestBody $RequestBody
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-CampaignFilters"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-campaign-filter-by-id
Retrieves information for an existing campaign filter using the filter's ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the campaign filter to be retrieved.
### Return type
[**CampaignFilterDetails**](../models/campaign-filter-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A campaign filter object. | CampaignFilterDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "e9f9a1397b842fd5a65842087040d3ac" # String | The ID of the campaign filter to be retrieved.
# Get Campaign Filter by ID
try {
Get-CampaignFilterById-Id $Id
# Below is a request that includes all optional parameters
# Get-CampaignFilterById -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignFilterById"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-campaign-filters
Use this API to list all campaign filters. You can reduce scope with standard V3 query parameters.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Start | **Int32** | (optional) (default to 0) | Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | IncludeSystemFilters | **Boolean** | (optional) (default to $true) | If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true.
### Return type
[**ListCampaignFilters200Response**](../models/list-campaign-filters200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of campaign filter objects. | ListCampaignFilters200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Start = 0 # Int32 | Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$IncludeSystemFilters = $true # Boolean | If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. (optional) (default to $true)
# List Campaign Filters
try {
Get-CampaignFilters
# Below is a request that includes all optional parameters
# Get-CampaignFilters -Limit $Limit -Start $Start -IncludeSystemFilters $IncludeSystemFilters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignFilters"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-campaign-filter
Updates an existing campaign filter using the filter's ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | FilterId | **String** | True | The ID of the campaign filter being modified.
Body | CampaignFilterDetails | [**CampaignFilterDetails**](../models/campaign-filter-details) | True | A campaign filter details with updated field values.
### Return type
[**CampaignFilterDetails**](../models/campaign-filter-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created successfully. | CampaignFilterDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$FilterId = "e9f9a1397b842fd5a65842087040d3ac" # String | The ID of the campaign filter being modified.
$CampaignFilterDetails = @"{
"owner" : "SailPoint Support",
"mode" : "INCLUSION",
"isSystemFilter" : false,
"name" : "Identity Attribute Campaign Filter",
"description" : "Campaign filter to certify data based on an identity attribute's specified property.",
"id" : "5ec18cef39020d6fd7a60ad3970aba61",
"criteriaList" : [ {
"type" : "IDENTITY_ATTRIBUTE",
"property" : "displayName",
"value" : "support",
"operation" : "CONTAINS",
"negateResult" : false,
"shortCircuit" : false,
"recordChildMatches" : false,
"suppressMatchedItems" : false
} ]
}"@
# Updates a Campaign Filter
try {
$Result = ConvertFrom-JsonToCampaignFilterDetails -Json $CampaignFilterDetails
Update-CampaignFilter-FilterId $FilterId -CampaignFilterDetails $Result
# Below is a request that includes all optional parameters
# Update-CampaignFilter -FilterId $FilterId -CampaignFilterDetails $CampaignFilterDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-CampaignFilter"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1407
docs/tools/sdk/powershell/refrence/v3/Methods/CertificationCampaignsApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

235
docs/tools/sdk/powershell/refrence/v3/Methods/CertificationSummariesApi.md Normal file
View File

@@ -0,0 +1,235 @@
---
id: certification-summaries
title: CertificationSummaries
pagination_label: CertificationSummaries
sidebar_label: CertificationSummaries
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'CertificationSummaries']
slug: /tools/sdk/powershell/v3/methods/certification-summaries
tags: ['SDK', 'Software Development Kit', 'CertificationSummaries']
---
# CertificationSummaries
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-IdentityAccessSummaries**](#get-identity-access-summaries) | **GET** `/certifications/{id}/access-summaries/{type}` | Access Summaries
[**Get-IdentityDecisionSummary**](#get-identity-decision-summary) | **GET** `/certifications/{id}/decision-summary` | Summary of Certification Decisions
[**Get-IdentitySummaries**](#get-identity-summaries) | **GET** `/certifications/{id}/identity-summaries` | Identity Summaries for Campaign Certification
[**Get-IdentitySummary**](#get-identity-summary) | **GET** `/certifications/{id}/identity-summaries/{identitySummaryId}` | Summary for Identity
## get-identity-access-summaries
This API returns a list of access summaries for the specified identity campaign certification and type. Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Path | Type | **String** | True | The type of access review item to retrieve summaries for
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **completed**: *eq, ne* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name**
### Return type
[**AccessSummary[]**](../models/access-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of access summaries | AccessSummary[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$Type = "ROLE" # String | The type of access review item to retrieve summaries for
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'access.id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **completed**: *eq, ne* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw* (optional)
$Sorters = "access.name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name** (optional)
# Access Summaries
try {
Get-IdentityAccessSummaries-Id $Id -Type $Type
# Below is a request that includes all optional parameters
# Get-IdentityAccessSummaries -Id $Id -Type $Type -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityAccessSummaries"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-decision-summary
This API returns a summary of the decisions made on an identity campaign certification. The decisions are summarized by type. Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The certification ID
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **identitySummary.id**: *eq, in*
### Return type
[**IdentityCertDecisionSummary**](../models/identity-cert-decision-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of the decisions made | IdentityCertDecisionSummary
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification ID
$Filters = 'identitySummary.id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **identitySummary.id**: *eq, in* (optional)
# Summary of Certification Decisions
try {
Get-IdentityDecisionSummary-Id $Id
# Below is a request that includes all optional parameters
# Get-IdentityDecisionSummary -Id $Id -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityDecisionSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-summaries
This API returns a list of the identity summaries for a specific identity campaign certification. Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **completed**: *eq, ne* **name**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
### Return type
[**CertificationIdentitySummary[]**](../models/certification-identity-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identity summaries | CertificationIdentitySummary[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **completed**: *eq, ne* **name**: *eq, sw* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
# Identity Summaries for Campaign Certification
try {
Get-IdentitySummaries-Id $Id
# Below is a request that includes all optional parameters
# Get-IdentitySummaries -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentitySummaries"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-summary
This API returns the summary for an identity on a specified identity campaign certification. Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Path | IdentitySummaryId | **String** | True | The identity summary ID
### Return type
[**CertificationIdentitySummary**](../models/certification-identity-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity summary | CertificationIdentitySummary
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$IdentitySummaryId = "2c91808772a504f50172a9540e501ba8" # String | The identity summary ID
# Summary for Identity
try {
Get-IdentitySummary-Id $Id -IdentitySummaryId $IdentitySummaryId
# Below is a request that includes all optional parameters
# Get-IdentitySummary -Id $Id -IdentitySummaryId $IdentitySummaryId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentitySummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

638
docs/tools/sdk/powershell/refrence/v3/Methods/CertificationsApi.md Normal file
View File

@@ -0,0 +1,638 @@
---
id: certifications
title: Certifications
pagination_label: Certifications
sidebar_label: Certifications
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Certifications']
slug: /tools/sdk/powershell/v3/methods/certifications
tags: ['SDK', 'Software Development Kit', 'Certifications']
---
# Certifications
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-CertificationTask**](#get-certification-task) | **GET** `/certification-tasks/{id}` | Certification Task by ID
[**Get-IdentityCertification**](#get-identity-certification) | **GET** `/certifications/{id}` | Identity Certification by ID
[**Get-IdentityCertificationItemPermissions**](#get-identity-certification-item-permissions) | **GET** `/certifications/{certificationId}/access-review-items/{itemId}/permissions` | Permissions for Entitlement Certification Item
[**Get-PendingCertificationTasks**](#get-pending-certification-tasks) | **GET** `/certification-tasks` | List of Pending Certification Tasks
[**Get-CertificationReviewers**](#list-certification-reviewers) | **GET** `/certifications/{id}/reviewers` | List of Reviewers for certification
[**Get-IdentityAccessReviewItems**](#list-identity-access-review-items) | **GET** `/certifications/{id}/access-review-items` | List of Access Review Items
[**Get-IdentityCertifications**](#list-identity-certifications) | **GET** `/certifications` | List Identity Campaign Certifications
[**Select-IdentityDecision**](#make-identity-decision) | **POST** `/certifications/{id}/decide` | Decide on a Certification Item
[**Invoke-ReassignIdentityCertifications**](#reassign-identity-certifications) | **POST** `/certifications/{id}/reassign` | Reassign Identities or Items
[**Invoke-SignOffIdentityCertification**](#sign-off-identity-certification) | **POST** `/certifications/{id}/sign-off` | Finalize Identity Certification Decisions
[**Submit-ReassignCertsAsync**](#submit-reassign-certs-async) | **POST** `/certifications/{id}/reassign-async` | Reassign Certifications Asynchronously
## get-certification-task
This API returns the certification task for the specified ID. Reviewers for the specified certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The task ID
### Return type
[**CertificationTask**](../models/certification-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A certification task | CertificationTask
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "63b32151-26c0-42f4-9299-8898dc1c9daa" # String | The task ID
# Certification Task by ID
try {
Get-CertificationTask-Id $Id
# Below is a request that includes all optional parameters
# Get-CertificationTask -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CertificationTask"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-certification
This API returns a single identity campaign certification by its ID. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The certification id
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification object | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification id
# Identity Certification by ID
try {
Get-IdentityCertification-Id $Id
# Below is a request that includes all optional parameters
# Get-IdentityCertification -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityCertification"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-certification-item-permissions
This API returns the permissions associated with an entitlement certification item based on the certification item's ID. Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | CertificationId | **String** | True | The certification ID
Path | ItemId | **String** | True | The certification item ID
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **target**: *eq, sw* **rights**: *ca* Supported composite operators: *and, or* All field values (second filter operands) are case-insensitive for this API. Only a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field. For example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22` The following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PermissionDto[]**](../models/permission-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of permissions associated with the given itemId | PermissionDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$CertificationId = "ef38f94347e94562b5bb8424a56397d8" # String | The certification ID
$ItemId = "2c91808671bcbab40171bd945d961227" # String | The certification item ID
$Filters = 'target eq "SYS.OBJAUTH2"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **target**: *eq, sw* **rights**: *ca* Supported composite operators: *and, or* All field values (second filter operands) are case-insensitive for this API. Only a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field. For example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22` The following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1 (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Permissions for Entitlement Certification Item
try {
Get-IdentityCertificationItemPermissions-CertificationId $CertificationId -ItemId $ItemId
# Below is a request that includes all optional parameters
# Get-IdentityCertificationItemPermissions -CertificationId $CertificationId -ItemId $ItemId -Filters $Filters -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityCertificationItemPermissions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-pending-certification-tasks
This API returns a list of pending (`QUEUED` or `IN_PROGRESS`) certification tasks. Any authenticated token can call this API, but only certification tasks you are authorized to review will be returned.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ReviewerIdentity | **String** | (optional) | The ID of reviewer identity. *me* indicates the current user.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **targetId**: *eq, in* **type**: *eq, in*
### Return type
[**CertificationTask[]**](../models/certification-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of pending certification tasks | CertificationTask[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ReviewerIdentity = "Ada.1de82e55078344" # String | The ID of reviewer identity. *me* indicates the current user. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'type eq "ADMIN_REASSIGN"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **targetId**: *eq, in* **type**: *eq, in* (optional)
# List of Pending Certification Tasks
try {
Get-PendingCertificationTasks
# Below is a request that includes all optional parameters
# Get-PendingCertificationTasks -ReviewerIdentity $ReviewerIdentity -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PendingCertificationTasks"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-certification-reviewers
This API returns a list of reviewers for the certification. Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The certification ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **email**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, email**
### Return type
[**IdentityReferenceWithNameAndEmail[]**](../models/identity-reference-with-name-and-email)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of reviewers | IdentityReferenceWithNameAndEmail[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification ID
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "Bob"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **email**: *eq, sw* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, email** (optional)
# List of Reviewers for certification
try {
Get-CertificationReviewers-Id $Id
# Below is a request that includes all optional parameters
# Get-CertificationReviewers -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CertificationReviewers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-access-review-items
This API returns a list of access review items for an identity campaign certification. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **type**: *eq* **access.type**: *eq* **completed**: *eq, ne* **identitySummary.id**: *eq, in* **identitySummary.name**: *eq, sw* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**
Query | Entitlements | **String** | (optional) | Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs. An error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.
Query | AccessProfiles | **String** | (optional) | Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs. An error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.
Query | Roles | **String** | (optional) | Filter results to view access review items that pertain to any of the specified comma-separated role IDs. An error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.
### Return type
[**AccessReviewItem[]**](../models/access-review-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of access review items | AccessReviewItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **type**: *eq* **access.type**: *eq* **completed**: *eq, ne* **identitySummary.id**: *eq, in* **identitySummary.name**: *eq, sw* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw* (optional)
$Sorters = "access.name,-accessProfile.sourceName" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName** (optional)
$Entitlements = "identityEntitlement" # String | Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs. An error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time. (optional)
$AccessProfiles = "accessProfile1" # String | Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs. An error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time. (optional)
$Roles = "userRole" # String | Filter results to view access review items that pertain to any of the specified comma-separated role IDs. An error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time. (optional)
# List of Access Review Items
try {
Get-IdentityAccessReviewItems-Id $Id
# Below is a request that includes all optional parameters
# Get-IdentityAccessReviewItems -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters -Entitlements $Entitlements -AccessProfiles $AccessProfiles -Roles $Roles
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityAccessReviewItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-certifications
Use this API to get a list of identity campaign certifications for the specified query parameters. Any authenticated token can call this API, but only certifications you are authorized to review will be returned. This API does not support requests for certifications assigned to governance groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ReviewerIdentity | **String** | (optional) | Reviewer's identity. *me* indicates the current user.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **campaign.id**: *eq, in* **phase**: *eq* **completed**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, due, signed**
### Return type
[**IdentityCertificationDto[]**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identity campaign certifications. | IdentityCertificationDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ReviewerIdentity = "me" # String | Reviewer's identity. *me* indicates the current user. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **campaign.id**: *eq, in* **phase**: *eq* **completed**: *eq* (optional)
$Sorters = "name,due" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, due, signed** (optional)
# List Identity Campaign Certifications
try {
Get-IdentityCertifications
# Below is a request that includes all optional parameters
# Get-IdentityCertifications -ReviewerIdentity $ReviewerIdentity -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityCertifications"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## make-identity-decision
The API makes a decision to approve or revoke one or more identity campaign certification items. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the identity campaign certification on which to make decisions
Body | ReviewDecision | [**[]ReviewDecision**](../models/review-decision) | True | A non-empty array of decisions to be made.
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification object | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the identity campaign certification on which to make decisions
# ReviewDecision[] | A non-empty array of decisions to be made.
$ReviewDecision = @"{
"comments" : "This user no longer needs access to this source",
"decision" : "APPROVE",
"proposedEndDate" : "2017-07-11T18:45:37.098Z",
"recommendation" : {
"reasons" : [ "Reason 1", "Reason 2" ],
"recommendation" : "recommendation",
"timestamp" : "2020-06-01T13:49:37.385Z"
},
"id" : "ef38f94347e94562b5bb8424a56397d8",
"bulk" : true
}"@
# Decide on a Certification Item
try {
$Result = ConvertFrom-JsonToReviewDecision -Json $ReviewDecision
Select-IdentityDecision-Id $Id -ReviewDecision $Result
# Below is a request that includes all optional parameters
# Select-IdentityDecision -Id $Id -ReviewDecision $ReviewDecision
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Select-IdentityDecision"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reassign-identity-certifications
This API reassigns up to 50 identities or items in an identity campaign certification to another reviewer. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Body | ReviewReassign | [**ReviewReassign**](../models/review-reassign) | True |
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification details after completing the reassignment. | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$ReviewReassign = @"{
"reason" : "reassigned for some reason",
"reassignTo" : "ef38f94347e94562b5bb8424a56397d8",
"reassign" : [ {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
}, {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
} ]
}"@
# Reassign Identities or Items
try {
$Result = ConvertFrom-JsonToReviewReassign -Json $ReviewReassign
Invoke-ReassignIdentityCertifications-Id $Id -ReviewReassign $Result
# Below is a request that includes all optional parameters
# Invoke-ReassignIdentityCertifications -Id $Id -ReviewReassign $ReviewReassign
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-ReassignIdentityCertifications"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## sign-off-identity-certification
This API finalizes all decisions made on an identity campaign certification and initiates any remediations required. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification object | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
# Finalize Identity Certification Decisions
try {
Invoke-SignOffIdentityCertification-Id $Id
# Below is a request that includes all optional parameters
# Invoke-SignOffIdentityCertification -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-SignOffIdentityCertification"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-reassign-certs-async
This API initiates a task to reassign up to 500 identities or items in an identity campaign certification to another
reviewer. The `certification-tasks` API can be used to get an updated status on the task and determine when the
reassignment is complete.
Reviewers for this certification can also call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Body | ReviewReassign | [**ReviewReassign**](../models/review-reassign) | True |
### Return type
[**CertificationTask**](../models/certification-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A certification task object for the reassignment which can be queried for status. | CertificationTask
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$ReviewReassign = @"{
"reason" : "reassigned for some reason",
"reassignTo" : "ef38f94347e94562b5bb8424a56397d8",
"reassign" : [ {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
}, {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
} ]
}"@
# Reassign Certifications Asynchronously
try {
$Result = ConvertFrom-JsonToReviewReassign -Json $ReviewReassign
Submit-ReassignCertsAsync-Id $Id -ReviewReassign $Result
# Below is a request that includes all optional parameters
# Submit-ReassignCertsAsync -Id $Id -ReviewReassign $ReviewReassign
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-ReassignCertsAsync"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

512
docs/tools/sdk/powershell/refrence/v3/Methods/ConfigurationHubApi.md Normal file
View File

@@ -0,0 +1,512 @@
---
id: configuration-hub
title: ConfigurationHub
pagination_label: ConfigurationHub
sidebar_label: ConfigurationHub
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ConfigurationHub']
slug: /tools/sdk/powershell/v3/methods/configuration-hub
tags: ['SDK', 'Software Development Kit', 'ConfigurationHub']
---
# ConfigurationHub
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-ObjectMapping**](#create-object-mapping) | **POST** `/configuration-hub/object-mappings/{sourceOrg}` | Creates an object mapping
[**New-ObjectMappings**](#create-object-mappings) | **POST** `/configuration-hub/object-mappings/{sourceOrg}/bulk-create` | Bulk creates object mappings
[**New-UploadedConfiguration**](#create-uploaded-configuration) | **POST** `/configuration-hub/backups/uploads` | Upload a Configuration
[**Remove-ObjectMapping**](#delete-object-mapping) | **DELETE** `/configuration-hub/object-mappings/{sourceOrg}/{objectMappingId}` | Deletes an object mapping
[**Remove-UploadedConfiguration**](#delete-uploaded-configuration) | **DELETE** `/configuration-hub/backups/uploads/{id}` | Delete an Uploaded Configuration
[**Get-ObjectMappings**](#get-object-mappings) | **GET** `/configuration-hub/object-mappings/{sourceOrg}` | Gets list of object mappings
[**Get-UploadedConfiguration**](#get-uploaded-configuration) | **GET** `/configuration-hub/backups/uploads/{id}` | Get an Uploaded Configuration
[**Get-UploadedConfigurations**](#list-uploaded-configurations) | **GET** `/configuration-hub/backups/uploads` | List Uploaded Configurations
[**Update-ObjectMappings**](#update-object-mappings) | **POST** `/configuration-hub/object-mappings/{sourceOrg}/bulk-patch` | Bulk updates object mappings
## create-object-mapping
This creates an object mapping between current org and source org.
Source org should be "default" when creating an object mapping that is not to be associated to any particular org.
The request will need the following security scope:
- sp:config-object-mapping:manage
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceOrg | **String** | True | The name of the source org.
Body | ObjectMappingRequest | [**ObjectMappingRequest**](../models/object-mapping-request) | True | The object mapping request body.
### Return type
[**ObjectMappingResponse**](../models/object-mapping-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The created object mapping between current org and source org. | ObjectMappingResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SourceOrg = "source-org" # String | The name of the source org.
$ObjectMappingRequest = @"{
"targetValue" : "My New Governance Group Name",
"jsonPath" : "$.name",
"sourceValue" : "My Governance Group Name",
"enabled" : false,
"objectType" : "IDENTITY"
}"@
# Creates an object mapping
try {
$Result = ConvertFrom-JsonToObjectMappingRequest -Json $ObjectMappingRequest
New-ObjectMapping-SourceOrg $SourceOrg -ObjectMappingRequest $Result
# Below is a request that includes all optional parameters
# New-ObjectMapping -SourceOrg $SourceOrg -ObjectMappingRequest $ObjectMappingRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ObjectMapping"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-object-mappings
This creates a set of object mappings (Max 25) between current org and source org.
Source org should be "default" when creating object mappings that are not to be associated to any particular org.
The request will need the following security scope:
- sp:config-object-mapping:manage
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceOrg | **String** | True | The name of the source org.
Body | ObjectMappingBulkCreateRequest | [**ObjectMappingBulkCreateRequest**](../models/object-mapping-bulk-create-request) | True | The bulk create object mapping request body.
### Return type
[**ObjectMappingBulkCreateResponse**](../models/object-mapping-bulk-create-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The created object mapping between current org and source org. | ObjectMappingBulkCreateResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SourceOrg = "source-org" # String | The name of the source org.
$ObjectMappingBulkCreateRequest = @"{
"newObjectsMappings" : [ {
"targetValue" : "My New Governance Group Name",
"jsonPath" : "$.name",
"sourceValue" : "My Governance Group Name",
"enabled" : false,
"objectType" : "IDENTITY"
}, {
"targetValue" : "My New Governance Group Name",
"jsonPath" : "$.name",
"sourceValue" : "My Governance Group Name",
"enabled" : false,
"objectType" : "IDENTITY"
} ]
}"@
# Bulk creates object mappings
try {
$Result = ConvertFrom-JsonToObjectMappingBulkCreateRequest -Json $ObjectMappingBulkCreateRequest
New-ObjectMappings-SourceOrg $SourceOrg -ObjectMappingBulkCreateRequest $Result
# Below is a request that includes all optional parameters
# New-ObjectMappings -SourceOrg $SourceOrg -ObjectMappingBulkCreateRequest $ObjectMappingBulkCreateRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ObjectMappings"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-uploaded-configuration
This API uploads a JSON configuration file into a tenant.
Configuration files can be managed and deployed via Configuration Hub by uploading a json file which contains configuration data. The JSON file should be the same as the one used by our import endpoints. The object types supported by upload configuration file functionality are the same as the ones supported by our regular backup functionality.
Refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects) for more information about supported objects.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| Data | **System.IO.FileInfo** | True | JSON file containing the objects to be imported.
| Name | **String** | True | Name that will be assigned to the uploaded configuration file.
### Return type
[**BackupResponse**](../models/backup-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Upload job accepted and queued for processing. | BackupResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Data = # System.IO.FileInfo | JSON file containing the objects to be imported.
$Name = "MyName" # String | Name that will be assigned to the uploaded configuration file.
# Upload a Configuration
try {
New-UploadedConfiguration-Data $Data -Name $Name
# Below is a request that includes all optional parameters
# New-UploadedConfiguration -Data $Data -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-UploadedConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-object-mapping
This deletes an existing object mapping.
Source org should be "default" when deleting an object mapping that is not associated to any particular org.
The request will need the following security scope:
- sp:config-object-mapping:manage
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceOrg | **String** | True | The name of the source org.
Path | ObjectMappingId | **String** | True | The id of the object mapping to be deleted.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$SourceOrg = "source-org" # String | The name of the source org.
$ObjectMappingId = "3d6e0144-963f-4bd6-8d8d-d77b4e507ce4" # String | The id of the object mapping to be deleted.
# Deletes an object mapping
try {
Remove-ObjectMapping-SourceOrg $SourceOrg -ObjectMappingId $ObjectMappingId
# Below is a request that includes all optional parameters
# Remove-ObjectMapping -SourceOrg $SourceOrg -ObjectMappingId $ObjectMappingId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-ObjectMapping"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-uploaded-configuration
This API deletes an uploaded configuration based on Id.
On success, this endpoint will return an empty response.
The uploaded configuration id can be obtained from the response after a successful upload, or the list uploaded configurations endpoint.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The id of the uploaded configuration.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b" # String | The id of the uploaded configuration.
# Delete an Uploaded Configuration
try {
Remove-UploadedConfiguration-Id $Id
# Below is a request that includes all optional parameters
# Remove-UploadedConfiguration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-UploadedConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-object-mappings
This gets a list of existing object mappings between current org and source org.
Source org should be "default" when getting object mappings that are not associated to any particular org.
The request will need the following security scope:
- sp:config-object-mapping:read
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceOrg | **String** | True | The name of the source org.
### Return type
[**ObjectMappingResponse[]**](../models/object-mapping-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of existing object mappings between current org and source org. | ObjectMappingResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$SourceOrg = "source-org" # String | The name of the source org.
# Gets list of object mappings
try {
Get-ObjectMappings-SourceOrg $SourceOrg
# Below is a request that includes all optional parameters
# Get-ObjectMappings -SourceOrg $SourceOrg
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ObjectMappings"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-uploaded-configuration
This API gets an existing uploaded configuration for the current tenant.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The id of the uploaded configuration.
### Return type
[**BackupResponse**](../models/backup-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Gets an uploaded configuration details. | BackupResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "3d0fe04b-57df-4a46-a83b-8f04b0f9d10b" # String | The id of the uploaded configuration.
# Get an Uploaded Configuration
try {
Get-UploadedConfiguration-Id $Id
# Below is a request that includes all optional parameters
# Get-UploadedConfiguration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-UploadedConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-uploaded-configurations
This API gets a list of existing uploaded configurations for the current tenant.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq*
### Return type
[**BackupResponse[]**](../models/backup-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of existing uploaded configurations. | BackupResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Filters = 'status eq "COMPLETE"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq* (optional)
# List Uploaded Configurations
try {
Get-UploadedConfigurations
# Below is a request that includes all optional parameters
# Get-UploadedConfigurations -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-UploadedConfigurations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-object-mappings
This updates a set of object mappings, only enabled and targetValue fields can be updated.
Source org should be "default" when updating object mappings that are not associated to any particular org.
The request will need the following security scope:
- sp:config-object-mapping:manage
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceOrg | **String** | True | The name of the source org.
Body | ObjectMappingBulkPatchRequest | [**ObjectMappingBulkPatchRequest**](../models/object-mapping-bulk-patch-request) | True | The object mapping request body.
### Return type
[**ObjectMappingBulkPatchResponse**](../models/object-mapping-bulk-patch-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The updated object mappings. | ObjectMappingBulkPatchResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SourceOrg = "source-org" # String | The name of the source org.
$ObjectMappingBulkPatchRequest = @"{
"patches" : {
"603b1a61-d03d-4ed1-864f-a508fbd1995d" : [ {
"op" : "replace",
"path" : "/enabled",
"value" : true
} ],
"00bece34-f50d-4227-8878-76f620b5a971" : [ {
"op" : "replace",
"path" : "/targetValue",
"value" : "New Target Value"
} ]
}
}"@
# Bulk updates object mappings
try {
$Result = ConvertFrom-JsonToObjectMappingBulkPatchRequest -Json $ObjectMappingBulkPatchRequest
Update-ObjectMappings-SourceOrg $SourceOrg -ObjectMappingBulkPatchRequest $Result
# Below is a request that includes all optional parameters
# Update-ObjectMappings -SourceOrg $SourceOrg -ObjectMappingBulkPatchRequest $ObjectMappingBulkPatchRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-ObjectMappings"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

584
docs/tools/sdk/powershell/refrence/v3/Methods/ConnectorsApi.md Normal file
View File

@@ -0,0 +1,584 @@
---
id: connectors
title: Connectors
pagination_label: Connectors
sidebar_label: Connectors
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Connectors']
slug: /tools/sdk/powershell/v3/methods/connectors
tags: ['SDK', 'Software Development Kit', 'Connectors']
---
# Connectors
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-CustomConnector**](#create-custom-connector) | **POST** `/connectors` | Create Custom Connector
[**Remove-CustomConnector**](#delete-custom-connector) | **DELETE** `/connectors/{scriptName}` | Delete Connector by Script Name
[**Get-Connector**](#get-connector) | **GET** `/connectors/{scriptName}` | Get Connector by Script Name
[**Get-ConnectorList**](#get-connector-list) | **GET** `/connectors` | Get Connector List
[**Get-ConnectorSourceConfig**](#get-connector-source-config) | **GET** `/connectors/{scriptName}/source-config` | Get Connector Source Configuration
[**Get-ConnectorSourceTemplate**](#get-connector-source-template) | **GET** `/connectors/{scriptName}/source-template` | Get Connector Source Template
[**Get-ConnectorTranslations**](#get-connector-translations) | **GET** `/connectors/{scriptName}/translations/{locale}` | Get Connector Translations
[**Send-ConnectorSourceConfig**](#put-connector-source-config) | **PUT** `/connectors/{scriptName}/source-config` | Update Connector Source Configuration
[**Send-ConnectorSourceTemplate**](#put-connector-source-template) | **PUT** `/connectors/{scriptName}/source-template` | Update Connector Source Template
[**Send-ConnectorTranslations**](#put-connector-translations) | **PUT** `/connectors/{scriptName}/translations/{locale}` | Update Connector Translations
[**Update-Connector**](#update-connector) | **PATCH** `/connectors/{scriptName}` | Update Connector by Script Name
## create-custom-connector
Create custom connector.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | V3CreateConnectorDto | [**V3CreateConnectorDto**](../models/v3-create-connector-dto) | True |
### Return type
[**V3ConnectorDto**](../models/v3-connector-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Connector Dto object | V3ConnectorDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$V3CreateConnectorDto = @"{
"name" : "custom connector",
"directConnect" : true,
"className" : "sailpoint.connector.OpenConnectorAdapter",
"type" : "custom connector type",
"status" : "RELEASED"
}"@
# Create Custom Connector
try {
$Result = ConvertFrom-JsonToV3CreateConnectorDto -Json $V3CreateConnectorDto
New-CustomConnector-V3CreateConnectorDto $Result
# Below is a request that includes all optional parameters
# New-CustomConnector -V3CreateConnectorDto $V3CreateConnectorDto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-CustomConnector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-custom-connector
Delete a custom connector that using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# Delete Connector by Script Name
try {
Remove-CustomConnector-ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Remove-CustomConnector -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-CustomConnector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector
Fetches a connector that using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
Query | Locale | **String** | (optional) | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
[**ConnectorDetail**](../models/connector-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Connector Dto object | ConnectorDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en"" (optional)
# Get Connector by Script Name
try {
Get-Connector-ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-Connector -ScriptName $ScriptName -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Connector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-list
Fetches list of connectors that have 'RELEASED' status using filtering and pagination.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw, co* **type**: *sw, co, eq* **directConnect**: *eq* **category**: *eq* **features**: *ca* **labels**: *ca*
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Locale | **String** | (optional) | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
[**V3ConnectorDto[]**](../models/v3-connector-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Connector Dto object | V3ConnectorDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Filters = 'directConnect eq "true"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw, co* **type**: *sw, co, eq* **directConnect**: *eq* **category**: *eq* **features**: *ca* **labels**: *ca* (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en"" (optional)
# Get Connector List
try {
Get-ConnectorList
# Below is a request that includes all optional parameters
# Get-ConnectorList -Filters $Filters -Limit $Limit -Offset $Offset -Count $Count -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ConnectorList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-source-config
Fetches a connector's source config using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector's source template | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/xml, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# Get Connector Source Configuration
try {
Get-ConnectorSourceConfig-ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-ConnectorSourceConfig -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ConnectorSourceConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-source-template
Fetches a connector's source template using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector's source template | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/xml, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# Get Connector Source Template
try {
Get-ConnectorSourceTemplate-ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-ConnectorSourceTemplate -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ConnectorSourceTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-translations
Fetches a connector's translations using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
Path | Locale | **String** | True | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector's translations | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/plain, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en""
# Get Connector Translations
try {
Get-ConnectorTranslations-ScriptName $ScriptName -Locale $Locale
# Below is a request that includes all optional parameters
# Get-ConnectorTranslations -ScriptName $ScriptName -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ConnectorTranslations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-source-config
Update a connector's source config using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
| File | **System.IO.FileInfo** | True | connector source config xml file
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector's update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$File = # System.IO.FileInfo | connector source config xml file
# Update Connector Source Configuration
try {
Send-ConnectorSourceConfig-ScriptName $ScriptName -File $File
# Below is a request that includes all optional parameters
# Send-ConnectorSourceConfig -ScriptName $ScriptName -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ConnectorSourceConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-source-template
Update a connector's source template using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
| File | **System.IO.FileInfo** | True | connector source template xml file
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector's update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$File = # System.IO.FileInfo | connector source template xml file
# Update Connector Source Template
try {
Send-ConnectorSourceTemplate-ScriptName $ScriptName -File $File
# Below is a request that includes all optional parameters
# Send-ConnectorSourceTemplate -ScriptName $ScriptName -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ConnectorSourceTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-translations
Update a connector's translations using its script name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
Path | Locale | **String** | True | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector's update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en""
# Update Connector Translations
try {
Send-ConnectorTranslations-ScriptName $ScriptName -Locale $Locale
# Below is a request that includes all optional parameters
# Send-ConnectorTranslations -ScriptName $ScriptName -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ConnectorTranslations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-connector
This API updates a custom connector by script name using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable:
* connectorMetadata
* applicationXml
* correlationConfigXml
* sourceConfigXml
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of connector detail update operations
### Return type
[**ConnectorDetail**](../models/connector-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A updated Connector Dto object | ConnectorDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# JsonPatchOperation[] | A list of connector detail update operations
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Connector by Script Name
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-Connector-ScriptName $ScriptName -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-Connector -ScriptName $ScriptName -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Connector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

471
docs/tools/sdk/powershell/refrence/v3/Methods/GlobalTenantSecuritySettingsApi.md Normal file
View File

@@ -0,0 +1,471 @@
---
id: global-tenant-security-settings
title: GlobalTenantSecuritySettings
pagination_label: GlobalTenantSecuritySettings
sidebar_label: GlobalTenantSecuritySettings
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'GlobalTenantSecuritySettings']
slug: /tools/sdk/powershell/v3/methods/global-tenant-security-settings
tags: ['SDK', 'Software Development Kit', 'GlobalTenantSecuritySettings']
---
# GlobalTenantSecuritySettings
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-AuthOrgNetworkConfig**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**Get-AuthOrgLockoutConfig**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**Get-AuthOrgNetworkConfig**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**Get-AuthOrgServiceProviderConfig**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**Get-AuthOrgSessionConfig**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**Update-AuthOrgLockoutConfig**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**Update-AuthOrgNetworkConfig**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**Update-AuthOrgServiceProviderConfig**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**Update-AuthOrgSessionConfig**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:manage'
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | NetworkConfiguration | [**NetworkConfiguration**](../models/network-configuration) | True | Network configuration creation request body. The following constraints ensure the request body conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
### Return type
[**NetworkConfiguration**](../models/network-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Network configuration for the tenant. | NetworkConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$NetworkConfiguration = @"{
"range" : [ "1.3.7.2", "255.255.255.252/30" ],
"whitelisted" : true,
"geolocation" : [ "CA", "FR", "HT" ]
}"@
# Create security network configuration.
try {
$Result = ConvertFrom-JsonToNetworkConfiguration -Json $NetworkConfiguration
New-AuthOrgNetworkConfig-NetworkConfiguration $Result
# Below is a request that includes all optional parameters
# New-AuthOrgNetworkConfig -NetworkConfiguration $NetworkConfiguration
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-AuthOrgNetworkConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-lockout-config
This API returns the details of an org's lockout auth configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Lockout configuration for the tenant's auth org. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Lockout Configuration.
try {
Get-AuthOrgLockoutConfig
# Below is a request that includes all optional parameters
# Get-AuthOrgLockoutConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-network-config
This API returns the details of an org's network auth configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**NetworkConfiguration**](../models/network-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Network configuration for the tenant's auth org. | NetworkConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get security network configuration.
try {
Get-AuthOrgNetworkConfig
# Below is a request that includes all optional parameters
# Get-AuthOrgNetworkConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AuthOrgNetworkConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-service-provider-config
This API returns the details of an org's service provider auth configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Service Provider Configuration.
try {
Get-AuthOrgServiceProviderConfig
# Below is a request that includes all optional parameters
# Get-AuthOrgServiceProviderConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-session-config
This API returns the details of an org's session auth configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Session configuration for the tenant's auth org. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Session Configuration.
try {
Get-AuthOrgSessionConfig
# Below is a request that includes all optional parameters
# Get-AuthOrgSessionConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-lockout-config
This API updates an existing lockout configuration for an org using PATCH
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org lockout configuration. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
# JsonPatchOperation[] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Auth Org Lockout Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-AuthOrgLockoutConfig-JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-AuthOrgLockoutConfig -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-network-config
This API updates an existing network configuration for an org using PATCH
Requires security scope of: 'sp:auth-org:manage'
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Network Config conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
### Return type
[**NetworkConfiguration**](../models/network-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org network configuration. | NetworkConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
# JsonPatchOperation[] | A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Network Config conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update security network configuration.
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-AuthOrgNetworkConfig-JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-AuthOrgNetworkConfig -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-AuthOrgNetworkConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-service-provider-config
This API updates an existing service provider configuration for an org using PATCH.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
# JsonPatchOperation[] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Service Provider Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-AuthOrgServiceProviderConfig-JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-AuthOrgServiceProviderConfig -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-session-config
This API updates an existing session configuration for an org using PATCH.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org session configuration. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
# JsonPatchOperation[] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Auth Org Session Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-AuthOrgSessionConfig-JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-AuthOrgSessionConfig -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

719
docs/tools/sdk/powershell/refrence/v3/Methods/IdentityProfilesApi.md Normal file
View File

@@ -0,0 +1,719 @@
---
id: identity-profiles
title: IdentityProfiles
pagination_label: IdentityProfiles
sidebar_label: IdentityProfiles
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityProfiles']
slug: /tools/sdk/powershell/v3/methods/identity-profiles
tags: ['SDK', 'Software Development Kit', 'IdentityProfiles']
---
# IdentityProfiles
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-IdentityProfile**](#create-identity-profile) | **POST** `/identity-profiles` | Create an Identity Profile
[**Remove-IdentityProfile**](#delete-identity-profile) | **DELETE** `/identity-profiles/{identity-profile-id}` | Delete an Identity Profile
[**Remove-IdentityProfiles**](#delete-identity-profiles) | **POST** `/identity-profiles/bulk-delete` | Delete Identity Profiles
[**Export-IdentityProfiles**](#export-identity-profiles) | **GET** `/identity-profiles/export` | Export Identity Profiles
[**Get-DefaultIdentityAttributeConfig**](#get-default-identity-attribute-config) | **GET** `/identity-profiles/{identity-profile-id}/default-identity-attribute-config` | Get default Identity Attribute Config
[**Get-IdentityProfile**](#get-identity-profile) | **GET** `/identity-profiles/{identity-profile-id}` | Get single Identity Profile
[**Import-IdentityProfiles**](#import-identity-profiles) | **POST** `/identity-profiles/import` | Import Identity Profiles
[**Get-IdentityProfiles**](#list-identity-profiles) | **GET** `/identity-profiles` | Identity Profiles List
[**Show-IdentityPreview**](#show-identity-preview) | **POST** `/identity-profiles/identity-preview` | Generate Identity Profile Preview
[**Sync-IdentityProfile**](#sync-identity-profile) | **POST** `/identity-profiles/{identity-profile-id}/process-identities` | Process identities under profile
[**Update-IdentityProfile**](#update-identity-profile) | **PATCH** `/identity-profiles/{identity-profile-id}` | Update the Identity Profile
## create-identity-profile
This creates an Identity Profile.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityProfile | [**IdentityProfile**](../models/identity-profile) | True |
### Return type
[**IdentityProfile**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | The created Identity Profile | IdentityProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityProfile = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "IDENTITY"
},
"identityExceptionReportReference" : {
"reportName" : "My annual report",
"taskResultId" : "2b838de9-db9b-abcf-e646-d4f274ad4238"
},
"authoritativeSource" : {
"name" : "HR Active Directory",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "SOURCE"
},
"hasTimeBasedAttr" : true,
"created" : "2015-05-28T14:07:17Z",
"description" : "My custom flat file profile",
"identityRefreshRequired" : true,
"identityCount" : 8,
"priority" : 10,
"identityAttributeConfig" : {
"attributeTransforms" : [ {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
}, {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
} ],
"enabled" : true
},
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"id" : "id12345"
}"@
# Create an Identity Profile
try {
$Result = ConvertFrom-JsonToIdentityProfile -Json $IdentityProfile
New-IdentityProfile-IdentityProfile $Result
# Below is a request that includes all optional parameters
# New-IdentityProfile -IdentityProfile $IdentityProfile
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-identity-profile
This deletes an Identity Profile based on ID.
On success, this endpoint will return a reference to the bulk delete task result.
The following rights are required to access this endpoint: idn:identity-profile:delete
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID.
### Return type
[**TaskResultSimplified**](../models/task-result-simplified)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returns a TaskResult object referencing the bulk delete job created. | TaskResultSimplified
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "ef38f94347e94562b5bb8424a56397d8" # String | The Identity Profile ID.
# Delete an Identity Profile
try {
Remove-IdentityProfile-IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Remove-IdentityProfile -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-identity-profiles
This deletes multiple Identity Profiles via a list of supplied IDs.
On success, this endpoint will return a reference to the bulk delete task result.
The following rights are required to access this endpoint: idn:identity-profile:delete
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | RequestBody | **[]String** | True | Identity Profile bulk delete request body.
### Return type
[**TaskResultSimplified**](../models/task-result-simplified)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returns a TaskResult object referencing the bulk delete job created. | TaskResultSimplified
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RequestBody = "MyRequestBody" # String[] | Identity Profile bulk delete request body.
$RequestBody = @""@
# Delete Identity Profiles
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Remove-IdentityProfiles-RequestBody $Result
# Below is a request that includes all optional parameters
# Remove-IdentityProfiles -RequestBody $RequestBody
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## export-identity-profiles
This exports existing identity profiles in the format specified by the sp-config service.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne* **name**: *eq, ne* **priority**: *eq, ne*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority**
### Return type
[**IdentityProfileExportedObject[]**](../models/identity-profile-exported-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of export objects with identity profiles. | IdentityProfileExportedObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne* **name**: *eq, ne* **priority**: *eq, ne* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority** (optional)
# Export Identity Profiles
try {
Export-IdentityProfiles
# Below is a request that includes all optional parameters
# Export-IdentityProfiles -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Export-IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-default-identity-attribute-config
This returns the default identity attribute config.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID.
### Return type
[**IdentityAttributeConfig**](../models/identity-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An Identity Attribute Config object. | IdentityAttributeConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | The Identity Profile ID.
# Get default Identity Attribute Config
try {
Get-DefaultIdentityAttributeConfig-IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Get-DefaultIdentityAttributeConfig -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-DefaultIdentityAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-profile
This returns a single Identity Profile based on ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID.
### Return type
[**IdentityProfile**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An Identity Profile object. | IdentityProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | The Identity Profile ID.
# Get single Identity Profile
try {
Get-IdentityProfile-IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Get-IdentityProfile -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## import-identity-profiles
This imports previously exported identity profiles.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityProfileExportedObject | [**[]IdentityProfileExportedObject**](../models/identity-profile-exported-object) | True | Previously exported Identity Profiles.
### Return type
[**ObjectImportResult**](../models/object-import-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The result of importing Identity Profiles. | ObjectImportResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
# IdentityProfileExportedObject[] | Previously exported Identity Profiles.
$IdentityProfileExportedObject = @"{
"self" : {
"name" : "HR Active Directory",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "SOURCE"
},
"version" : 1,
"object" : {
"owner" : {
"name" : "William Wilson",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "IDENTITY"
},
"identityExceptionReportReference" : {
"reportName" : "My annual report",
"taskResultId" : "2b838de9-db9b-abcf-e646-d4f274ad4238"
},
"authoritativeSource" : {
"name" : "HR Active Directory",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "SOURCE"
},
"hasTimeBasedAttr" : true,
"created" : "2015-05-28T14:07:17Z",
"description" : "My custom flat file profile",
"identityRefreshRequired" : true,
"identityCount" : 8,
"priority" : 10,
"identityAttributeConfig" : {
"attributeTransforms" : [ {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
}, {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
} ],
"enabled" : true
},
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"id" : "id12345"
}
}"@
# Import Identity Profiles
try {
$Result = ConvertFrom-JsonToIdentityProfileExportedObject -Json $IdentityProfileExportedObject
Import-IdentityProfiles-IdentityProfileExportedObject $Result
# Below is a request that includes all optional parameters
# Import-IdentityProfiles -IdentityProfileExportedObject $IdentityProfileExportedObject
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Import-IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-profiles
This returns a list of Identity Profiles based on the specified query parameters.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne, ge, gt, in, le, lt, isnull, sw* **name**: *eq, ne, ge, gt, in, le, lt, isnull, sw* **priority**: *eq, ne*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**
### Return type
[**IdentityProfile[]**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identityProfiles. | IdentityProfile[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne, ge, gt, in, le, lt, isnull, sw* **name**: *eq, ne, ge, gt, in, le, lt, isnull, sw* **priority**: *eq, ne* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name** (optional)
# Identity Profiles List
try {
Get-IdentityProfiles
# Below is a request that includes all optional parameters
# Get-IdentityProfiles -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## show-identity-preview
Use this API to generate a non-persisted preview of the identity object after applying `IdentityAttributeConfig` sent in request body.
This API only allows `accountAttribute`, `reference` and `rule` transform types in the `IdentityAttributeConfig` sent in the request body.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityPreviewRequest | [**IdentityPreviewRequest**](../models/identity-preview-request) | True | Identity Preview request body.
### Return type
[**IdentityPreviewResponse**](../models/identity-preview-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A preview of the identity attributes after applying identity attributes config sent in request body. | IdentityPreviewResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityPreviewRequest = @"{
"identityId" : "046b6c7f-0b8a-43b9-b35d-6489e6daee91",
"identityAttributeConfig" : {
"attributeTransforms" : [ {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
}, {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
} ],
"enabled" : true
}
}"@
# Generate Identity Profile Preview
try {
$Result = ConvertFrom-JsonToIdentityPreviewRequest -Json $IdentityPreviewRequest
Show-IdentityPreview-IdentityPreviewRequest $Result
# Below is a request that includes all optional parameters
# Show-IdentityPreview -IdentityPreviewRequest $IdentityPreviewRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Show-IdentityPreview"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## sync-identity-profile
Process identities under the profile
This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized.
This should only be run on identity profiles that have the `identityRefreshRequired` attribute set to `true`. If `identityRefreshRequired` is false, then there is no benefit to running this operation. Typically, this operation is performed when a change is made to the identity profile or its related lifecycle states that requires a refresh.
This operation will perform the following activities on all identities under the identity profile.
1. Updates identity attribute according to the identity profile mappings. 2. Determines the identity's correct manager through manager correlation. 3. Updates the identity's access according to their assigned lifecycle state. 4. Updates the identity's access based on role assignment criteria.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID to be processed
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "ef38f94347e94562b5bb8424a56397d8" # String | The Identity Profile ID to be processed
# Process identities under profile
try {
Sync-IdentityProfile-IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Sync-IdentityProfile -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Sync-IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-identity-profile
This updates the specified Identity Profile.
Some fields of the Schema cannot be updated. These fields are listed below:
* id
* name
* created
* modified
* identityCount
* identityRefreshRequired
* Authoritative Source and Identity Attribute Configuration cannot be modified at once.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of Identity Profile update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**IdentityProfile**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The updated Identity Profile. | IdentityProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "ef38f94347e94562b5bb8424a56397d8" # String | The Identity Profile ID
# JsonPatchOperation[] | A list of Identity Profile update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update the Identity Profile
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-IdentityProfile-IdentityProfileId $IdentityProfileId -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-IdentityProfile -IdentityProfileId $IdentityProfileId -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

354
docs/tools/sdk/powershell/refrence/v3/Methods/LifecycleStatesApi.md Normal file
View File

@@ -0,0 +1,354 @@
---
id: lifecycle-states
title: LifecycleStates
pagination_label: LifecycleStates
sidebar_label: LifecycleStates
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'LifecycleStates']
slug: /tools/sdk/powershell/v3/methods/lifecycle-states
tags: ['SDK', 'Software Development Kit', 'LifecycleStates']
---
# LifecycleStates
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-LifecycleState**](#create-lifecycle-state) | **POST** `/identity-profiles/{identity-profile-id}/lifecycle-states` | Create Lifecycle State
[**Remove-LifecycleState**](#delete-lifecycle-state) | **DELETE** `/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}` | Delete Lifecycle State
[**Get-LifecycleState**](#get-lifecycle-state) | **GET** `/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}` | Get Lifecycle State
[**Get-LifecycleStates**](#get-lifecycle-states) | **GET** `/identity-profiles/{identity-profile-id}/lifecycle-states` | Lists LifecycleStates
[**Set-LifecycleState**](#set-lifecycle-state) | **POST** `/identities/{identity-id}/set-lifecycle-state` | Set Lifecycle State
[**Update-LifecycleStates**](#update-lifecycle-states) | **PATCH** `/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}` | Update Lifecycle State
## create-lifecycle-state
Use this endpoint to create a lifecycle state.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Body | LifecycleState | [**LifecycleState**](../models/lifecycle-state) | True | Lifecycle state to be created.
### Return type
[**LifecycleState**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created LifecycleState object. | LifecycleState
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleState = @"{
"accessProfileIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ],
"emailNotificationOption" : {
"notifyManagers" : true,
"notifySpecificUsers" : true,
"emailAddressList" : [ "test@test.com", "test2@test.com" ],
"notifyAllAdmins" : true
},
"created" : "2015-05-28T14:07:17Z",
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"description" : "Lifecycle description",
"accountActions" : [ {
"action" : "ENABLE",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
}, {
"action" : "ENABLE",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
} ],
"id" : "id12345",
"identityCount" : 42,
"technicalName" : "Technical Name",
"identityState" : "identityState",
"enabled" : true
}"@
# Create Lifecycle State
try {
$Result = ConvertFrom-JsonToLifecycleState -Json $LifecycleState
New-LifecycleState-IdentityProfileId $IdentityProfileId -LifecycleState $Result
# Below is a request that includes all optional parameters
# New-LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleState $LifecycleState
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-lifecycle-state
Use this endpoint to delete the lifecycle state by its ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Path | LifecycleStateId | **String** | True | Lifecycle state ID.
### Return type
[**LifecyclestateDeleted**](../models/lifecyclestate-deleted)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | The request was successfully accepted into the system. | LifecyclestateDeleted
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleStateId = "ef38f94347e94562b5bb8424a56397d8" # String | Lifecycle state ID.
# Delete Lifecycle State
try {
Remove-LifecycleState-IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
# Below is a request that includes all optional parameters
# Remove-LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-lifecycle-state
Use this endpoint to get a lifecycle state by its ID and its associated identity profile ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Path | LifecycleStateId | **String** | True | Lifecycle state ID.
### Return type
[**LifecycleState**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested LifecycleState was successfully retrieved. | LifecycleState
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleStateId = "ef38f94347e94562b5bb8424a56397d8" # String | Lifecycle state ID.
# Get Lifecycle State
try {
Get-LifecycleState-IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
# Below is a request that includes all optional parameters
# Get-LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-lifecycle-states
Use this endpoint to list all lifecycle states by their associated identity profiles.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
[**LifecycleState[]**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of LifecycleState objects. | LifecycleState[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "created,modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Lists LifecycleStates
try {
Get-LifecycleStates-IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Get-LifecycleStates -IdentityProfileId $IdentityProfileId -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-LifecycleStates"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-lifecycle-state
Use this API to set/update an identity's lifecycle state to the one provided and update the corresponding identity profile.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | ID of the identity to update.
Body | SetLifecycleStateRequest | [**SetLifecycleStateRequest**](../models/set-lifecycle-state-request) | True |
### Return type
[**SetLifecycleState200Response**](../models/set-lifecycle-state200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The request was successfully accepted into the system. | SetLifecycleState200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityId = "2c9180857893f1290178944561990364" # String | ID of the identity to update.
$SetLifecycleStateRequest = @""@
# Set Lifecycle State
try {
$Result = ConvertFrom-JsonToSetLifecycleStateRequest -Json $SetLifecycleStateRequest
Set-LifecycleState-IdentityId $IdentityId -SetLifecycleStateRequest $Result
# Below is a request that includes all optional parameters
# Set-LifecycleState -IdentityId $IdentityId -SetLifecycleStateRequest $SetLifecycleStateRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-lifecycle-states
Use this endpoint to update individual lifecycle state fields, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Path | LifecycleStateId | **String** | True | Lifecycle state ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of lifecycle state update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields can be updated: * enabled * description * accountActions * accessProfileIds * emailNotificationOption
### Return type
[**LifecycleState**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The LifecycleState was successfully updated. | LifecycleState
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleStateId = "ef38f94347e94562b5bb8424a56397d8" # String | Lifecycle state ID.
# JsonPatchOperation[] | A list of lifecycle state update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields can be updated: * enabled * description * accountActions * accessProfileIds * emailNotificationOption
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Lifecycle State
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-LifecycleStates-IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-LifecycleStates -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-LifecycleStates"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

409
docs/tools/sdk/powershell/refrence/v3/Methods/MFAConfigurationApi.md Normal file
View File

@@ -0,0 +1,409 @@
---
id: mfa-configuration
title: MFAConfiguration
pagination_label: MFAConfiguration
sidebar_label: MFAConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'MFAConfiguration']
slug: /tools/sdk/powershell/v3/methods/mfa-configuration
tags: ['SDK', 'Software Development Kit', 'MFAConfiguration']
---
# MFAConfiguration
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Remove-MFAConfig**](#delete-mfa-config) | **DELETE** `/mfa/{method}/delete` | Delete MFA method configuration
[**Get-MFADuoConfig**](#get-mfa-duo-config) | **GET** `/mfa/duo-web/config` | Configuration of Duo MFA method
[**Get-MFAKbaConfig**](#get-mfa-kba-config) | **GET** `/mfa/kba/config` | Configuration of KBA MFA method
[**Get-MFAOktaConfig**](#get-mfa-okta-config) | **GET** `/mfa/okta-verify/config` | Configuration of Okta MFA method
[**Set-MFADuoConfig**](#set-mfa-duo-config) | **PUT** `/mfa/duo-web/config` | Set Duo MFA configuration
[**Set-MFAKBAConfig**](#set-mfakba-config) | **POST** `/mfa/kba/config/answers` | Set MFA KBA configuration
[**Set-MFAOktaConfig**](#set-mfa-okta-config) | **PUT** `/mfa/okta-verify/config` | Set Okta MFA configuration
[**Test-MFAConfig**](#test-mfa-config) | **GET** `/mfa/{method}/test` | MFA method&#39;s test configuration
## delete-mfa-config
This API removes the configuration for the specified MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Method | **String** | True | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
### Return type
[**MfaOktaConfig**](../models/mfa-okta-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MFA configuration of an MFA method. | MfaOktaConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Method = "okta-verify" # String | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
# Delete MFA method configuration
try {
Remove-MFAConfig-Method $Method
# Below is a request that includes all optional parameters
# Remove-MFAConfig -Method $Method
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-MFAConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-mfa-duo-config
This API returns the configuration of an Duo MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**MfaDuoConfig**](../models/mfa-duo-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The configuration of an Duo MFA method. | MfaDuoConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Configuration of Duo MFA method
try {
Get-MFADuoConfig
# Below is a request that includes all optional parameters
# Get-MFADuoConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-MFADuoConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-mfa-kba-config
This API returns the KBA configuration for MFA.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | AllLanguages | **Boolean** | (optional) | Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false
### Return type
[**KbaQuestion[]**](../models/kba-question)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The configuration for KBA MFA method. | KbaQuestion[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$AllLanguages = $false # Boolean | Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false (optional)
# Configuration of KBA MFA method
try {
Get-MFAKbaConfig
# Below is a request that includes all optional parameters
# Get-MFAKbaConfig -AllLanguages $AllLanguages
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-MFAKbaConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-mfa-okta-config
This API returns the configuration of an Okta MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**MfaOktaConfig**](../models/mfa-okta-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The configuration of an Okta MFA method. | MfaOktaConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Configuration of Okta MFA method
try {
Get-MFAOktaConfig
# Below is a request that includes all optional parameters
# Get-MFAOktaConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-MFAOktaConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-mfa-duo-config
This API sets the configuration of an Duo MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | MfaDuoConfig | [**MfaDuoConfig**](../models/mfa-duo-config) | True |
### Return type
[**MfaDuoConfig**](../models/mfa-duo-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MFA configuration of an Duo MFA method. | MfaDuoConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MfaDuoConfig = @"{
"accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
"host" : "example.com",
"configProperties" : {
"skey" : "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x",
"ikey" : "Q123WE45R6TY7890ZXCV"
},
"mfaMethod" : "duo-web",
"enabled" : true,
"identityAttribute" : "email"
}"@
# Set Duo MFA configuration
try {
$Result = ConvertFrom-JsonToMfaDuoConfig -Json $MfaDuoConfig
Set-MFADuoConfig-MfaDuoConfig $Result
# Below is a request that includes all optional parameters
# Set-MFADuoConfig -MfaDuoConfig $MfaDuoConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-MFADuoConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-mfakba-config
This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | KbaAnswerRequestItem | [**[]KbaAnswerRequestItem**](../models/kba-answer-request-item) | True |
### Return type
[**KbaAnswerResponseItem[]**](../models/kba-answer-response-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The new KBA configuration for the user. | KbaAnswerResponseItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
# KbaAnswerRequestItem[] |
$KbaAnswerRequestItem = @"{
"answer" : "Your answer",
"id" : "c54fee53-2d63-4fc5-9259-3e93b9994135"
}"@
# Set MFA KBA configuration
try {
$Result = ConvertFrom-JsonToKbaAnswerRequestItem -Json $KbaAnswerRequestItem
Set-MFAKBAConfig-KbaAnswerRequestItem $Result
# Below is a request that includes all optional parameters
# Set-MFAKBAConfig -KbaAnswerRequestItem $KbaAnswerRequestItem
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-MFAKBAConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-mfa-okta-config
This API sets the configuration of an Okta MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | MfaOktaConfig | [**MfaOktaConfig**](../models/mfa-okta-config) | True |
### Return type
[**MfaOktaConfig**](../models/mfa-okta-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MFA configuration of an Okta MFA method. | MfaOktaConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MfaOktaConfig = @"{
"accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
"host" : "example.com",
"mfaMethod" : "okta-verify",
"enabled" : true,
"identityAttribute" : "email"
}"@
# Set Okta MFA configuration
try {
$Result = ConvertFrom-JsonToMfaOktaConfig -Json $MfaOktaConfig
Set-MFAOktaConfig-MfaOktaConfig $Result
# Below is a request that includes all optional parameters
# Set-MFAOktaConfig -MfaOktaConfig $MfaOktaConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-MFAOktaConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-mfa-config
This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Method | **String** | True | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
### Return type
[**MfaConfigTestResponse**](../models/mfa-config-test-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The result of configuration test for the MFA provider. | MfaConfigTestResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Method = "okta-verify" # String | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
# MFA method's test configuration
try {
Test-MFAConfig-Method $Method
# Below is a request that includes all optional parameters
# Test-MFAConfig -Method $Method
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-MFAConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

324
docs/tools/sdk/powershell/refrence/v3/Methods/MFAControllerApi.md Normal file
View File

@@ -0,0 +1,324 @@
---
id: mfa-controller
title: MFAController
pagination_label: MFAController
sidebar_label: MFAController
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'MFAController']
slug: /tools/sdk/powershell/v3/methods/mfa-controller
tags: ['SDK', 'Software Development Kit', 'MFAController']
---
# MFAController
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-SendToken**](#create-send-token) | **POST** `/mfa/token/send` | Create and send user token
[**Ping-VerificationStatus**](#ping-verification-status) | **POST** `/mfa/{method}/poll` | Polling MFA method by VerificationPollRequest
[**Send-DuoVerifyRequest**](#send-duo-verify-request) | **POST** `/mfa/duo-web/verify` | Verifying authentication via Duo method
[**Send-KbaAnswers**](#send-kba-answers) | **POST** `/mfa/kba/authenticate` | Authenticate KBA provided MFA method
[**Send-OktaVerifyRequest**](#send-okta-verify-request) | **POST** `/mfa/okta-verify/verify` | Verifying authentication via Okta method
[**Send-TokenAuthRequest**](#send-token-auth-request) | **POST** `/mfa/token/authenticate` | Authenticate Token provided MFA method
## create-send-token
This API send token request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SendTokenRequest | [**SendTokenRequest**](../models/send-token-request) | True |
### Return type
[**SendTokenResponse**](../models/send-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Token send status. | SendTokenResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SendTokenRequest = @"{
"userAlias" : "will.albin",
"deliveryType" : "EMAIL_WORK"
}"@
# Create and send user token
try {
$Result = ConvertFrom-JsonToSendTokenRequest -Json $SendTokenRequest
New-SendToken-SendTokenRequest $Result
# Below is a request that includes all optional parameters
# New-SendToken -SendTokenRequest $SendTokenRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-SendToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## ping-verification-status
This API poll the VerificationPollRequest for the specified MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Method | **String** | True | The name of the MFA method. The currently supported method names are 'okta-verify', 'duo-web', 'kba','token', 'rsa'
Body | VerificationPollRequest | [**VerificationPollRequest**](../models/verification-poll-request) | True |
### Return type
[**VerificationResponse**](../models/verification-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MFA VerificationPollRequest status an MFA method. | VerificationResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Method = "okta-verify" # String | The name of the MFA method. The currently supported method names are 'okta-verify', 'duo-web', 'kba','token', 'rsa'
$VerificationPollRequest = @"{
"requestId" : "089899f13a8f4da7824996191587bab9"
}"@
# Polling MFA method by VerificationPollRequest
try {
$Result = ConvertFrom-JsonToVerificationPollRequest -Json $VerificationPollRequest
Ping-VerificationStatus-Method $Method -VerificationPollRequest $Result
# Below is a request that includes all optional parameters
# Ping-VerificationStatus -Method $Method -VerificationPollRequest $VerificationPollRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Ping-VerificationStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-duo-verify-request
This API Authenticates the user via Duo-Web MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | DuoVerificationRequest | [**DuoVerificationRequest**](../models/duo-verification-request) | True |
### Return type
[**VerificationResponse**](../models/verification-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The status of verification request. | VerificationResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$DuoVerificationRequest = @"{
"signedResponse" : "AUTH|d2lsbC5hbGJpbnxESTZNMFpHSThKQVRWTVpZN0M5VXwxNzAxMjUzMDg5|f1f5f8ced5b340f3d303b05d0efa0e43b6a8f970:APP|d2lsbC5hbGJpbnxESTZNMFpHSThKQVRWTVpZN0M5VXwxNzAxMjU2NjE5|cb44cf44353f5127edcae31b1da0355f87357db2",
"userId" : "2c9180947f0ef465017f215cbcfd004b"
}"@
# Verifying authentication via Duo method
try {
$Result = ConvertFrom-JsonToDuoVerificationRequest -Json $DuoVerificationRequest
Send-DuoVerifyRequest-DuoVerificationRequest $Result
# Below is a request that includes all optional parameters
# Send-DuoVerifyRequest -DuoVerificationRequest $DuoVerificationRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-DuoVerifyRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-kba-answers
This API Authenticate user in KBA MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | KbaAnswerRequestItem | [**[]KbaAnswerRequestItem**](../models/kba-answer-request-item) | True |
### Return type
[**KbaAuthResponse**](../models/kba-auth-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | KBA authenticated status. | KbaAuthResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
# KbaAnswerRequestItem[] |
$KbaAnswerRequestItem = @"{
"answer" : "Your answer",
"id" : "c54fee53-2d63-4fc5-9259-3e93b9994135"
}"@
# Authenticate KBA provided MFA method
try {
$Result = ConvertFrom-JsonToKbaAnswerRequestItem -Json $KbaAnswerRequestItem
Send-KbaAnswers-KbaAnswerRequestItem $Result
# Below is a request that includes all optional parameters
# Send-KbaAnswers -KbaAnswerRequestItem $KbaAnswerRequestItem
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-KbaAnswers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-okta-verify-request
This API Authenticates the user via Okta-Verify MFA method. Request requires a header called 'slpt-forwarding', and it must contain a remote IP Address of caller.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | OktaVerificationRequest | [**OktaVerificationRequest**](../models/okta-verification-request) | True |
### Return type
[**VerificationResponse**](../models/verification-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The status of verification request. | VerificationResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$OktaVerificationRequest = @"{
"userId" : "example@mail.com"
}"@
# Verifying authentication via Okta method
try {
$Result = ConvertFrom-JsonToOktaVerificationRequest -Json $OktaVerificationRequest
Send-OktaVerifyRequest-OktaVerificationRequest $Result
# Below is a request that includes all optional parameters
# Send-OktaVerifyRequest -OktaVerificationRequest $OktaVerificationRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-OktaVerifyRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-token-auth-request
This API Authenticate user in Token MFA method.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | TokenAuthRequest | [**TokenAuthRequest**](../models/token-auth-request) | True |
### Return type
[**TokenAuthResponse**](../models/token-auth-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Token authenticated status. | TokenAuthResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$TokenAuthRequest = @"{
"userAlias" : "will.albin",
"deliveryType" : "EMAIL_WORK",
"token" : "12345"
}"@
# Authenticate Token provided MFA method
try {
$Result = ConvertFrom-JsonToTokenAuthRequest -Json $TokenAuthRequest
Send-TokenAuthRequest-TokenAuthRequest $Result
# Below is a request that includes all optional parameters
# Send-TokenAuthRequest -TokenAuthRequest $TokenAuthRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-TokenAuthRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

324
docs/tools/sdk/powershell/refrence/v3/Methods/ManagedClientsApi.md Normal file
View File

@@ -0,0 +1,324 @@
---
id: managed-clients
title: ManagedClients
pagination_label: ManagedClients
sidebar_label: ManagedClients
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ManagedClients']
slug: /tools/sdk/powershell/v3/methods/managed-clients
tags: ['SDK', 'Software Development Kit', 'ManagedClients']
---
# ManagedClients
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-ManagedClient**](#create-managed-client) | **POST** `/managed-clients` | Create Managed Client
[**Remove-ManagedClient**](#delete-managed-client) | **DELETE** `/managed-clients/{id}` | Delete Managed Client
[**Get-ManagedClient**](#get-managed-client) | **GET** `/managed-clients/{id}` | Get Managed Client
[**Get-ManagedClientStatus**](#get-managed-client-status) | **GET** `/managed-clients/{id}/status` | Get Managed Client Status
[**Get-ManagedClients**](#get-managed-clients) | **GET** `/managed-clients` | Get Managed Clients
[**Update-ManagedClient**](#update-managed-client) | **PATCH** `/managed-clients/{id}` | Update Managed Client
## create-managed-client
Create a new managed client.
The API returns a result that includes the managed client ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ManagedClientRequest | [**ManagedClientRequest**](../models/managed-client-request) | True |
### Return type
[**ManagedClient**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created managed client. | ManagedClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ManagedClientRequest = @"{
"name" : "aName",
"description" : "A short description of the ManagedClient",
"clusterId" : "aClusterId",
"type" : "VA"
}"@
# Create Managed Client
try {
$Result = ConvertFrom-JsonToManagedClientRequest -Json $ManagedClientRequest
New-ManagedClient-ManagedClientRequest $Result
# Below is a request that includes all optional parameters
# New-ManagedClient -ManagedClientRequest $ManagedClientRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-managed-client
Delete an existing managed client.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" # String | Managed client ID.
# Delete Managed Client
try {
Remove-ManagedClient-Id $Id
# Below is a request that includes all optional parameters
# Remove-ManagedClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-client
Get managed client by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID.
### Return type
[**ManagedClient**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Managed client response. | ManagedClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" # String | Managed client ID.
# Get Managed Client
try {
Get-ManagedClient-Id $Id
# Below is a request that includes all optional parameters
# Get-ManagedClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-client-status
Get a managed client's status, using its ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID to get status for.
Query | Type | [**ManagedClientType**](../models/managed-client-type) | True | Managed client type to get status for.
### Return type
[**ManagedClientStatus**](../models/managed-client-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with the managed client status, with the given ID and type. | ManagedClientStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "aClientId" # String | Managed client ID to get status for.
$Type = "CCG" # ManagedClientType | Managed client type to get status for.
# Get Managed Client Status
try {
Get-ManagedClientStatus-Id $Id -Type $Type
# Below is a request that includes all optional parameters
# Get-ManagedClientStatus -Id $Id -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ManagedClientStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-clients
List managed clients.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **name**: *eq* **clientId**: *eq* **clusterId**: *eq*
### Return type
[**ManagedClient[]**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with a list of managed clients, based on the specified query parameters. | ManagedClient[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "client name"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **name**: *eq* **clientId**: *eq* **clusterId**: *eq* (optional)
# Get Managed Clients
try {
Get-ManagedClients
# Below is a request that includes all optional parameters
# Get-ManagedClients -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ManagedClients"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-managed-client
Update an existing managed client.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | JSONPatch payload used to update the object.
### Return type
[**ManagedClient**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated managed client. | ManagedClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" # String | Managed client ID.
# JsonPatchOperation[] | JSONPatch payload used to update the object.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Managed Client
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-ManagedClient-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-ManagedClient -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

378
docs/tools/sdk/powershell/refrence/v3/Methods/ManagedClustersApi.md Normal file
View File

@@ -0,0 +1,378 @@
---
id: managed-clusters
title: ManagedClusters
pagination_label: ManagedClusters
sidebar_label: ManagedClusters
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ManagedClusters']
slug: /tools/sdk/powershell/v3/methods/managed-clusters
tags: ['SDK', 'Software Development Kit', 'ManagedClusters']
---
# ManagedClusters
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-ManagedCluster**](#create-managed-cluster) | **POST** `/managed-clusters` | Create Create Managed Cluster
[**Remove-ManagedCluster**](#delete-managed-cluster) | **DELETE** `/managed-clusters/{id}` | Delete Managed Cluster
[**Get-ClientLogConfiguration**](#get-client-log-configuration) | **GET** `/managed-clusters/{id}/log-config` | Get Managed Cluster Log Configuration
[**Get-ManagedCluster**](#get-managed-cluster) | **GET** `/managed-clusters/{id}` | Get Managed Cluster
[**Get-ManagedClusters**](#get-managed-clusters) | **GET** `/managed-clusters` | Get Managed Clusters
[**Send-ClientLogConfiguration**](#put-client-log-configuration) | **PUT** `/managed-clusters/{id}/log-config` | Update Managed Cluster Log Configuration
[**Update-ManagedCluster**](#update-managed-cluster) | **PATCH** `/managed-clusters/{id}` | Update Managed Cluster
## create-managed-cluster
Create a new Managed Cluster.
The API returns a result that includes the managed cluster ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ManagedClusterRequest | [**ManagedClusterRequest**](../models/managed-cluster-request) | True |
### Return type
[**ManagedCluster**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created managed cluster. | ManagedCluster
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ManagedClusterRequest = @"{
"configuration" : {
"clusterExternalId" : "externalId",
"ccgVersion" : "77.0.0"
},
"name" : "Managed Cluster Name",
"description" : "A short description of the managed cluster.",
"type" : "idn"
}"@
# Create Create Managed Cluster
try {
$Result = ConvertFrom-JsonToManagedClusterRequest -Json $ManagedClusterRequest
New-ManagedCluster-ManagedClusterRequest $Result
# Below is a request that includes all optional parameters
# New-ManagedCluster -ManagedClusterRequest $ManagedClusterRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-managed-cluster
Delete an existing managed cluster.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed cluster ID.
Query | RemoveClients | **Boolean** | (optional) (default to $false) | Flag to determine the need to delete a cluster with clients.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180897de347a2017de8859e8c5039" # String | Managed cluster ID.
$RemoveClients = $false # Boolean | Flag to determine the need to delete a cluster with clients. (optional) (default to $false)
# Delete Managed Cluster
try {
Remove-ManagedCluster-Id $Id
# Below is a request that includes all optional parameters
# Remove-ManagedCluster -Id $Id -RemoveClients $RemoveClients
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-client-log-configuration
Get a managed cluster's log configuration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of managed cluster to get log configuration for.
### Return type
[**ClientLogConfiguration**](../models/client-log-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Log configuration of managed cluster for given cluster ID. | ClientLogConfiguration
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | ID of managed cluster to get log configuration for.
# Get Managed Cluster Log Configuration
try {
Get-ClientLogConfiguration-Id $Id
# Below is a request that includes all optional parameters
# Get-ClientLogConfiguration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ClientLogConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-cluster
Get a managed cluster by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed cluster ID.
### Return type
[**ManagedCluster**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with managed cluster for the given ID. | ManagedCluster
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180897de347a2017de8859e8c5039" # String | Managed cluster ID.
# Get Managed Cluster
try {
Get-ManagedCluster-Id $Id
# Below is a request that includes all optional parameters
# Get-ManagedCluster -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-clusters
List current organization's managed clusters, based on request context.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq*
### Return type
[**ManagedCluster[]**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with a list of managed clusters. | ManagedCluster[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'operational eq "operation"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq* (optional)
# Get Managed Clusters
try {
Get-ManagedClusters
# Below is a request that includes all optional parameters
# Get-ManagedClusters -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ManagedClusters"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-client-log-configuration
Update a managed cluster's log configuration. You may only specify one of `durationMinutes` or `expiration`, up to 1440 minutes (24 hours) in the future. If neither is specified, the default value for `durationMinutes` is 240.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the managed cluster to update the log configuration for.
Body | PutClientLogConfigurationRequest | [**PutClientLogConfigurationRequest**](../models/put-client-log-configuration-request) | True | Client log configuration for the given managed cluster.
### Return type
[**ClientLogConfiguration**](../models/client-log-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with updated client log configuration for the given managed cluster. | ClientLogConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | ID of the managed cluster to update the log configuration for.
$PutClientLogConfigurationRequest = @""@
# Update Managed Cluster Log Configuration
try {
$Result = ConvertFrom-JsonToPutClientLogConfigurationRequest -Json $PutClientLogConfigurationRequest
Send-ClientLogConfiguration-Id $Id -PutClientLogConfigurationRequest $Result
# Below is a request that includes all optional parameters
# Send-ClientLogConfiguration -Id $Id -PutClientLogConfigurationRequest $PutClientLogConfigurationRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ClientLogConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-managed-cluster
Update an existing managed cluster.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed cluster ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | JSONPatch payload used to update the object.
### Return type
[**ManagedCluster**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated managed cluster. | ManagedCluster
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180897de347a2017de8859e8c5039" # String | Managed cluster ID.
# JsonPatchOperation[] | JSONPatch payload used to update the object.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Managed Cluster
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-ManagedCluster-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-ManagedCluster -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1721
docs/tools/sdk/powershell/refrence/v3/Methods/NonEmployeeLifecycleManagementApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

280
docs/tools/sdk/powershell/refrence/v3/Methods/OAuthClientsApi.md Normal file
View File

@@ -0,0 +1,280 @@
---
id: o-auth-clients
title: OAuthClients
pagination_label: OAuthClients
sidebar_label: OAuthClients
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'OAuthClients']
slug: /tools/sdk/powershell/v3/methods/o-auth-clients
tags: ['SDK', 'Software Development Kit', 'OAuthClients']
---
# OAuthClients
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-OauthClient**](#create-oauth-client) | **POST** `/oauth-clients` | Create OAuth Client
[**Remove-OauthClient**](#delete-oauth-client) | **DELETE** `/oauth-clients/{id}` | Delete OAuth Client
[**Get-OauthClient**](#get-oauth-client) | **GET** `/oauth-clients/{id}` | Get OAuth Client
[**Get-OauthClients**](#list-oauth-clients) | **GET** `/oauth-clients` | List OAuth Clients
[**Update-OauthClient**](#patch-oauth-client) | **PATCH** `/oauth-clients/{id}` | Patch OAuth Client
## create-oauth-client
This creates an OAuth client.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateOAuthClientRequest | [**CreateOAuthClientRequest**](../models/create-o-auth-client-request) | True |
### Return type
[**CreateOAuthClientResponse**](../models/create-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | CreateOAuthClientResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateOAuthClientRequest = @"{
"internal" : false,
"businessName" : "Acme-Solar",
"description" : "An API client used for the authorization_code, refresh_token, and client_credentials flows",
"refreshTokenValiditySeconds" : 86400,
"type" : "CONFIDENTIAL",
"redirectUris" : [ "http://localhost:12345" ],
"enabled" : true,
"accessType" : "OFFLINE",
"grantTypes" : [ "AUTHORIZATION_CODE", "CLIENT_CREDENTIALS", "REFRESH_TOKEN" ],
"strongAuthSupported" : false,
"homepageUrl" : "http://localhost:12345",
"accessTokenValiditySeconds" : 750,
"scope" : [ "demo:api-client-scope:first", "demo:api-client-scope:second" ],
"name" : "Demo API Client",
"claimsSupported" : false
}"@
# Create OAuth Client
try {
$Result = ConvertFrom-JsonToCreateOAuthClientRequest -Json $CreateOAuthClientRequest
New-OauthClient-CreateOAuthClientRequest $Result
# Below is a request that includes all optional parameters
# New-OauthClient -CreateOAuthClientRequest $CreateOAuthClientRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-oauth-client
This deletes an OAuth client.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The OAuth client id
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The OAuth client id
# Delete OAuth Client
try {
Remove-OauthClient-Id $Id
# Below is a request that includes all optional parameters
# Remove-OauthClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-oauth-client
This gets details of an OAuth client.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The OAuth client id
### Return type
[**GetOAuthClientResponse**](../models/get-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | GetOAuthClientResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The OAuth client id
# Get OAuth Client
try {
Get-OauthClient-Id $Id
# Below is a request that includes all optional parameters
# Get-OauthClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-oauth-clients
This gets a list of OAuth clients.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull*
### Return type
[**GetOAuthClientResponse[]**](../models/get-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of OAuth clients. | GetOAuthClientResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Filters = 'lastUsed le 2023-02-05T10:59:27.214Z' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull* (optional)
# List OAuth Clients
try {
Get-OauthClients
# Below is a request that includes all optional parameters
# Get-OauthClients -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-OauthClients"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-oauth-client
This performs a targeted update to the field(s) of an OAuth client.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The OAuth client id
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * tenant * businessName * homepageUrl * name * description * accessTokenValiditySeconds * refreshTokenValiditySeconds * redirectUris * grantTypes * accessType * enabled * strongAuthSupported * claimsSupported
### Return type
[**GetOAuthClientResponse**](../models/get-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the OAuth client&#39;s new representation. | GetOAuthClientResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The OAuth client id
# JsonPatchOperation[] | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * tenant * businessName * homepageUrl * name * description * accessTokenValiditySeconds * refreshTokenValiditySeconds * redirectUris * grantTypes * accessType * enabled * strongAuthSupported * claimsSupported
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Patch OAuth Client
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-OauthClient-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-OauthClient -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

173
docs/tools/sdk/powershell/refrence/v3/Methods/PasswordConfigurationApi.md Normal file
View File

@@ -0,0 +1,173 @@
---
id: password-configuration
title: PasswordConfiguration
pagination_label: PasswordConfiguration
sidebar_label: PasswordConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordConfiguration']
slug: /tools/sdk/powershell/v3/methods/password-configuration
tags: ['SDK', 'Software Development Kit', 'PasswordConfiguration']
---
# PasswordConfiguration
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-PasswordOrgConfig**](#create-password-org-config) | **POST** `/password-org-config` | Create Password Org Config
[**Get-PasswordOrgConfig**](#get-password-org-config) | **GET** `/password-org-config` | Get Password Org Config
[**Send-PasswordOrgConfig**](#put-password-org-config) | **PUT** `/password-org-config` | Update Password Org Config
## create-password-org-config
This API creates the password org config. Unspecified fields will use default value.
To be able to use the custom password instructions, you must set the `customInstructionsEnabled` field to "true".
Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordOrgConfig | [**PasswordOrgConfig**](../models/password-org-config) | True |
### Return type
[**PasswordOrgConfig**](../models/password-org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password org config. | PasswordOrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordOrgConfig = @"{
"digitTokenLength" : 9,
"digitTokenEnabled" : true,
"digitTokenDurationMinutes" : 10,
"customInstructionsEnabled" : true
}"@
# Create Password Org Config
try {
$Result = ConvertFrom-JsonToPasswordOrgConfig -Json $PasswordOrgConfig
New-PasswordOrgConfig-PasswordOrgConfig $Result
# Below is a request that includes all optional parameters
# New-PasswordOrgConfig -PasswordOrgConfig $PasswordOrgConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-PasswordOrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-org-config
This API returns the password org config . Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:read'
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**PasswordOrgConfig**](../models/password-org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password org config. | PasswordOrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Password Org Config
try {
Get-PasswordOrgConfig
# Below is a request that includes all optional parameters
# Get-PasswordOrgConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordOrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-password-org-config
This API updates the password org config for specified fields. Other fields will keep original value.
You must set the `customInstructionsEnabled` field to "true" to be able to use custom password instructions.
Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordOrgConfig | [**PasswordOrgConfig**](../models/password-org-config) | True |
### Return type
[**PasswordOrgConfig**](../models/password-org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password org config. | PasswordOrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordOrgConfig = @"{
"digitTokenLength" : 9,
"digitTokenEnabled" : true,
"digitTokenDurationMinutes" : 10,
"customInstructionsEnabled" : true
}"@
# Update Password Org Config
try {
$Result = ConvertFrom-JsonToPasswordOrgConfig -Json $PasswordOrgConfig
Send-PasswordOrgConfig-PasswordOrgConfig $Result
# Below is a request that includes all optional parameters
# Send-PasswordOrgConfig -PasswordOrgConfig $PasswordOrgConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-PasswordOrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

170
docs/tools/sdk/powershell/refrence/v3/Methods/PasswordDictionaryApi.md Normal file
View File

@@ -0,0 +1,170 @@
---
id: password-dictionary
title: PasswordDictionary
pagination_label: PasswordDictionary
sidebar_label: PasswordDictionary
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordDictionary']
slug: /tools/sdk/powershell/v3/methods/password-dictionary
tags: ['SDK', 'Software Development Kit', 'PasswordDictionary']
---
# PasswordDictionary
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-PasswordDictionary**](#get-password-dictionary) | **GET** `/password-dictionary` | Get Password Dictionary
[**Send-PasswordDictionary**](#put-password-dictionary) | **PUT** `/password-dictionary` | Update Password Dictionary
## get-password-dictionary
This gets password dictionary for the organization.
The password dictionary file can contain lines that are:
1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing
2. empty lines
3. locale line - the first line that starts with "locale=" is considered to be locale line, the rest are treated as normal content lines
4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;
maximum length of the line is 128 Unicode codepoints
Password dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).
Password dict file must contain UTF-8 characters only.
# Sample password text file
```
# Password dictionary small test file
locale=en_US
# Password dictionary prohibited words
qwerty
abcd
aaaaa
password
qazxsws
```
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A password dictionary response | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/plain, application/json
### Example
```powershell
# Get Password Dictionary
try {
Get-PasswordDictionary
# Below is a request that includes all optional parameters
# Get-PasswordDictionary
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordDictionary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-password-dictionary
This updates password dictionary for the organization.
The password dictionary file can contain lines that are:
1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing
2. empty lines
3. locale line - the first line that starts with "locale=" is considered to be locale line, the rest are treated as normal content lines
4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;
maximum length of the line is 128 Unicode codepoints
Password dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).
Password dict file must contain UTF-8 characters only.
# Sample password text file
```
# Password dictionary small test file
locale=en_US
# Password dictionary prohibited words
qwerty
abcd
aaaaa
password
qazxsws
```
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| File | **System.IO.FileInfo** | (optional) |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully updated. |
201 | Created. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$File = # System.IO.FileInfo | (optional)
# Update Password Dictionary
try {
Send-PasswordDictionary
# Below is a request that includes all optional parameters
# Send-PasswordDictionary -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-PasswordDictionary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

191
docs/tools/sdk/powershell/refrence/v3/Methods/PasswordManagementApi.md Normal file
View File

@@ -0,0 +1,191 @@
---
id: password-management
title: PasswordManagement
pagination_label: PasswordManagement
sidebar_label: PasswordManagement
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordManagement']
slug: /tools/sdk/powershell/v3/methods/password-management
tags: ['SDK', 'Software Development Kit', 'PasswordManagement']
---
# PasswordManagement
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-PasswordChangeStatus**](#get-password-change-status) | **GET** `/password-change-status/{id}` | Get Password Change Request Status
[**Search-PasswordInfo**](#query-password-info) | **POST** `/query-password-info` | Query Password Info
[**Set-Password**](#set-password) | **POST** `/set-password` | Set Identity&#39;s Password
## get-password-change-status
This API returns the status of a password change request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Password change request ID
### Return type
[**PasswordStatus**](../models/password-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the password change request | PasswordStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "089899f13a8f4da7824996191587bab9" # String | Password change request ID
# Get Password Change Request Status
try {
Get-PasswordChangeStatus-Id $Id
# Below is a request that includes all optional parameters
# Get-PasswordChangeStatus -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordChangeStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## query-password-info
This API is used to query password related information.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordInfoQueryDTO | [**PasswordInfoQueryDTO**](../models/password-info-query-dto) | True |
### Return type
[**PasswordInfo**](../models/password-info)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password info. | PasswordInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordInfoQueryDTO = @"{
"sourceName" : "My-AD",
"userName" : "Abby.Smith"
}"@
# Query Password Info
try {
$Result = ConvertFrom-JsonToPasswordInfoQueryDTO -Json $PasswordInfoQueryDTO
Search-PasswordInfo-PasswordInfoQueryDTO $Result
# Below is a request that includes all optional parameters
# Search-PasswordInfo -PasswordInfoQueryDTO $PasswordInfoQueryDTO
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-PasswordInfo"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-password
This API is used to set a password for an identity.
An identity can change their own password (as well as any of their accounts' passwords) if they use a token generated by their ISC user, such as a [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) or ["authorization_code" derived OAuth token](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow).
>**Note: If you want to set an identity's source account password, you must enable `PASSWORD` as one of the source's features. You can use the [PATCH Source endpoint](https://developer.sailpoint.com/docs/api/v3/update-source) to add the `PASSWORD` feature.**
To generate the encryptedPassword (RSA encrypted using publicKey) for the request body, run the following command:
```bash
echo -n "myPassword" | openssl pkeyutl -encrypt -inkey public_key.pem -pubin | base64
```
In this example, myPassword is the plain text password being set and encrypted, and public_key.pem is the path to the public key file. You can retrieve the required publicKey, along with other information like identityId, sourceId, publicKeyId, accounts, and policies, using the Query Password Info endpoint.
To successfully run this command, you must have OpenSSL installed on your machine. If OpenSSL is unavailable, consider using the Virtual Appliance (VA), which has OpenSSL pre-installed and configured.
If you are using a Windows machine, refer to this [guide](https://tecadmin.net/install-openssl-on-windows/) for instructions on installing OpenSSL.
You can then use [Get Password Change Request Status](https://developer.sailpoint.com/idn/api/v3/get-password-change-status) to check the password change request status. To do so, you must provide the `requestId` from your earlier request to set the password.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordChangeRequest | [**PasswordChangeRequest**](../models/password-change-request) | True |
### Return type
[**PasswordChangeResponse**](../models/password-change-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Reference to the password change. | PasswordChangeResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordChangeRequest = @"{
"sourceId" : "8a807d4c73c545510173c545d4b60246",
"accountId" : "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com",
"identityId" : "8a807d4c73c545510173c545f0a002ff",
"publicKeyId" : "YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2",
"encryptedPassword" : "XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A=="
}"@
# Set Identity's Password
try {
$Result = ConvertFrom-JsonToPasswordChangeRequest -Json $PasswordChangeRequest
Set-Password-PasswordChangeRequest $Result
# Below is a request that includes all optional parameters
# Set-Password -PasswordChangeRequest $PasswordChangeRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-Password"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

328
docs/tools/sdk/powershell/refrence/v3/Methods/PasswordPoliciesApi.md Normal file
View File

@@ -0,0 +1,328 @@
---
id: password-policies
title: PasswordPolicies
pagination_label: PasswordPolicies
sidebar_label: PasswordPolicies
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordPolicies']
slug: /tools/sdk/powershell/v3/methods/password-policies
tags: ['SDK', 'Software Development Kit', 'PasswordPolicies']
---
# PasswordPolicies
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-PasswordPolicy**](#create-password-policy) | **POST** `/password-policies` | Create Password Policy
[**Remove-PasswordPolicy**](#delete-password-policy) | **DELETE** `/password-policies/{id}` | Delete Password Policy by ID
[**Get-PasswordPolicyById**](#get-password-policy-by-id) | **GET** `/password-policies/{id}` | Get Password Policy by ID
[**Get-PasswordPolicies**](#list-password-policies) | **GET** `/password-policies` | List Password Policies
[**Set-PasswordPolicy**](#set-password-policy) | **PUT** `/password-policies/{id}` | Update Password Policy by ID
## create-password-policy
This API creates the specified password policy.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordPolicyV3Dto | [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) | True |
### Return type
[**PasswordPolicyV3Dto**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password policy. | PasswordPolicyV3Dto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordPolicyV3Dto = @"{
"validateAgainstAccountName" : true,
"minLength" : 8,
"description" : "Information about the Password Policy",
"requireStrongAuthUntrustedGeographies" : true,
"enablePasswdExpiration" : true,
"minNumeric" : 8,
"lastUpdated" : "2000-01-23T04:56:07.000+00:00",
"validateAgainstAccountId" : false,
"dateCreated" : "2000-01-23T04:56:07.000+00:00",
"accountNameMinWordLength" : 6,
"minUpper" : 8,
"firstExpirationReminder" : 45,
"modified" : "modified",
"id" : "2c91808e7d976f3b017d9f5ceae440c8",
"requireStrongAuthn" : true,
"useDictionary" : false,
"minSpecial" : 8,
"sourceIds" : [ "2c91808382ffee0b01830de154f14034", "2f98808382ffee0b01830de154f12134" ],
"passwordExpiration" : 8,
"maxRepeatedChars" : 3,
"minCharacterTypes" : 5,
"minAlpha" : 5,
"created" : "created",
"useAccountAttributes" : false,
"accountIdMinWordLength" : 4,
"minLower" : 8,
"useIdentityAttributes" : false,
"defaultPolicy" : true,
"requireStrongAuthOffNetwork" : true,
"name" : "PasswordPolicy Example",
"maxLength" : 25
}"@
# Create Password Policy
try {
$Result = ConvertFrom-JsonToPasswordPolicyV3Dto -Json $PasswordPolicyV3Dto
New-PasswordPolicy-PasswordPolicyV3Dto $Result
# Below is a request that includes all optional parameters
# New-PasswordPolicy -PasswordPolicyV3Dto $PasswordPolicyV3Dto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-PasswordPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-password-policy
This API deletes the specified password policy.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password policy to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ff808081838d9e9d01838da6a03e0002" # String | The ID of password policy to delete.
# Delete Password Policy by ID
try {
Remove-PasswordPolicy-Id $Id
# Below is a request that includes all optional parameters
# Remove-PasswordPolicy -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-PasswordPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-policy-by-id
This API returns the password policy for the specified ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password policy to retrieve.
### Return type
[**PasswordPolicyV3Dto**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password policy. | PasswordPolicyV3Dto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ff808081838d9e9d01838da6a03e0005" # String | The ID of password policy to retrieve.
# Get Password Policy by ID
try {
Get-PasswordPolicyById-Id $Id
# Below is a request that includes all optional parameters
# Get-PasswordPolicyById -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordPolicyById"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-password-policies
This gets list of all Password Policies.
Requires role of ORG_ADMIN
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PasswordPolicyV3Dto[]**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all Password Policies. | PasswordPolicyV3Dto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Password Policies
try {
Get-PasswordPolicies
# Below is a request that includes all optional parameters
# Get-PasswordPolicies -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordPolicies"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-password-policy
This API updates the specified password policy.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password policy to update.
Body | PasswordPolicyV3Dto | [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) | True |
### Return type
[**PasswordPolicyV3Dto**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password policy. | PasswordPolicyV3Dto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ff808081838d9e9d01838da6a03e0007" # String | The ID of password policy to update.
$PasswordPolicyV3Dto = @"{
"validateAgainstAccountName" : true,
"minLength" : 8,
"description" : "Information about the Password Policy",
"requireStrongAuthUntrustedGeographies" : true,
"enablePasswdExpiration" : true,
"minNumeric" : 8,
"lastUpdated" : "2000-01-23T04:56:07.000+00:00",
"validateAgainstAccountId" : false,
"dateCreated" : "2000-01-23T04:56:07.000+00:00",
"accountNameMinWordLength" : 6,
"minUpper" : 8,
"firstExpirationReminder" : 45,
"modified" : "modified",
"id" : "2c91808e7d976f3b017d9f5ceae440c8",
"requireStrongAuthn" : true,
"useDictionary" : false,
"minSpecial" : 8,
"sourceIds" : [ "2c91808382ffee0b01830de154f14034", "2f98808382ffee0b01830de154f12134" ],
"passwordExpiration" : 8,
"maxRepeatedChars" : 3,
"minCharacterTypes" : 5,
"minAlpha" : 5,
"created" : "created",
"useAccountAttributes" : false,
"accountIdMinWordLength" : 4,
"minLower" : 8,
"useIdentityAttributes" : false,
"defaultPolicy" : true,
"requireStrongAuthOffNetwork" : true,
"name" : "PasswordPolicy Example",
"maxLength" : 25
}"@
# Update Password Policy by ID
try {
$Result = ConvertFrom-JsonToPasswordPolicyV3Dto -Json $PasswordPolicyV3Dto
Set-PasswordPolicy-Id $Id -PasswordPolicyV3Dto $Result
# Below is a request that includes all optional parameters
# Set-PasswordPolicy -Id $Id -PasswordPolicyV3Dto $PasswordPolicyV3Dto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-PasswordPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

275
docs/tools/sdk/powershell/refrence/v3/Methods/PasswordSyncGroupsApi.md Normal file
View File

@@ -0,0 +1,275 @@
---
id: password-sync-groups
title: PasswordSyncGroups
pagination_label: PasswordSyncGroups
sidebar_label: PasswordSyncGroups
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordSyncGroups']
slug: /tools/sdk/powershell/v3/methods/password-sync-groups
tags: ['SDK', 'Software Development Kit', 'PasswordSyncGroups']
---
# PasswordSyncGroups
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-PasswordSyncGroup**](#create-password-sync-group) | **POST** `/password-sync-groups` | Create Password Sync Group
[**Remove-PasswordSyncGroup**](#delete-password-sync-group) | **DELETE** `/password-sync-groups/{id}` | Delete Password Sync Group by ID
[**Get-PasswordSyncGroup**](#get-password-sync-group) | **GET** `/password-sync-groups/{id}` | Get Password Sync Group by ID
[**Get-PasswordSyncGroups**](#get-password-sync-groups) | **GET** `/password-sync-groups` | Get Password Sync Group List
[**Update-PasswordSyncGroup**](#update-password-sync-group) | **PUT** `/password-sync-groups/{id}` | Update Password Sync Group by ID
## create-password-sync-group
This API creates a password sync group based on the specifications provided.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordSyncGroup | [**PasswordSyncGroup**](../models/password-sync-group) | True |
### Return type
[**PasswordSyncGroup**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password sync group. | PasswordSyncGroup
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordSyncGroup = @"{
"created" : "2023-03-16T04:00:00Z",
"name" : "Password Sync Group 1",
"modified" : "2023-03-16T04:00:00Z",
"passwordPolicyId" : "2c91808d744ba0ce01746f93b6204501",
"id" : "6881f631-3bd5-4213-9c75-8e05cc3e35dd",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
}"@
# Create Password Sync Group
try {
$Result = ConvertFrom-JsonToPasswordSyncGroup -Json $PasswordSyncGroup
New-PasswordSyncGroup-PasswordSyncGroup $Result
# Below is a request that includes all optional parameters
# New-PasswordSyncGroup -PasswordSyncGroup $PasswordSyncGroup
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-password-sync-group
This API deletes the specified password sync group.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password sync group to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "6881f631-3bd5-4213-9c75-8e05cc3e35dd" # String | The ID of password sync group to delete.
# Delete Password Sync Group by ID
try {
Remove-PasswordSyncGroup-Id $Id
# Below is a request that includes all optional parameters
# Remove-PasswordSyncGroup -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-sync-group
This API returns the sync group for the specified ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password sync group to retrieve.
### Return type
[**PasswordSyncGroup**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password sync group. | PasswordSyncGroup
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "6881f631-3bd5-4213-9c75-8e05cc3e35dd" # String | The ID of password sync group to retrieve.
# Get Password Sync Group by ID
try {
Get-PasswordSyncGroup-Id $Id
# Below is a request that includes all optional parameters
# Get-PasswordSyncGroup -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-sync-groups
This API returns a list of password sync groups.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PasswordSyncGroup[]**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of password sync groups. | PasswordSyncGroup[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Get Password Sync Group List
try {
Get-PasswordSyncGroups
# Below is a request that includes all optional parameters
# Get-PasswordSyncGroups -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PasswordSyncGroups"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-password-sync-group
This API updates the specified password sync group.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password sync group to update.
Body | PasswordSyncGroup | [**PasswordSyncGroup**](../models/password-sync-group) | True |
### Return type
[**PasswordSyncGroup**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password sync group. | PasswordSyncGroup
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "6881f631-3bd5-4213-9c75-8e05cc3e35dd" # String | The ID of password sync group to update.
$PasswordSyncGroup = @"{
"created" : "2023-03-16T04:00:00Z",
"name" : "Password Sync Group 1",
"modified" : "2023-03-16T04:00:00Z",
"passwordPolicyId" : "2c91808d744ba0ce01746f93b6204501",
"id" : "6881f631-3bd5-4213-9c75-8e05cc3e35dd",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
}"@
# Update Password Sync Group by ID
try {
$Result = ConvertFrom-JsonToPasswordSyncGroup -Json $PasswordSyncGroup
Update-PasswordSyncGroup-Id $Id -PasswordSyncGroup $Result
# Below is a request that includes all optional parameters
# Update-PasswordSyncGroup -Id $Id -PasswordSyncGroup $PasswordSyncGroup
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

224
docs/tools/sdk/powershell/refrence/v3/Methods/PersonalAccessTokensApi.md Normal file
View File

@@ -0,0 +1,224 @@
---
id: personal-access-tokens
title: PersonalAccessTokens
pagination_label: PersonalAccessTokens
sidebar_label: PersonalAccessTokens
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PersonalAccessTokens']
slug: /tools/sdk/powershell/v3/methods/personal-access-tokens
tags: ['SDK', 'Software Development Kit', 'PersonalAccessTokens']
---
# PersonalAccessTokens
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-PersonalAccessToken**](#create-personal-access-token) | **POST** `/personal-access-tokens` | Create Personal Access Token
[**Remove-PersonalAccessToken**](#delete-personal-access-token) | **DELETE** `/personal-access-tokens/{id}` | Delete Personal Access Token
[**Get-PersonalAccessTokens**](#list-personal-access-tokens) | **GET** `/personal-access-tokens` | List Personal Access Tokens
[**Update-PersonalAccessToken**](#patch-personal-access-token) | **PATCH** `/personal-access-tokens/{id}` | Patch Personal Access Token
## create-personal-access-token
This creates a personal access token.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreatePersonalAccessTokenRequest | [**CreatePersonalAccessTokenRequest**](../models/create-personal-access-token-request) | True | Name and scope of personal access token.
### Return type
[**CreatePersonalAccessTokenResponse**](../models/create-personal-access-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created. Note - this is the only time Personal Access Tokens&#39; secret attribute will be displayed. | CreatePersonalAccessTokenResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreatePersonalAccessTokenRequest = @"{
"scope" : [ "demo:personal-access-token-scope:first", "demo:personal-access-token-scope:second" ],
"accessTokenValiditySeconds" : 36900,
"name" : "NodeJS Integration"
}"@
# Create Personal Access Token
try {
$Result = ConvertFrom-JsonToCreatePersonalAccessTokenRequest -Json $CreatePersonalAccessTokenRequest
New-PersonalAccessToken-CreatePersonalAccessTokenRequest $Result
# Below is a request that includes all optional parameters
# New-PersonalAccessToken -CreatePersonalAccessTokenRequest $CreatePersonalAccessTokenRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-PersonalAccessToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-personal-access-token
This deletes a personal access token.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The personal access token id
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The personal access token id
# Delete Personal Access Token
try {
Remove-PersonalAccessToken-Id $Id
# Below is a request that includes all optional parameters
# Remove-PersonalAccessToken -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-PersonalAccessToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-personal-access-tokens
This gets a collection of personal access tokens associated with the optional `owner-id`. query parameter. If the `owner-id` query parameter is omitted, all personal access tokens for a tenant will be retrieved, but the caller must have the 'idn:all-personal-access-tokens:read' right.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | The identity ID of the owner whose personal access tokens should be listed. If ""me"", the caller should have the following right: 'idn:my-personal-access-tokens:read' If an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. If the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull*
### Return type
[**GetPersonalAccessTokenResponse[]**](../models/get-personal-access-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of personal access tokens. | GetPersonalAccessTokenResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c9180867b50d088017b554662fb281e" # String | The identity ID of the owner whose personal access tokens should be listed. If ""me"", the caller should have the following right: 'idn:my-personal-access-tokens:read' If an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. If the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read' (optional)
$Filters = 'lastUsed le 2023-02-05T10:59:27.214Z' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull* (optional)
# List Personal Access Tokens
try {
Get-PersonalAccessTokens
# Below is a request that includes all optional parameters
# Get-PersonalAccessTokens -OwnerId $OwnerId -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PersonalAccessTokens"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-personal-access-token
This performs a targeted update to the field(s) of a Personal Access Token.
Changing scopes for a Personal Access Token does not impact existing bearer tokens. You will need to create a new bearer token to have the new scopes. Please note that it can take up to 20 minutes for scope changes to be seen on new bearer tokens.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The Personal Access Token id
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * scope
### Return type
[**GetPersonalAccessTokenResponse**](../models/get-personal-access-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the PAT&#39;s new representation. | GetPersonalAccessTokenResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The Personal Access Token id
# JsonPatchOperation[] | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * scope
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Patch Personal Access Token
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-PersonalAccessToken-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-PersonalAccessToken -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-PersonalAccessToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

77
docs/tools/sdk/powershell/refrence/v3/Methods/PublicIdentitiesApi.md Normal file
View File

@@ -0,0 +1,77 @@
---
id: public-identities
title: PublicIdentities
pagination_label: PublicIdentities
sidebar_label: PublicIdentities
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PublicIdentities']
slug: /tools/sdk/powershell/v3/methods/public-identities
tags: ['SDK', 'Software Development Kit', 'PublicIdentities']
---
# PublicIdentities
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-PublicIdentities**](#get-public-identities) | **GET** `/public-identities` | Get list of public identities
## get-public-identities
Get a list of public identities. Set `add-core-filters` to `true` to exclude incomplete identities and uncorrelated accounts.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **alias**: *eq, sw* **email**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw*
Query | AddCoreFilters | **Boolean** | (optional) (default to $false) | If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*: - Should be either correlated or protected. - Should not be ""spadmin"" or ""cloudadmin"". - uid should not be null. - lastname should not be null. - email should not be null.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
### Return type
[**PublicIdentity[]**](../models/public-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of public identity objects. | PublicIdentity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'firstname eq "John"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **alias**: *eq, sw* **email**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw* (optional)
$AddCoreFilters = $false # Boolean | If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*: - Should be either correlated or protected. - Should not be ""spadmin"" or ""cloudadmin"". - uid should not be null. - lastname should not be null. - email should not be null. (optional) (default to $false)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
# Get list of public identities
try {
Get-PublicIdentities
# Below is a request that includes all optional parameters
# Get-PublicIdentities -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -AddCoreFilters $AddCoreFilters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PublicIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

126
docs/tools/sdk/powershell/refrence/v3/Methods/PublicIdentitiesConfigApi.md Normal file
View File

@@ -0,0 +1,126 @@
---
id: public-identities-config
title: PublicIdentitiesConfig
pagination_label: PublicIdentitiesConfig
sidebar_label: PublicIdentitiesConfig
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PublicIdentitiesConfig']
slug: /tools/sdk/powershell/v3/methods/public-identities-config
tags: ['SDK', 'Software Development Kit', 'PublicIdentitiesConfig']
---
# PublicIdentitiesConfig
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-PublicIdentityConfig**](#get-public-identity-config) | **GET** `/public-identities-config` | Get the Public Identities Configuration
[**Update-PublicIdentityConfig**](#update-public-identity-config) | **PUT** `/public-identities-config` | Update the Public Identities Configuration
## get-public-identity-config
Returns the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**PublicIdentityConfig**](../models/public-identity-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | PublicIdentityConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get the Public Identities Configuration
try {
Get-PublicIdentityConfig
# Below is a request that includes all optional parameters
# Get-PublicIdentityConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-PublicIdentityConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-public-identity-config
Updates the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PublicIdentityConfig | [**PublicIdentityConfig**](../models/public-identity-config) | True |
### Return type
[**PublicIdentityConfig**](../models/public-identity-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | PublicIdentityConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PublicIdentityConfig = @"{
"modified" : "2018-06-25T20:22:28.104Z",
"attributes" : [ {
"name" : "Country",
"key" : "country"
}, {
"name" : "Country",
"key" : "country"
} ],
"modifiedBy" : {
"name" : "Thomas Edison",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
}
}"@
# Update the Public Identities Configuration
try {
$Result = ConvertFrom-JsonToPublicIdentityConfig -Json $PublicIdentityConfig
Update-PublicIdentityConfig-PublicIdentityConfig $Result
# Below is a request that includes all optional parameters
# Update-PublicIdentityConfig -PublicIdentityConfig $PublicIdentityConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-PublicIdentityConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

221
docs/tools/sdk/powershell/refrence/v3/Methods/ReportsDataExtractionApi.md Normal file
View File

@@ -0,0 +1,221 @@
---
id: reports-data-extraction
title: ReportsDataExtraction
pagination_label: ReportsDataExtraction
sidebar_label: ReportsDataExtraction
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ReportsDataExtraction']
slug: /tools/sdk/powershell/v3/methods/reports-data-extraction
tags: ['SDK', 'Software Development Kit', 'ReportsDataExtraction']
---
# ReportsDataExtraction
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Suspend-Report**](#cancel-report) | **POST** `/reports/{id}/cancel` | Cancel Report
[**Get-Report**](#get-report) | **GET** `/reports/{taskResultId}` | Get Report File
[**Get-ReportResult**](#get-report-result) | **GET** `/reports/{taskResultId}/result` | Get Report Result
[**Start-Report**](#start-report) | **POST** `/reports/run` | Run Report
## cancel-report
Cancels a running report.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the running Report to cancel
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "a1ed223247144cc29d23c632624b4767" # String | ID of the running Report to cancel
# Cancel Report
try {
Suspend-Report-Id $Id
# Below is a request that includes all optional parameters
# Suspend-Report -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-Report"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-report
Gets a report in file format.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | TaskResultId | **String** | True | Unique identifier of the task result which handled report
Query | FileFormat | **String** | True | Output format of the requested report file
Query | Name | **String** | (optional) | preferred Report file name, by default will be used report name from task result.
Query | Auditable | **Boolean** | (optional) (default to $false) | Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.
### Return type
**System.IO.FileInfo**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Report file in selected format. CSV by default. | System.IO.FileInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/csv, application/pdf, application/json
### Example
```powershell
$TaskResultId = "ef38f94347e94562b5bb8424a56397d8" # String | Unique identifier of the task result which handled report
$FileFormat = "csv" # String | Output format of the requested report file
$Name = "Identities Details Report" # String | preferred Report file name, by default will be used report name from task result. (optional)
$Auditable = $true # Boolean | Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId. (optional) (default to $false)
# Get Report File
try {
Get-Report-TaskResultId $TaskResultId -FileFormat $FileFormat
# Below is a request that includes all optional parameters
# Get-Report -TaskResultId $TaskResultId -FileFormat $FileFormat -Name $Name -Auditable $Auditable
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Report"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-report-result
Get the report results for a report that was run or is running. Returns empty report result in case there are no active task definitions with used in payload task definition name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | TaskResultId | **String** | True | Unique identifier of the task result which handled report
Query | Completed | **Boolean** | (optional) (default to $false) | state of task result to apply ordering when results are fetching from the DB
### Return type
[**ReportResults**](../models/report-results)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Details about report that was run or is running. | ReportResults
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$TaskResultId = "ef38f94347e94562b5bb8424a56397d8" # String | Unique identifier of the task result which handled report
$Completed = $true # Boolean | state of task result to apply ordering when results are fetching from the DB (optional) (default to $false)
# Get Report Result
try {
Get-ReportResult-TaskResultId $TaskResultId
# Below is a request that includes all optional parameters
# Get-ReportResult -TaskResultId $TaskResultId -Completed $Completed
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ReportResult"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-report
Use this API to run a report according to report input details. If non-concurrent task is already running then it returns, otherwise new task creates and returns.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ReportDetails | [**ReportDetails**](../models/report-details) | True |
### Return type
[**TaskResultDetails**](../models/task-result-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Details about running report task. | TaskResultDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ReportDetails = @"{
"reportType" : "ACCOUNTS",
"arguments" : {
"application" : "2c9180897e7742b2017e781782f705b9",
"sourceName" : "Active Directory"
}
}"@
# Run Report
try {
$Result = ConvertFrom-JsonToReportDetails -Json $ReportDetails
Start-Report-ReportDetails $Result
# Below is a request that includes all optional parameters
# Start-Report -ReportDetails $ReportDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-Report"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

88
docs/tools/sdk/powershell/refrence/v3/Methods/RequestableObjectsApi.md Normal file
View File

@@ -0,0 +1,88 @@
---
id: requestable-objects
title: RequestableObjects
pagination_label: RequestableObjects
sidebar_label: RequestableObjects
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestableObjects']
slug: /tools/sdk/powershell/v3/methods/requestable-objects
tags: ['SDK', 'Software Development Kit', 'RequestableObjects']
---
# RequestableObjects
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-RequestableObjects**](#list-requestable-objects) | **GET** `/requestable-objects` | Requestable Objects List
## list-requestable-objects
This endpoint returns a list of acccess items that that can be requested through the Access Request endpoints. Access items are marked with AVAILABLE, PENDING or ASSIGNED with respect to the identity provided using *identity-id* query param.
Any authenticated token can call this endpoint to see their requestable access items.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | IdentityId | **String** | (optional) | If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.
Query | Types | [**[]RequestableObjectType**](../models/requestable-object-type) | (optional) | Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice.
Query | Term | **String** | (optional) | It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored.
Query | Statuses | [**[]RequestableObjectRequestStatus**](../models/requestable-object-request-status) | (optional) | Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
### Return type
[**RequestableObject[]**](../models/requestable-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of requestable objects | RequestableObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "e7eab60924f64aa284175b9fa3309599" # String | If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result. (optional)
$Types = "ACCESS_PROFILE" # RequestableObjectType[] | Filters the results to the specified type/types, where each type is one of ROLE or ACCESS_PROFILE. If absent, all types are returned. Support for additional types may be added in the future without notice. (optional)
$Types = @"ROLE,ACCESS_PROFILE"@
$Term = "Finance Role" # String | It allows searching requestable access items with a partial match on the name or description. If term is provided, then the *filter* query parameter will be ignored. (optional)
$Statuses = "AVAILABLE" # RequestableObjectRequestStatus[] | Filters the result to the specified status/statuses, where each status is one of AVAILABLE, ASSIGNED, or PENDING. It is an error to specify this parameter without also specifying an *identity-id* parameter. Additional statuses may be added in the future without notice. (optional)
$Statuses = @"[ASSIGNED, PENDING]"@
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name sw "bob"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
# Requestable Objects List
try {
Get-RequestableObjects
# Below is a request that includes all optional parameters
# Get-RequestableObjects -IdentityId $IdentityId -Types $Types -Term $Term -Statuses $Statuses -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-RequestableObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

565
docs/tools/sdk/powershell/refrence/v3/Methods/RolesApi.md Normal file
View File

@@ -0,0 +1,565 @@
---
id: roles
title: Roles
pagination_label: Roles
sidebar_label: Roles
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Roles']
slug: /tools/sdk/powershell/v3/methods/roles
tags: ['SDK', 'Software Development Kit', 'Roles']
---
# Roles
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-Role**](#create-role) | **POST** `/roles` | Create a Role
[**Remove-BulkRoles**](#delete-bulk-roles) | **POST** `/roles/bulk-delete` | Delete Role(s)
[**Remove-Role**](#delete-role) | **DELETE** `/roles/{id}` | Delete a Role
[**Get-Role**](#get-role) | **GET** `/roles/{id}` | Get a Role
[**Get-RoleAssignedIdentities**](#get-role-assigned-identities) | **GET** `/roles/{id}/assigned-identities` | List Identities assigned a Role
[**Get-Roles**](#list-roles) | **GET** `/roles` | List Roles
[**Update-Role**](#patch-role) | **PATCH** `/roles/{id}` | Patch a specified Role
## create-role
This API creates a role.
In addition, a ROLE_SUBADMIN may not create a role including an access profile if that access profile is associated with a source the ROLE_SUBADMIN is not associated with themselves.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles. However, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Role | [**Role**](../models/role) | True |
### Return type
[**Role**](../models/role)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Role created | Role
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Role = @"{
"owner" : {
"name" : "support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"entitlements" : [ {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
}, {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
} ],
"dimensional" : false,
"created" : "2021-03-01T22:32:58.104Z",
"dimensionRefs" : [ {
"name" : "Role 2",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "DIMENSION"
}, {
"name" : "Role 2",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "DIMENSION"
} ],
"description" : "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.",
"membership" : {
"identities" : [ {
"aliasName" : "t.edison",
"name" : "Thomas Edison",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
}, {
"aliasName" : "t.edison",
"name" : "Thomas Edison",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
} ],
"criteria" : {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"children" : [ {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"children" : [ {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
}, {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
} ],
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
}, {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"children" : [ {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
}, {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
} ],
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
} ],
"operation" : "EQUALS",
"key" : {
"sourceId" : "2c9180867427f3a301745aec18211519",
"property" : "attribute.email",
"type" : "ACCOUNT"
}
},
"type" : "IDENTITY_LIST"
},
"enabled" : true,
"revocationRequestConfig" : {
"commentsRequired" : false,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
}, {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
} ],
"denialCommentsRequired" : false
},
"segments" : [ "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", "29cb6c06-1da8-43ea-8be4-b3125f248f2a" ],
"legacyMembershipInfo" : {
"type" : "IDENTITY_LIST"
},
"accessRequestConfig" : {
"commentsRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
}, {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
} ],
"denialCommentsRequired" : true
},
"accessProfiles" : [ {
"name" : "Access Profile 2567",
"id" : "ff808081751e6e129f1518161919ecca",
"type" : "ACCESS_PROFILE"
}, {
"name" : "Access Profile 2567",
"id" : "ff808081751e6e129f1518161919ecca",
"type" : "ACCESS_PROFILE"
} ],
"name" : "Role 2567",
"modified" : "2021-03-02T20:22:28.104Z",
"accessModelMetadata" : {
"attributes" : [ {
"key" : "iscPrivacy",
"name" : "Privacy",
"multiselect" : false,
"status" : "active",
"type" : "governance",
"objectTypes" : [ "all" ],
"description" : "Specifies the level of privacy associated with an access item.",
"values" : [ {
"value" : "public",
"name" : "Public",
"status" : "active"
} ]
} ]
},
"id" : "2c918086749d78830174a1a40e121518",
"requestable" : true
}"@
# Create a Role
try {
$Result = ConvertFrom-JsonToRole -Json $Role
New-Role-Role $Result
# Below is a request that includes all optional parameters
# New-Role -Role $Role
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-Role"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-bulk-roles
This endpoint initiates a bulk deletion of one or more roles.
When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information.
This endpoint can only bulk delete up to a limit of 50 roles per request.
A user with ROLE_SUBADMIN authority can only call this endpoint if all roles included in the request are associated with sources with management workgroups the ROLE_SUBADMIN is a member of.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | RoleBulkDeleteRequest | [**RoleBulkDeleteRequest**](../models/role-bulk-delete-request) | True |
### Return type
[**TaskResultDto**](../models/task-result-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Returns an object with the id of the task performing the delete operation. | TaskResultDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RoleBulkDeleteRequest = @"{
"roleIds" : [ "2c9180847812e0b1017817051919ecca", "2c9180887812e0b201781e129f151816" ]
}"@
# Delete Role(s)
try {
$Result = ConvertFrom-JsonToRoleBulkDeleteRequest -Json $RoleBulkDeleteRequest
Remove-BulkRoles-RoleBulkDeleteRequest $Result
# Below is a request that includes all optional parameters
# Remove-BulkRoles -RoleBulkDeleteRequest $RoleBulkDeleteRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-BulkRoles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-role
This API deletes a Role by its ID.
A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Role
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the Role
# Delete a Role
try {
Remove-Role-Id $Id
# Below is a request that includes all optional parameters
# Remove-Role -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Role"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role
This API returns a Role by its ID.
A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Role
### Return type
[**Role**](../models/role)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all Roles | Role
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the Role
# Get a Role
try {
Get-Role-Id $Id
# Below is a request that includes all optional parameters
# Get-Role -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Role"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-assigned-identities
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Role for which the assigned Identities are to be listed
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **aliasName**: *eq, sw* **email**: *eq, sw* **name**: *eq, sw, co*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, aliasName, email**
### Return type
[**RoleIdentity[]**](../models/role-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Identities assigned the Role | RoleIdentity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the Role for which the assigned Identities are to be listed
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name sw Joe' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **aliasName**: *eq, sw* **email**: *eq, sw* **name**: *eq, sw, co* (optional)
$Sorters = "aliasName,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, aliasName, email** (optional)
# List Identities assigned a Role
try {
Get-RoleAssignedIdentities-Id $Id
# Below is a request that includes all optional parameters
# Get-RoleAssignedIdentities -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-RoleAssignedIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-roles
This API returns a list of Roles.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ForSubadmin | **String** | (optional) | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
### Return type
[**Role[]**](../models/role)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Roles | Role[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ForSubadmin = "5168015d32f890ca15812c9180835d2e" # String | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin. (optional)
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'requestable eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error. (optional) (default to $true)
# List Roles
try {
Get-Roles
# Below is a request that includes all optional parameters
# Get-Roles -ForSubadmin $ForSubadmin -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters -ForSegmentIds $ForSegmentIds -IncludeUnsegmented $IncludeUnsegmented
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Roles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-role
This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable:
* name
* description
* enabled
* owner
* accessProfiles
* entitlements
* membership
* requestable
* accessRequestConfig
* revokeRequestConfig
* segments
* accessModelMetadata
A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.
When you use this API to modify a role's membership identities, you can only modify up to a limit of 500 membership identities at a time.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Role to patch
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**Role**](../models/role)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the Role as updated. | Role
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the Role to patch
# JsonPatchOperation[] |
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Patch a specified Role
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-Role-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-Role -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Role"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

995
docs/tools/sdk/powershell/refrence/v3/Methods/SODPoliciesApi.md Normal file
View File

@@ -0,0 +1,995 @@
---
id: sod-policies
title: SODPolicies
pagination_label: SODPolicies
sidebar_label: SODPolicies
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SODPolicies']
slug: /tools/sdk/powershell/v3/methods/sod-policies
tags: ['SDK', 'Software Development Kit', 'SODPolicies']
---
# SODPolicies
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-SodPolicy**](#create-sod-policy) | **POST** `/sod-policies` | Create SOD policy
[**Remove-SodPolicy**](#delete-sod-policy) | **DELETE** `/sod-policies/{id}` | Delete SOD policy by ID
[**Remove-SodPolicySchedule**](#delete-sod-policy-schedule) | **DELETE** `/sod-policies/{id}/schedule` | Delete SOD policy schedule
[**Get-CustomViolationReport**](#get-custom-violation-report) | **GET** `/sod-violation-report/{reportResultId}/download/{fileName}` | Download custom violation report
[**Get-DefaultViolationReport**](#get-default-violation-report) | **GET** `/sod-violation-report/{reportResultId}/download` | Download violation report
[**Get-SodAllReportRunStatus**](#get-sod-all-report-run-status) | **GET** `/sod-violation-report` | Get multi-report run task status
[**Get-SodPolicy**](#get-sod-policy) | **GET** `/sod-policies/{id}` | Get SOD policy by ID
[**Get-SodPolicySchedule**](#get-sod-policy-schedule) | **GET** `/sod-policies/{id}/schedule` | Get SOD policy schedule
[**Get-SodViolationReportRunStatus**](#get-sod-violation-report-run-status) | **GET** `/sod-policies/sod-violation-report-status/{reportResultId}` | Get violation report run status
[**Get-SodViolationReportStatus**](#get-sod-violation-report-status) | **GET** `/sod-policies/{id}/violation-report` | Get SOD violation report status
[**Get-SodPolicies**](#list-sod-policies) | **GET** `/sod-policies` | List SOD policies
[**Update-SodPolicy**](#patch-sod-policy) | **PATCH** `/sod-policies/{id}` | Patch SOD policy by ID
[**Send-PolicySchedule**](#put-policy-schedule) | **PUT** `/sod-policies/{id}/schedule` | Update SOD Policy schedule
[**Send-SodPolicy**](#put-sod-policy) | **PUT** `/sod-policies/{id}` | Update SOD policy by ID
[**Start-EvaluateSodPolicy**](#start-evaluate-sod-policy) | **POST** `/sod-policies/{id}/evaluate` | Evaluate one policy by ID
[**Start-SodAllPoliciesForOrg**](#start-sod-all-policies-for-org) | **POST** `/sod-violation-report/run` | Runs all policies for org
[**Start-SodPolicy**](#start-sod-policy) | **POST** `/sod-policies/{id}/violation-report/run` | Runs SOD policy violation report
## create-sod-policy
This creates both General and Conflicting Access Based policy, with a limit of 50 entitlements for each (left & right) criteria for Conflicting Access Based SOD policy.
Requires role of ORG_ADMIN.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SodPolicy | [**SodPolicy**](../models/sod-policy) | True |
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | SOD policy created | SodPolicy
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SodPolicy = @"{
"conflictingAccessCriteria" : {
"leftCriteria" : {
"name" : "money-in",
"criteriaList" : [ {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a66",
"name" : "Administrator"
}, {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a67",
"name" : "Administrator"
} ]
},
"rightCriteria" : {
"name" : "money-in",
"criteriaList" : [ {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a66",
"name" : "Administrator"
}, {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a67",
"name" : "Administrator"
} ]
}
},
"ownerRef" : {
"name" : "Support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"created" : "2020-01-01T00:00:00Z",
"scheduled" : true,
"creatorId" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"modifierId" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"description" : "This policy ensures compliance of xyz",
"violationOwnerAssignmentConfig" : {
"assignmentRule" : "MANAGER",
"ownerRef" : {
"name" : "Support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
}
},
"correctionAdvice" : "Based on the role of the employee, managers should remove access that is not required for their job function.",
"type" : "GENERAL",
"tags" : [ "TAG1", "TAG2" ],
"name" : "policy-xyz",
"modified" : "2020-01-01T00:00:00Z",
"policyQuery" : "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)",
"compensatingControls" : "Have a manager review the transaction decisions for their \"out of compliance\" employee",
"id" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"state" : "ENFORCED",
"externalPolicyReference" : "XYZ policy"
}"@
# Create SOD policy
try {
$Result = ConvertFrom-JsonToSodPolicy -Json $SodPolicy
New-SodPolicy-SodPolicy $Result
# Below is a request that includes all optional parameters
# New-SodPolicy -SodPolicy $SodPolicy
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-SodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-sod-policy
This deletes a specified SOD policy.
Requires role of ORG_ADMIN.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD Policy to delete.
Query | Logical | **Boolean** | (optional) (default to $true) | Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD Policy to delete.
$Logical = $true # Boolean | Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call. (optional) (default to $true)
# Delete SOD policy by ID
try {
Remove-SodPolicy-Id $Id
# Below is a request that includes all optional parameters
# Remove-SodPolicy -Id $Id -Logical $Logical
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-SodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-sod-policy-schedule
This deletes schedule for a specified SOD policy by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD policy the schedule must be deleted for.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD policy the schedule must be deleted for.
# Delete SOD policy schedule
try {
Remove-SodPolicySchedule-Id $Id
# Below is a request that includes all optional parameters
# Remove-SodPolicySchedule -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-SodPolicySchedule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-custom-violation-report
This allows to download a specified named violation report for a given report reference.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ReportResultId | **String** | True | The ID of the report reference to download.
Path | FileName | **String** | True | Custom Name for the file.
### Return type
**System.IO.FileInfo**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returns the zip file with given custom name that contains the violation report file. | System.IO.FileInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/zip, application/json
### Example
```powershell
$ReportResultId = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the report reference to download.
$FileName = "custom-name" # String | Custom Name for the file.
# Download custom violation report
try {
Get-CustomViolationReport-ReportResultId $ReportResultId -FileName $FileName
# Below is a request that includes all optional parameters
# Get-CustomViolationReport -ReportResultId $ReportResultId -FileName $FileName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CustomViolationReport"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-default-violation-report
This allows to download a violation report for a given report reference.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ReportResultId | **String** | True | The ID of the report reference to download.
### Return type
**System.IO.FileInfo**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returns the PolicyReport.zip that contains the violation report file. | System.IO.FileInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/zip, application/json
### Example
```powershell
$ReportResultId = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the report reference to download.
# Download violation report
try {
Get-DefaultViolationReport-ReportResultId $ReportResultId
# Below is a request that includes all optional parameters
# Get-DefaultViolationReport -ReportResultId $ReportResultId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-DefaultViolationReport"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-all-report-run-status
This endpoint gets the status for a violation report for all policy run.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the violation report run task for all policy run. | ReportResultReference
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get multi-report run task status
try {
Get-SodAllReportRunStatus
# Below is a request that includes all optional parameters
# Get-SodAllReportRunStatus
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SodAllReportRunStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-policy
This gets specified SOD policy.
Requires role of ORG_ADMIN.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD Policy to retrieve.
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | SOD policy ID. | SodPolicy
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD Policy to retrieve.
# Get SOD policy by ID
try {
Get-SodPolicy-Id $Id
# Below is a request that includes all optional parameters
# Get-SodPolicy -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-policy-schedule
This endpoint gets a specified SOD policy's schedule.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD policy schedule to retrieve.
### Return type
[**SodPolicySchedule**](../models/sod-policy-schedule)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | SOD policy schedule. | SodPolicySchedule
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD policy schedule to retrieve.
# Get SOD policy schedule
try {
Get-SodPolicySchedule-Id $Id
# Below is a request that includes all optional parameters
# Get-SodPolicySchedule -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SodPolicySchedule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-violation-report-run-status
This gets the status for a violation report run task that has already been invoked.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ReportResultId | **String** | True | The ID of the report reference to retrieve.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the violation report run task. | ReportResultReference
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ReportResultId = "2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | The ID of the report reference to retrieve.
# Get violation report run status
try {
Get-SodViolationReportRunStatus-ReportResultId $ReportResultId
# Below is a request that includes all optional parameters
# Get-SodViolationReportRunStatus -ReportResultId $ReportResultId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SodViolationReportRunStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-violation-report-status
This gets the status for a violation report run task that has already been invoked.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the violation report to retrieve status for.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the violation report run task. | ReportResultReference
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the violation report to retrieve status for.
# Get SOD violation report status
try {
Get-SodViolationReportStatus-Id $Id
# Below is a request that includes all optional parameters
# Get-SodViolationReportStatus -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SodViolationReportStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-sod-policies
This gets list of all SOD policies.
Requires role of ORG_ADMIN
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in* **state**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, description**
### Return type
[**SodPolicy[]**](../models/sod-policy)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all SOD policies. | SodPolicy[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "bc693f07e7b645539626c25954c58554"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in* **state**: *eq, in* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, description** (optional)
# List SOD policies
try {
Get-SodPolicies
# Below is a request that includes all optional parameters
# Get-SodPolicies -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SodPolicies"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-sod-policy
Allows updating SOD Policy fields other than ["id","created","creatorId","policyQuery","type"] using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
Requires role of ORG_ADMIN.
This endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD policy being modified.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * ownerRef * externalPolicyReference * compensatingControls * correctionAdvice * state * tags * violationOwnerAssignmentConfig * scheduled * conflictingAccessCriteria
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the SOD policy&#39;s new representation. | SodPolicy
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c918083-5d19-1a86-015d-28455b4a2329" # String | The ID of the SOD policy being modified.
# JsonPatchOperation[] | A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * ownerRef * externalPolicyReference * compensatingControls * correctionAdvice * state * tags * violationOwnerAssignmentConfig * scheduled * conflictingAccessCriteria
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Patch SOD policy by ID
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-SodPolicy-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-SodPolicy -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-SodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-policy-schedule
This updates schedule for a specified SOD policy.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD policy to update its schedule.
Body | SodPolicySchedule | [**SodPolicySchedule**](../models/sod-policy-schedule) | True |
### Return type
[**SodPolicySchedule**](../models/sod-policy-schedule)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created or updated SOD policy schedule. | SodPolicySchedule
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD policy to update its schedule.
$SodPolicySchedule = @"{
"schedule" : {
"hours" : {
"values" : [ "MON", "WED" ],
"interval" : 3,
"type" : "LIST"
},
"months" : {
"values" : [ "MON", "WED" ],
"interval" : 3,
"type" : "LIST"
},
"timeZoneId" : "America/Chicago",
"days" : {
"values" : [ "MON", "WED" ],
"interval" : 3,
"type" : "LIST"
},
"expiration" : "2018-06-25T20:22:28.104Z",
"type" : "WEEKLY"
},
"created" : "2020-01-01T00:00:00Z",
"recipients" : [ {
"name" : "Michael Michaels",
"id" : "2c7180a46faadee4016fb4e018c20642",
"type" : "IDENTITY"
}, {
"name" : "Michael Michaels",
"id" : "2c7180a46faadee4016fb4e018c20642",
"type" : "IDENTITY"
} ],
"name" : "SCH-1584312283015",
"creatorId" : "0f11f2a47c944bf3a2bd742580fe3bde",
"modifierId" : "0f11f2a47c944bf3a2bd742580fe3bde",
"modified" : "2020-01-01T00:00:00Z",
"description" : "Schedule for policy xyz",
"emailEmptyResults" : false
}"@
# Update SOD Policy schedule
try {
$Result = ConvertFrom-JsonToSodPolicySchedule -Json $SodPolicySchedule
Send-PolicySchedule-Id $Id -SodPolicySchedule $Result
# Below is a request that includes all optional parameters
# Send-PolicySchedule -Id $Id -SodPolicySchedule $SodPolicySchedule
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-PolicySchedule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-sod-policy
This updates a specified SOD policy.
Requires role of ORG_ADMIN.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the SOD policy to update.
Body | SodPolicy | [**SodPolicy**](../models/sod-policy) | True |
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | SOD Policy by ID | SodPolicy
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD policy to update.
$SodPolicy = @"{
"conflictingAccessCriteria" : {
"leftCriteria" : {
"name" : "money-in",
"criteriaList" : [ {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a66",
"name" : "Administrator"
}, {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a67",
"name" : "Administrator"
} ]
},
"rightCriteria" : {
"name" : "money-in",
"criteriaList" : [ {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a66",
"name" : "Administrator"
}, {
"type" : "ENTITLEMENT",
"id" : "2c9180866166b5b0016167c32ef31a67",
"name" : "Administrator"
} ]
}
},
"ownerRef" : {
"name" : "Support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"created" : "2020-01-01T00:00:00Z",
"scheduled" : true,
"creatorId" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"modifierId" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"description" : "This policy ensures compliance of xyz",
"violationOwnerAssignmentConfig" : {
"assignmentRule" : "MANAGER",
"ownerRef" : {
"name" : "Support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
}
},
"correctionAdvice" : "Based on the role of the employee, managers should remove access that is not required for their job function.",
"type" : "GENERAL",
"tags" : [ "TAG1", "TAG2" ],
"name" : "policy-xyz",
"modified" : "2020-01-01T00:00:00Z",
"policyQuery" : "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)",
"compensatingControls" : "Have a manager review the transaction decisions for their \"out of compliance\" employee",
"id" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"state" : "ENFORCED",
"externalPolicyReference" : "XYZ policy"
}"@
# Update SOD policy by ID
try {
$Result = ConvertFrom-JsonToSodPolicy -Json $SodPolicy
Send-SodPolicy-Id $Id -SodPolicy $Result
# Below is a request that includes all optional parameters
# Send-SodPolicy -Id $Id -SodPolicy $SodPolicy
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-SodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-evaluate-sod-policy
Runs the scheduled report for the policy retrieved by passed policy ID. The report schedule is fetched from the policy retrieved by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The SOD policy ID to run.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the violation report run task. | ReportResultReference
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The SOD policy ID to run.
# Evaluate one policy by ID
try {
Start-EvaluateSodPolicy-Id $Id
# Below is a request that includes all optional parameters
# Start-EvaluateSodPolicy -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-EvaluateSodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-sod-all-policies-for-org
Runs multi-policy report for the org. If a policy reports more than 5000 violations, the report mentions that the violation limit was exceeded for that policy. If the request is empty, the report runs for all policies. Otherwise, the report runs for only the filtered policy list provided.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | MultiPolicyRequest | [**MultiPolicyRequest**](../models/multi-policy-request) | (optional) |
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the violation report run task. | ReportResultReference
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MultiPolicyRequest = @"{
"filteredPolicyList" : [ "[b868cd40-ffa4-4337-9c07-1a51846cfa94, 63a07a7b-39a4-48aa-956d-50c827deba2a]", "[b868cd40-ffa4-4337-9c07-1a51846cfa94, 63a07a7b-39a4-48aa-956d-50c827deba2a]" ]
}"@
# Runs all policies for org
try {
Start-SodAllPoliciesForOrg
# Below is a request that includes all optional parameters
# Start-SodAllPoliciesForOrg -MultiPolicyRequest $MultiPolicyRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-SodAllPoliciesForOrg"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-sod-policy
This invokes processing of violation report for given SOD policy. If the policy reports more than 5000 violations, the report returns with violation limit exceeded message.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The SOD policy ID to run.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the violation report run task. | ReportResultReference
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The SOD policy ID to run.
# Runs SOD policy violation report
try {
Start-SodPolicy-Id $Id
# Below is a request that includes all optional parameters
# Start-SodPolicy -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-SodPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

128
docs/tools/sdk/powershell/refrence/v3/Methods/SODViolationsApi.md Normal file
View File

@@ -0,0 +1,128 @@
---
id: sod-violations
title: SODViolations
pagination_label: SODViolations
sidebar_label: SODViolations
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SODViolations']
slug: /tools/sdk/powershell/v3/methods/sod-violations
tags: ['SDK', 'Software Development Kit', 'SODViolations']
---
# SODViolations
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Start-PredictSodViolations**](#start-predict-sod-violations) | **POST** `/sod-violations/predict` | Predict SOD violations for identity.
[**Start-ViolationCheck**](#start-violation-check) | **POST** `/sod-violations/check` | Check SOD violations
## start-predict-sod-violations
This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityWithNewAccess | [**IdentityWithNewAccess**](../models/identity-with-new-access) | True |
### Return type
[**ViolationPrediction**](../models/violation-prediction)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Violation Contexts | ViolationPrediction
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityWithNewAccess = @"{
"identityId" : "2c91808568c529c60168cca6f90c1313",
"accessRefs" : [ {
"type" : "ENTITLEMENT",
"id" : "2c918087682f9a86016839c050861ab1",
"name" : "CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local"
}, {
"type" : "ENTITLEMENT",
"id" : "2c918087682f9a86016839c0509c1ab2",
"name" : "CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local"
} ]
}"@
# Predict SOD violations for identity.
try {
$Result = ConvertFrom-JsonToIdentityWithNewAccess -Json $IdentityWithNewAccess
Start-PredictSodViolations-IdentityWithNewAccess $Result
# Below is a request that includes all optional parameters
# Start-PredictSodViolations -IdentityWithNewAccess $IdentityWithNewAccess
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-PredictSodViolations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-violation-check
This API initiates a SOD policy verification asynchronously.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityWithNewAccess1 | [**IdentityWithNewAccess1**](../models/identity-with-new-access1) | True |
### Return type
[**SodViolationCheck**](../models/sod-violation-check)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Request ID with a timestamp. | SodViolationCheck
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityWithNewAccess1 = @"{identityId=2c91808568c529c60168cca6f90c1313, accessRefs=[{type=ENTITLEMENT, id=2c918087682f9a86016839c050861ab1, name=CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local}, {type=ENTITLEMENT, id=2c918087682f9a86016839c0509c1ab2, name=CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local}], clientMetadata={additionalProp1=string, additionalProp2=string, additionalProp3=string}}"@
# Check SOD violations
try {
$Result = ConvertFrom-JsonToIdentityWithNewAccess1 -Json $IdentityWithNewAccess1
Start-ViolationCheck-IdentityWithNewAccess1 $Result
# Below is a request that includes all optional parameters
# Start-ViolationCheck -IdentityWithNewAccess1 $IdentityWithNewAccess1
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-ViolationCheck"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

375
docs/tools/sdk/powershell/refrence/v3/Methods/SavedSearchApi.md Normal file
View File

@@ -0,0 +1,375 @@
---
id: saved-search
title: SavedSearch
pagination_label: SavedSearch
sidebar_label: SavedSearch
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SavedSearch']
slug: /tools/sdk/powershell/v3/methods/saved-search
tags: ['SDK', 'Software Development Kit', 'SavedSearch']
---
# SavedSearch
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-SavedSearch**](#create-saved-search) | **POST** `/saved-searches` | Create a saved search
[**Remove-SavedSearch**](#delete-saved-search) | **DELETE** `/saved-searches/{id}` | Delete document by ID
[**Invoke-ExecuteSavedSearch**](#execute-saved-search) | **POST** `/saved-searches/{id}/execute` | Execute a saved search by ID
[**Get-SavedSearch**](#get-saved-search) | **GET** `/saved-searches/{id}` | Return saved search by ID
[**Get-SavedSearches**](#list-saved-searches) | **GET** `/saved-searches` | A list of Saved Searches
[**Send-SavedSearch**](#put-saved-search) | **PUT** `/saved-searches/{id}` | Updates an existing saved search
## create-saved-search
Creates a new saved search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateSavedSearchRequest | [**CreateSavedSearchRequest**](../models/create-saved-search-request) | True | The saved search to persist.
### Return type
[**SavedSearch**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | The persisted saved search. | SavedSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateSavedSearchRequest = @""@
# Create a saved search
try {
$Result = ConvertFrom-JsonToCreateSavedSearchRequest -Json $CreateSavedSearchRequest
New-SavedSearch-CreateSavedSearchRequest $Result
# Below is a request that includes all optional parameters
# New-SavedSearch -CreateSavedSearchRequest $CreateSavedSearchRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-saved-search
Deletes the specified saved search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No Content - Indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Delete document by ID
try {
Remove-SavedSearch-Id $Id
# Below is a request that includes all optional parameters
# Remove-SavedSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## execute-saved-search
Executes the specified saved search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | SearchArguments | [**SearchArguments**](../models/search-arguments) | True | When saved search execution is triggered by a scheduled search, *scheduleId* will specify the ID of the triggering scheduled search. If *scheduleId* is not specified (when execution is triggered by a UI test), the *owner* and *recipients* arguments must be provided.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$SearchArguments = @"{
"owner" : "",
"recipients" : [ {
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}, {
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
} ],
"scheduleId" : "7a724640-0c17-4ce9-a8c3-4a89738459c8"
}"@
# Execute a saved search by ID
try {
$Result = ConvertFrom-JsonToSearchArguments -Json $SearchArguments
Invoke-ExecuteSavedSearch-Id $Id -SearchArguments $Result
# Below is a request that includes all optional parameters
# Invoke-ExecuteSavedSearch -Id $Id -SearchArguments $SearchArguments
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-ExecuteSavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-saved-search
Returns the specified saved search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
[**SavedSearch**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested saved search. | SavedSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Return saved search by ID
try {
Get-SavedSearch-Id $Id
# Below is a request that includes all optional parameters
# Get-SavedSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-saved-searches
Returns a list of saved searches.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq*
### Return type
[**SavedSearch[]**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of requested saved searches. | SavedSearch[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'owner.id eq "7a724640-0c17-4ce9-a8c3-4a89738459c8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq* (optional)
# A list of Saved Searches
try {
Get-SavedSearches
# Below is a request that includes all optional parameters
# Get-SavedSearches -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SavedSearches"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-saved-search
Updates an existing saved search.
>**NOTE: You cannot update the `owner` of the saved search.**
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | SavedSearch | [**SavedSearch**](../models/saved-search) | True | The saved search to persist.
### Return type
[**SavedSearch**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The persisted saved search. | SavedSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$SavedSearch = @"{
"owner" : {
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"created" : "2018-06-25T20:22:28.104Z",
"columns" : {
"identity" : [ {
"field" : "displayName",
"header" : "Display Name"
}, {
"field" : "e-mail",
"header" : "Work Email"
} ]
},
"query" : "@accounts(disabled:true)",
"description" : "Disabled accounts",
"orderBy" : {
"identity" : [ "lastName", "firstName" ],
"role" : [ "name" ]
},
"sort" : [ "displayName" ],
"filters" : {
"terms" : [ "account_count", "account_count" ],
"range" : {
"lower" : {
"inclusive" : false,
"value" : "1"
},
"upper" : {
"inclusive" : false,
"value" : "1"
}
},
"exclude" : false,
"type" : "RANGE"
},
"ownerId" : "2c91808568c529c60168cca6f90c1313",
"indices" : [ "identities" ],
"public" : false,
"name" : "Disabled accounts",
"modified" : "2018-06-25T20:22:28.104Z",
"id" : "0de46054-fe90-434a-b84e-c6b3359d0c64",
"fields" : [ "disabled" ]
}"@
# Updates an existing saved search
try {
$Result = ConvertFrom-JsonToSavedSearch -Json $SavedSearch
Send-SavedSearch-Id $Id -SavedSearch $Result
# Below is a request that includes all optional parameters
# Send-SavedSearch -Id $Id -SavedSearch $SavedSearch
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

363
docs/tools/sdk/powershell/refrence/v3/Methods/ScheduledSearchApi.md Normal file
View File

@@ -0,0 +1,363 @@
---
id: scheduled-search
title: ScheduledSearch
pagination_label: ScheduledSearch
sidebar_label: ScheduledSearch
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ScheduledSearch']
slug: /tools/sdk/powershell/v3/methods/scheduled-search
tags: ['SDK', 'Software Development Kit', 'ScheduledSearch']
---
# ScheduledSearch
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-ScheduledSearch**](#create-scheduled-search) | **POST** `/scheduled-searches` | Create a new scheduled search
[**Remove-ScheduledSearch**](#delete-scheduled-search) | **DELETE** `/scheduled-searches/{id}` | Delete a Scheduled Search
[**Get-ScheduledSearch**](#get-scheduled-search) | **GET** `/scheduled-searches/{id}` | Get a Scheduled Search
[**Get-ScheduledSearch**](#list-scheduled-search) | **GET** `/scheduled-searches` | List scheduled searches
[**Invoke-UnsubscribeScheduledSearch**](#unsubscribe-scheduled-search) | **POST** `/scheduled-searches/{id}/unsubscribe` | Unsubscribe a recipient from Scheduled Search
[**Update-ScheduledSearch**](#update-scheduled-search) | **PUT** `/scheduled-searches/{id}` | Update an existing Scheduled Search
## create-scheduled-search
Creates a new scheduled search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateScheduledSearchRequest | [**CreateScheduledSearchRequest**](../models/create-scheduled-search-request) | True | The scheduled search to persist.
### Return type
[**ScheduledSearch**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | The persisted scheduled search. | ScheduledSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateScheduledSearchRequest = @"{savedSearchId=9c620e13-cd33-4804-a13d-403bd7bcdbad, schedule={type=DAILY, hours={type=LIST, values=[9]}}, recipients=[{type=IDENTITY, id=2c9180867624cbd7017642d8c8c81f67}]}"@
# Create a new scheduled search
try {
$Result = ConvertFrom-JsonToCreateScheduledSearchRequest -Json $CreateScheduledSearchRequest
New-ScheduledSearch-CreateScheduledSearchRequest $Result
# Below is a request that includes all optional parameters
# New-ScheduledSearch -CreateScheduledSearchRequest $CreateScheduledSearchRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-scheduled-search
Deletes the specified scheduled search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No Content - Indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Delete a Scheduled Search
try {
Remove-ScheduledSearch-Id $Id
# Below is a request that includes all optional parameters
# Remove-ScheduledSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-scheduled-search
Returns the specified scheduled search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
[**ScheduledSearch**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested scheduled search. | ScheduledSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Get a Scheduled Search
try {
Get-ScheduledSearch-Id $Id
# Below is a request that includes all optional parameters
# Get-ScheduledSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-scheduled-search
Returns a list of scheduled searches.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq* **savedSearchId**: *eq*
### Return type
[**ScheduledSearch[]**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of requested scheduled searches. | ScheduledSearch[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'savedSearchId eq "6cc0945d-9eeb-4948-9033-72d066e1153e"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq* **savedSearchId**: *eq* (optional)
# List scheduled searches
try {
Get-ScheduledSearch
# Below is a request that includes all optional parameters
# Get-ScheduledSearch -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## unsubscribe-scheduled-search
Unsubscribes a recipient from the specified scheduled search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | TypedReference | [**TypedReference**](../models/typed-reference) | True | The recipient to be removed from the scheduled search.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No Content - Indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$TypedReference = @"{
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}"@
# Unsubscribe a recipient from Scheduled Search
try {
$Result = ConvertFrom-JsonToTypedReference -Json $TypedReference
Invoke-UnsubscribeScheduledSearch-Id $Id -TypedReference $Result
# Below is a request that includes all optional parameters
# Invoke-UnsubscribeScheduledSearch -Id $Id -TypedReference $TypedReference
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-UnsubscribeScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-scheduled-search
Updates an existing scheduled search.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | ScheduledSearch | [**ScheduledSearch**](../models/scheduled-search) | True | The scheduled search to persist.
### Return type
[**ScheduledSearch**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The persisted scheduled search. | ScheduledSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$ScheduledSearch = @"{
"owner" : {
"id" : "2c9180867624cbd7017642d8c8c81f67",
"type" : "IDENTITY"
},
"displayQueryDetails" : false,
"created" : "",
"description" : "Daily disabled accounts",
"ownerId" : "2c9180867624cbd7017642d8c8c81f67",
"enabled" : false,
"schedule" : {
"hours" : {
"values" : [ "MON", "WED" ],
"interval" : 3,
"type" : "LIST"
},
"months" : {
"values" : [ "MON", "WED" ],
"interval" : 3,
"type" : "LIST"
},
"timeZoneId" : "America/Chicago",
"days" : {
"values" : [ "MON", "WED" ],
"interval" : 3,
"type" : "LIST"
},
"expiration" : "2018-06-25T20:22:28.104Z",
"type" : "WEEKLY"
},
"recipients" : [ {
"id" : "2c9180867624cbd7017642d8c8c81f67",
"type" : "IDENTITY"
}, {
"id" : "2c9180867624cbd7017642d8c8c81f67",
"type" : "IDENTITY"
} ],
"savedSearchId" : "554f1511-f0a1-4744-ab14-599514d3e57c",
"name" : "Daily disabled accounts",
"modified" : "",
"id" : "0de46054-fe90-434a-b84e-c6b3359d0c64",
"emailEmptyResults" : false
}"@
# Update an existing Scheduled Search
try {
$Result = ConvertFrom-JsonToScheduledSearch -Json $ScheduledSearch
Update-ScheduledSearch-Id $Id -ScheduledSearch $Result
# Below is a request that includes all optional parameters
# Update-ScheduledSearch -Id $Id -ScheduledSearch $ScheduledSearch
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

571
docs/tools/sdk/powershell/refrence/v3/Methods/SearchApi.md Normal file
View File

@@ -0,0 +1,571 @@
---
id: search
title: Search
pagination_label: Search
sidebar_label: Search
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Search']
slug: /tools/sdk/powershell/v3/methods/search
tags: ['SDK', 'Software Development Kit', 'Search']
---
# Search
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Search-Aggregate**](#search-aggregate) | **POST** `/search/aggregate` | Perform a Search Query Aggregation
[**Search-Count**](#search-count) | **POST** `/search/count` | Count Documents Satisfying a Query
[**Search-Get**](#search-get) | **GET** `/search/{index}/{id}` | Get a Document by ID
[**Search-Post**](#search-post) | **POST** `/search` | Perform Search
## search-aggregate
Performs a search query aggregation and returns the aggregation result. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Search | [**Search**](../models/search) | True |
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**AggregationResult**](../models/aggregation-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Aggregation results. | AggregationResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json, text/csv
### Example
```powershell
$Search = @"{
"queryDsl" : {
"match" : {
"name" : "john.doe"
}
},
"aggregationType" : "DSL",
"aggregationsVersion" : "",
"query" : {
"query" : "name:a*",
"timeZone" : "America/Chicago",
"fields" : "[firstName,lastName,email]",
"innerHit" : {
"query" : "source.name:\\\"Active Directory\\\"",
"type" : "access"
}
},
"aggregationsDsl" : { },
"sort" : [ "displayName", "+id" ],
"filters" : { },
"queryVersion" : "",
"queryType" : "SAILPOINT",
"includeNested" : true,
"queryResultFilter" : {
"excludes" : [ "stacktrace" ],
"includes" : [ "name", "displayName" ]
},
"indices" : [ "identities" ],
"typeAheadQuery" : {
"field" : "source.name",
"size" : 100,
"query" : "Work",
"sortByValue" : true,
"nestedType" : "access",
"sort" : "asc",
"maxExpansions" : 10
},
"textQuery" : {
"contains" : true,
"terms" : [ "The quick brown fox", "3141592", "7" ],
"matchAny" : false,
"fields" : [ "displayName", "employeeNumber", "roleCount" ]
},
"searchAfter" : [ "John Doe", "2c91808375d8e80a0175e1f88a575221" ],
"aggregations" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
}
}"@
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Perform a Search Query Aggregation
try {
$Result = ConvertFrom-JsonToSearch -Json $Search
Search-Aggregate-Search $Result
# Below is a request that includes all optional parameters
# Search-Aggregate -Search $Search -Offset $Offset -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-Aggregate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## search-count
Performs a search with a provided query and returns the count of results in the X-Total-Count header.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Search | [**Search**](../models/search) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Search = @"{
"queryDsl" : {
"match" : {
"name" : "john.doe"
}
},
"aggregationType" : "DSL",
"aggregationsVersion" : "",
"query" : {
"query" : "name:a*",
"timeZone" : "America/Chicago",
"fields" : "[firstName,lastName,email]",
"innerHit" : {
"query" : "source.name:\\\"Active Directory\\\"",
"type" : "access"
}
},
"aggregationsDsl" : { },
"sort" : [ "displayName", "+id" ],
"filters" : { },
"queryVersion" : "",
"queryType" : "SAILPOINT",
"includeNested" : true,
"queryResultFilter" : {
"excludes" : [ "stacktrace" ],
"includes" : [ "name", "displayName" ]
},
"indices" : [ "identities" ],
"typeAheadQuery" : {
"field" : "source.name",
"size" : 100,
"query" : "Work",
"sortByValue" : true,
"nestedType" : "access",
"sort" : "asc",
"maxExpansions" : 10
},
"textQuery" : {
"contains" : true,
"terms" : [ "The quick brown fox", "3141592", "7" ],
"matchAny" : false,
"fields" : [ "displayName", "employeeNumber", "roleCount" ]
},
"searchAfter" : [ "John Doe", "2c91808375d8e80a0175e1f88a575221" ],
"aggregations" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
}
}"@
# Count Documents Satisfying a Query
try {
$Result = ConvertFrom-JsonToSearch -Json $Search
Search-Count-Search $Result
# Below is a request that includes all optional parameters
# Search-Count -Search $Search
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-Count"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## search-get
Fetches a single document from the specified index, using the specified document ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Index | **String** | True | The index from which to fetch the specified document. The currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*.
Path | Id | **String** | True | ID of the requested document.
### Return type
[**SearchDocument**](../models/search-document)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested document. | SearchDocument
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Index = "accounts" # String | The index from which to fetch the specified document. The currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*.
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Get a Document by ID
try {
Search-Get-Index $Index -Id $Id
# Below is a request that includes all optional parameters
# Search-Get -Index $Index -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-Get"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## search-post
Perform a search with the provided query and return a matching result collection. To page past 10,000 records, you can use `searchAfter` paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement `searchAfter` paging.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Search | [**Search**](../models/search) | True |
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**SearchDocument[]**](../models/search-document)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of matching documents. | SearchDocument[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Search = @"{
"queryDsl" : {
"match" : {
"name" : "john.doe"
}
},
"aggregationType" : "DSL",
"aggregationsVersion" : "",
"query" : {
"query" : "name:a*",
"timeZone" : "America/Chicago",
"fields" : "[firstName,lastName,email]",
"innerHit" : {
"query" : "source.name:\\\"Active Directory\\\"",
"type" : "access"
}
},
"aggregationsDsl" : { },
"sort" : [ "displayName", "+id" ],
"filters" : { },
"queryVersion" : "",
"queryType" : "SAILPOINT",
"includeNested" : true,
"queryResultFilter" : {
"excludes" : [ "stacktrace" ],
"includes" : [ "name", "displayName" ]
},
"indices" : [ "identities" ],
"typeAheadQuery" : {
"field" : "source.name",
"size" : 100,
"query" : "Work",
"sortByValue" : true,
"nestedType" : "access",
"sort" : "asc",
"maxExpansions" : 10
},
"textQuery" : {
"contains" : true,
"terms" : [ "The quick brown fox", "3141592", "7" ],
"matchAny" : false,
"fields" : [ "displayName", "employeeNumber", "roleCount" ]
},
"searchAfter" : [ "John Doe", "2c91808375d8e80a0175e1f88a575221" ],
"aggregations" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
}
}"@
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 10000 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Perform Search
try {
$Result = ConvertFrom-JsonToSearch -Json $Search
Search-Post-Search $Result
# Below is a request that includes all optional parameters
# Search-Post -Search $Search -Offset $Offset -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-Post"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

273
docs/tools/sdk/powershell/refrence/v3/Methods/SearchAttributeConfigurationApi.md Normal file
View File

@@ -0,0 +1,273 @@
---
id: search-attribute-configuration
title: SearchAttributeConfiguration
pagination_label: SearchAttributeConfiguration
sidebar_label: SearchAttributeConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SearchAttributeConfiguration']
slug: /tools/sdk/powershell/v3/methods/search-attribute-configuration
tags: ['SDK', 'Software Development Kit', 'SearchAttributeConfiguration']
---
# SearchAttributeConfiguration
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-SearchAttributeConfig**](#create-search-attribute-config) | **POST** `/accounts/search-attribute-config` | Create Extended Search Attributes
[**Remove-SearchAttributeConfig**](#delete-search-attribute-config) | **DELETE** `/accounts/search-attribute-config/{name}` | Delete Extended Search Attribute
[**Get-SearchAttributeConfig**](#get-search-attribute-config) | **GET** `/accounts/search-attribute-config` | List Extended Search Attributes
[**Get-SingleSearchAttributeConfig**](#get-single-search-attribute-config) | **GET** `/accounts/search-attribute-config/{name}` | Get Extended Search Attribute
[**Update-SearchAttributeConfig**](#patch-search-attribute-config) | **PATCH** `/accounts/search-attribute-config/{name}` | Update Extended Search Attribute
## create-search-attribute-config
Create and configure extended search attributes. This API accepts an attribute name, an attribute display name and a list of name/value pair associates of application IDs to attribute names. It will then validate the inputs and configure/create and attribute promotion configuration in the Link ObjectConfig.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SearchAttributeConfig | [**SearchAttributeConfig**](../models/search-attribute-config) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SearchAttributeConfig = @"{
"displayName" : "New Mail Attribute",
"name" : "newMailAttribute",
"applicationAttributes" : {
"2c91808b79fd2422017a0b35d30f3968" : "employeeNumber",
"2c91808b79fd2422017a0b36008f396b" : "employeeNumber"
}
}"@
# Create Extended Search Attributes
try {
$Result = ConvertFrom-JsonToSearchAttributeConfig -Json $SearchAttributeConfig
New-SearchAttributeConfig-SearchAttributeConfig $Result
# Below is a request that includes all optional parameters
# New-SearchAttributeConfig -SearchAttributeConfig $SearchAttributeConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-search-attribute-config
Delete an extended attribute configuration by name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | Name of the extended search attribute configuration to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "newMailAttribute" # String | Name of the extended search attribute configuration to delete.
# Delete Extended Search Attribute
try {
Remove-SearchAttributeConfig-Name $Name
# Below is a request that includes all optional parameters
# Remove-SearchAttributeConfig -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-search-attribute-config
Get a list of attribute/application associates currently configured in Identity Security Cloud (ISC).
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SearchAttributeConfig[]**](../models/search-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of attribute configurations in IdentityNow. | SearchAttributeConfig[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Extended Search Attributes
try {
Get-SearchAttributeConfig
# Below is a request that includes all optional parameters
# Get-SearchAttributeConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-single-search-attribute-config
Get an extended attribute configuration by name.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | Name of the extended search attribute configuration to retrieve.
### Return type
[**SearchAttributeConfig[]**](../models/search-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Specific attribute configuration in ISC. | SearchAttributeConfig[]
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "newMailAttribute" # String | Name of the extended search attribute configuration to retrieve.
# Get Extended Search Attribute
try {
Get-SingleSearchAttributeConfig-Name $Name
# Below is a request that includes all optional parameters
# Get-SingleSearchAttributeConfig -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-SingleSearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-search-attribute-config
Update an existing search attribute configuration.
You can patch these fields:
* name * displayName * applicationAttributes
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | Name of the search attribute configuration to patch.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**SearchAttributeConfig**](../models/search-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The updated search attribute configuration. | SearchAttributeConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Name = "promotedMailAttribute" # String | Name of the search attribute configuration to patch.
# JsonPatchOperation[] |
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update Extended Search Attribute
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-SearchAttributeConfig-Name $Name -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-SearchAttributeConfig -Name $Name -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

290
docs/tools/sdk/powershell/refrence/v3/Methods/SegmentsApi.md Normal file
View File

@@ -0,0 +1,290 @@
---
id: segments
title: Segments
pagination_label: Segments
sidebar_label: Segments
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Segments']
slug: /tools/sdk/powershell/v3/methods/segments
tags: ['SDK', 'Software Development Kit', 'Segments']
---
# Segments
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-Segment**](#create-segment) | **POST** `/segments` | Create Segment
[**Remove-Segment**](#delete-segment) | **DELETE** `/segments/{id}` | Delete Segment by ID
[**Get-Segment**](#get-segment) | **GET** `/segments/{id}` | Get Segment by ID
[**Get-Segments**](#list-segments) | **GET** `/segments` | List Segments
[**Update-Segment**](#patch-segment) | **PATCH** `/segments/{id}` | Update Segment
## create-segment
This API creates a segment.
>**Note:** Segment definitions may take time to propagate to all identities.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Segment | [**Segment**](../models/segment) | True |
### Return type
[**Segment**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Segment created | Segment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Segment = @"{
"owner" : {
"name" : "support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"created" : "2020-01-01T00:00:00Z",
"visibilityCriteria" : {
"expression" : {
"children" : [ ],
"attribute" : "location",
"value" : {
"type" : "STRING",
"value" : "Austin"
},
"operator" : "EQUALS"
}
},
"name" : "segment-xyz",
"modified" : "2020-01-01T00:00:00Z",
"description" : "This segment represents xyz",
"active" : true,
"id" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde"
}"@
# Create Segment
try {
$Result = ConvertFrom-JsonToSegment -Json $Segment
New-Segment-Segment $Result
# Below is a request that includes all optional parameters
# New-Segment -Segment $Segment
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-segment
This API deletes the segment specified by the given ID.
>**Note:** that segment deletion may take some time to become effective.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The segment ID to delete.
# Delete Segment by ID
try {
Remove-Segment-Id $Id
# Below is a request that includes all optional parameters
# Remove-Segment -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-segment
This API returns the segment specified by the given ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to retrieve.
### Return type
[**Segment**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Segment | Segment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The segment ID to retrieve.
# Get Segment by ID
try {
Get-Segment-Id $Id
# Below is a request that includes all optional parameters
# Get-Segment -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-segments
This API returns a list of all segments.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**Segment[]**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all segments | Segment[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Segments
try {
Get-Segments
# Below is a request that includes all optional parameters
# Get-Segments -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Segments"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-segment
Use this API to update segment fields by using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
>**Note:** Changes to a segment may take some time to propagate to all identities.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to modify.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * owner * visibilityCriteria * active
### Return type
[**Segment**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the segment&#39;s new representation. | Segment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The segment ID to modify.
$RequestBody = # SystemCollectionsHashtable[] | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * owner * visibilityCriteria * active
$RequestBody = @"[{op=replace, path=/visibilityCriteria, value={expression={operator=AND, children=[{operator=EQUALS, attribute=location, value={type=STRING, value=Philadelphia}}, {operator=EQUALS, attribute=department, value={type=STRING, value=HR}}]}}}]"@
# Update Segment
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-Segment-Id $Id -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-Segment -Id $Id -RequestBody $RequestBody
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

572
docs/tools/sdk/powershell/refrence/v3/Methods/ServiceDeskIntegrationApi.md Normal file
View File

@@ -0,0 +1,572 @@
---
id: service-desk-integration
title: ServiceDeskIntegration
pagination_label: ServiceDeskIntegration
sidebar_label: ServiceDeskIntegration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceDeskIntegration']
slug: /tools/sdk/powershell/v3/methods/service-desk-integration
tags: ['SDK', 'Software Development Kit', 'ServiceDeskIntegration']
---
# ServiceDeskIntegration
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-ServiceDeskIntegration**](#create-service-desk-integration) | **POST** `/service-desk-integrations` | Create new Service Desk integration
[**Remove-ServiceDeskIntegration**](#delete-service-desk-integration) | **DELETE** `/service-desk-integrations/{id}` | Delete a Service Desk integration
[**Get-ServiceDeskIntegration**](#get-service-desk-integration) | **GET** `/service-desk-integrations/{id}` | Get a Service Desk integration
[**Get-ServiceDeskIntegrationTemplate**](#get-service-desk-integration-template) | **GET** `/service-desk-integrations/templates/{scriptName}` | Service Desk integration template by scriptName
[**Get-ServiceDeskIntegrationTypes**](#get-service-desk-integration-types) | **GET** `/service-desk-integrations/types` | List Service Desk integration types
[**Get-ServiceDeskIntegrations**](#get-service-desk-integrations) | **GET** `/service-desk-integrations` | List existing Service Desk integrations
[**Get-StatusCheckDetails**](#get-status-check-details) | **GET** `/service-desk-integrations/status-check-configuration` | Get the time check configuration
[**Update-ServiceDeskIntegration**](#patch-service-desk-integration) | **PATCH** `/service-desk-integrations/{id}` | Patch a Service Desk Integration
[**Send-ServiceDeskIntegration**](#put-service-desk-integration) | **PUT** `/service-desk-integrations/{id}` | Update a Service Desk integration
[**Update-StatusCheckDetails**](#update-status-check-details) | **PUT** `/service-desk-integrations/status-check-configuration` | Update the time check configuration
## create-service-desk-integration
Create a new Service Desk integration.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ServiceDeskIntegrationDto | [**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto) | True | The specifics of a new integration to create
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Details of the created integration | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ServiceDeskIntegrationDto = @"{
"ownerRef" : "",
"cluster" : "xyzzy999",
"created" : "2024-01-17T18:45:25.994Z",
"description" : "A very nice Service Desk integration",
"clusterRef" : "",
"type" : "ServiceNowSDIM",
"managedSources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"provisioningConfig" : {
"managedResourceRefs" : [ {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb051111",
"name" : "My Source 1"
}, {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb052222",
"name" : "My Source 2"
} ],
"provisioningRequestExpiration" : 7,
"noProvisioningRequests" : true,
"universalManager" : true,
"planInitializerScript" : {
"source" : "<?xml version='1.0' encoding='UTF-8'?>\\r\\n<!DOCTYPE Rule PUBLIC \\\"sailpoint.dtd\\\" \\\"sailpoint.dtd\\\">\\r\\n<Rule name=\\\"Example Rule\\\" type=\\\"BeforeProvisioning\\\">\\r\\n <Description>Before Provisioning Rule which changes disables and enables to a modify.</Description>\\r\\n <Source><![CDATA[\\r\\nimport sailpoint.object.*;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest.Operation;\\r\\nimport sailpoint.object.ProvisioningPlan.AttributeRequest;\\r\\nimport sailpoint.object.ProvisioningPlan;\\r\\nimport sailpoint.object.ProvisioningPlan.Operation;\\r\\n\\r\\nfor ( AccountRequest accountRequest : plan.getAccountRequests() ) {\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Disable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Enable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n}\\r\\n\\r\\n ]]></Source>\n"
}
},
"name" : "Service Desk Integration Name",
"modified" : "2024-02-18T18:45:25.994Z",
"attributes" : {
"property" : "value",
"key" : "value"
},
"id" : "62945a496ef440189b1f03e3623411c8",
"beforeProvisioningRule" : ""
}"@
# Create new Service Desk integration
try {
$Result = ConvertFrom-JsonToServiceDeskIntegrationDto -Json $ServiceDeskIntegrationDto
New-ServiceDeskIntegration-ServiceDeskIntegrationDto $Result
# Below is a request that includes all optional parameters
# New-ServiceDeskIntegration -ServiceDeskIntegrationDto $ServiceDeskIntegrationDto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-service-desk-integration
Delete an existing Service Desk integration by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of Service Desk integration to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | Service Desk integration with the given ID successfully deleted |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of Service Desk integration to delete
# Delete a Service Desk integration
try {
Remove-ServiceDeskIntegration-Id $Id
# Below is a request that includes all optional parameters
# Remove-ServiceDeskIntegration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integration
Get an existing Service Desk integration by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to get
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | ServiceDeskIntegrationDto with the given ID | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to get
# Get a Service Desk integration
try {
Get-ServiceDeskIntegration-Id $Id
# Below is a request that includes all optional parameters
# Get-ServiceDeskIntegration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integration-template
This API endpoint returns an existing Service Desk integration template by scriptName.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the Service Desk integration template to get
### Return type
[**ServiceDeskIntegrationTemplateDto**](../models/service-desk-integration-template-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the ServiceDeskIntegrationTemplateDto with the specified scriptName. | ServiceDeskIntegrationTemplateDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the Service Desk integration template to get
# Service Desk integration template by scriptName
try {
Get-ServiceDeskIntegrationTemplate-ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-ServiceDeskIntegrationTemplate -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegrationTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integration-types
This API endpoint returns the current list of supported Service Desk integration types.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceDeskIntegrationTemplateType[]**](../models/service-desk-integration-template-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with an array of the currently supported Service Desk integration types. | ServiceDeskIntegrationTemplateType[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Service Desk integration types
try {
Get-ServiceDeskIntegrationTypes
# Below is a request that includes all optional parameters
# Get-ServiceDeskIntegrationTypes
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegrationTypes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integrations
Get a list of Service Desk integration objects.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq* **type**: *eq, in* **cluster**: *eq, in*
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ServiceDeskIntegrationDto[]**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of ServiceDeskIntegrationDto | ServiceDeskIntegrationDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
$Filters = 'name eq "John Doe"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq* **type**: *eq, in* **cluster**: *eq, in* (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List existing Service Desk integrations
try {
Get-ServiceDeskIntegrations
# Below is a request that includes all optional parameters
# Get-ServiceDeskIntegrations -Offset $Offset -Limit $Limit -Sorters $Sorters -Filters $Filters -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegrations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-status-check-details
Get the time check configuration of queued SDIM tickets.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**QueuedCheckConfigDetails**](../models/queued-check-config-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | QueuedCheckConfigDetails containing the configured values | QueuedCheckConfigDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get the time check configuration
try {
Get-StatusCheckDetails
# Below is a request that includes all optional parameters
# Get-StatusCheckDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-StatusCheckDetails"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-service-desk-integration
Update an existing Service Desk integration by ID with a PATCH request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to update
Body | PatchServiceDeskIntegrationRequest | [**PatchServiceDeskIntegrationRequest**](../models/patch-service-desk-integration-request) | True | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | ServiceDeskIntegrationDto as updated | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to update
$PatchServiceDeskIntegrationRequest = @""@
# Patch a Service Desk Integration
try {
$Result = ConvertFrom-JsonToPatchServiceDeskIntegrationRequest -Json $PatchServiceDeskIntegrationRequest
Update-ServiceDeskIntegration-Id $Id -PatchServiceDeskIntegrationRequest $Result
# Below is a request that includes all optional parameters
# Update-ServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $PatchServiceDeskIntegrationRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-service-desk-integration
Update an existing Service Desk integration by ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to update
Body | ServiceDeskIntegrationDto | [**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto) | True | The specifics of the integration to update
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | ServiceDeskIntegrationDto as updated | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to update
$ServiceDeskIntegrationDto = @"{
"ownerRef" : "",
"cluster" : "xyzzy999",
"created" : "2024-01-17T18:45:25.994Z",
"description" : "A very nice Service Desk integration",
"clusterRef" : "",
"type" : "ServiceNowSDIM",
"managedSources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"provisioningConfig" : {
"managedResourceRefs" : [ {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb051111",
"name" : "My Source 1"
}, {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb052222",
"name" : "My Source 2"
} ],
"provisioningRequestExpiration" : 7,
"noProvisioningRequests" : true,
"universalManager" : true,
"planInitializerScript" : {
"source" : "<?xml version='1.0' encoding='UTF-8'?>\\r\\n<!DOCTYPE Rule PUBLIC \\\"sailpoint.dtd\\\" \\\"sailpoint.dtd\\\">\\r\\n<Rule name=\\\"Example Rule\\\" type=\\\"BeforeProvisioning\\\">\\r\\n <Description>Before Provisioning Rule which changes disables and enables to a modify.</Description>\\r\\n <Source><![CDATA[\\r\\nimport sailpoint.object.*;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest.Operation;\\r\\nimport sailpoint.object.ProvisioningPlan.AttributeRequest;\\r\\nimport sailpoint.object.ProvisioningPlan;\\r\\nimport sailpoint.object.ProvisioningPlan.Operation;\\r\\n\\r\\nfor ( AccountRequest accountRequest : plan.getAccountRequests() ) {\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Disable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Enable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n}\\r\\n\\r\\n ]]></Source>\n"
}
},
"name" : "Service Desk Integration Name",
"modified" : "2024-02-18T18:45:25.994Z",
"attributes" : {
"property" : "value",
"key" : "value"
},
"id" : "62945a496ef440189b1f03e3623411c8",
"beforeProvisioningRule" : ""
}"@
# Update a Service Desk integration
try {
$Result = ConvertFrom-JsonToServiceDeskIntegrationDto -Json $ServiceDeskIntegrationDto
Send-ServiceDeskIntegration-Id $Id -ServiceDeskIntegrationDto $Result
# Below is a request that includes all optional parameters
# Send-ServiceDeskIntegration -Id $Id -ServiceDeskIntegrationDto $ServiceDeskIntegrationDto
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-status-check-details
Update the time check configuration of queued SDIM tickets.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | QueuedCheckConfigDetails | [**QueuedCheckConfigDetails**](../models/queued-check-config-details) | True | The modified time check configuration
### Return type
[**QueuedCheckConfigDetails**](../models/queued-check-config-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | QueuedCheckConfigDetails as updated | QueuedCheckConfigDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$QueuedCheckConfigDetails = @"{
"provisioningStatusCheckIntervalMinutes" : "30",
"provisioningMaxStatusCheckDays" : "2"
}"@
# Update the time check configuration
try {
$Result = ConvertFrom-JsonToQueuedCheckConfigDetails -Json $QueuedCheckConfigDetails
Update-StatusCheckDetails-QueuedCheckConfigDetails $Result
# Below is a request that includes all optional parameters
# Update-StatusCheckDetails -QueuedCheckConfigDetails $QueuedCheckConfigDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-StatusCheckDetails"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

121
docs/tools/sdk/powershell/refrence/v3/Methods/SourceUsagesApi.md Normal file
View File

@@ -0,0 +1,121 @@
---
id: source-usages
title: SourceUsages
pagination_label: SourceUsages
sidebar_label: SourceUsages
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceUsages']
slug: /tools/sdk/powershell/v3/methods/source-usages
tags: ['SDK', 'Software Development Kit', 'SourceUsages']
---
# SourceUsages
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-StatusBySourceId**](#get-status-by-source-id) | **GET** `/source-usages/{sourceId}/status` | Finds status of source usage
[**Get-UsagesBySourceId**](#get-usages-by-source-id) | **GET** `/source-usages/{sourceId}/summaries` | Returns source usage insights
## get-status-by-source-id
This API returns the status of the source usage insights setup by IDN source ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceId | **String** | True | ID of IDN source
### Return type
[**SourceUsageStatus**](../models/source-usage-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the source usage insights setup by IDN source ID. | SourceUsageStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$SourceId = "2c9180835d191a86015d28455b4a2329" # String | ID of IDN source
# Finds status of source usage
try {
Get-StatusBySourceId-SourceId $SourceId
# Below is a request that includes all optional parameters
# Get-StatusBySourceId -SourceId $SourceId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-StatusBySourceId"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-usages-by-source-id
This API returns a summary of source usage insights for past 12 months.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceId | **String** | True | ID of IDN source
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date**
### Return type
[**SourceUsage[]**](../models/source-usage)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of source usage insights for past 12 months. | SourceUsage[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$SourceId = "2c9180835d191a86015d28455b4a2329" # String | ID of IDN source
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "-date" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date** (optional)
# Returns source usage insights
try {
Get-UsagesBySourceId-SourceId $SourceId
# Below is a request that includes all optional parameters
# Get-UsagesBySourceId -SourceId $SourceId -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-UsagesBySourceId"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1767
docs/tools/sdk/powershell/refrence/v3/Methods/SourcesApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

458
docs/tools/sdk/powershell/refrence/v3/Methods/TaggedObjectsApi.md Normal file
View File

@@ -0,0 +1,458 @@
---
id: tagged-objects
title: TaggedObjects
pagination_label: TaggedObjects
sidebar_label: TaggedObjects
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'TaggedObjects']
slug: /tools/sdk/powershell/v3/methods/tagged-objects
tags: ['SDK', 'Software Development Kit', 'TaggedObjects']
---
# TaggedObjects
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Remove-TaggedObject**](#delete-tagged-object) | **DELETE** `/tagged-objects/{type}/{id}` | Delete Object Tags
[**Remove-TagsToManyObject**](#delete-tags-to-many-object) | **POST** `/tagged-objects/bulk-remove` | Remove Tags from Multiple Objects
[**Get-TaggedObject**](#get-tagged-object) | **GET** `/tagged-objects/{type}/{id}` | Get Tagged Object
[**Get-TaggedObjects**](#list-tagged-objects) | **GET** `/tagged-objects` | List Tagged Objects
[**Get-TaggedObjectsByType**](#list-tagged-objects-by-type) | **GET** `/tagged-objects/{type}` | List Tagged Objects by Type
[**Send-TaggedObject**](#put-tagged-object) | **PUT** `/tagged-objects/{type}/{id}` | Update Tagged Object
[**Set-TagToObject**](#set-tag-to-object) | **POST** `/tagged-objects` | Add Tag to Object
[**Set-TagsToManyObjects**](#set-tags-to-many-objects) | **POST** `/tagged-objects/bulk-add` | Tag Multiple Objects
## delete-tagged-object
Delete all tags from a tagged object.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of object to delete tags from.
Path | Id | **String** | True | The ID of the object to delete tags from.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of object to delete tags from.
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the object to delete tags from.
# Delete Object Tags
try {
Remove-TaggedObject-Type $Type -Id $Id
# Below is a request that includes all optional parameters
# Remove-TaggedObject -Type $Type -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-TaggedObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-tags-to-many-object
This API removes tags from multiple objects.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | BulkRemoveTaggedObject | [**BulkRemoveTaggedObject**](../models/bulk-remove-tagged-object) | True | Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$BulkRemoveTaggedObject = @"{
"objectRefs" : [ {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}, {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
} ],
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Remove Tags from Multiple Objects
try {
$Result = ConvertFrom-JsonToBulkRemoveTaggedObject -Json $BulkRemoveTaggedObject
Remove-TagsToManyObject-BulkRemoveTaggedObject $Result
# Below is a request that includes all optional parameters
# Remove-TagsToManyObject -BulkRemoveTaggedObject $BulkRemoveTaggedObject
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-TagsToManyObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-tagged-object
This gets a tagged object for the specified type.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of tagged object to retrieve.
Path | Id | **String** | True | The ID of the object reference to retrieve.
### Return type
[**TaggedObject**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Tagged object by type and ID. | TaggedObject
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of tagged object to retrieve.
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the object reference to retrieve.
# Get Tagged Object
try {
Get-TaggedObject-Type $Type -Id $Id
# Below is a request that includes all optional parameters
# Get-TaggedObject -Type $Type -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-TaggedObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-tagged-objects
This API returns a list of all tagged objects.
Any authenticated token may be used to call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq, in* **objectRef.type**: *eq, in* **tagName**: *eq, in*
### Return type
[**TaggedObject[]**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all tagged objects. | TaggedObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'tagName eq "BU_FINANCE"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq, in* **objectRef.type**: *eq, in* **tagName**: *eq, in* (optional)
# List Tagged Objects
try {
Get-TaggedObjects
# Below is a request that includes all optional parameters
# Get-TaggedObjects -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-TaggedObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-tagged-objects-by-type
This API returns a list of all tagged objects by type.
Any authenticated token may be used to call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of tagged object to retrieve.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq* **objectRef.type**: *eq*
### Return type
[**TaggedObject[]**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all tagged objects for specified type. | TaggedObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of tagged object to retrieve.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'objectRef.id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq* **objectRef.type**: *eq* (optional)
# List Tagged Objects by Type
try {
Get-TaggedObjectsByType-Type $Type
# Below is a request that includes all optional parameters
# Get-TaggedObjectsByType -Type $Type -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-TaggedObjectsByType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-tagged-object
This updates a tagged object for the specified type.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of tagged object to update.
Path | Id | **String** | True | The ID of the object reference to update.
Body | TaggedObject | [**TaggedObject**](../models/tagged-object) | True |
### Return type
[**TaggedObject**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Tagged object by type and ID. | TaggedObject
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of tagged object to update.
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the object reference to update.
$TaggedObject = @"{
"objectRef" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Update Tagged Object
try {
$Result = ConvertFrom-JsonToTaggedObject -Json $TaggedObject
Send-TaggedObject-Type $Type -Id $Id -TaggedObject $Result
# Below is a request that includes all optional parameters
# Send-TaggedObject -Type $Type -Id $Id -TaggedObject $TaggedObject
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-TaggedObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-tag-to-object
This adds a tag to an object.
Any authenticated token may be used to call this API.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | TaggedObject | [**TaggedObject**](../models/tagged-object) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$TaggedObject = @"{
"objectRef" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Add Tag to Object
try {
$Result = ConvertFrom-JsonToTaggedObject -Json $TaggedObject
Set-TagToObject-TaggedObject $Result
# Below is a request that includes all optional parameters
# Set-TagToObject -TaggedObject $TaggedObject
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-TagToObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-tags-to-many-objects
This API adds tags to multiple objects.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | BulkAddTaggedObject | [**BulkAddTaggedObject**](../models/bulk-add-tagged-object) | True | Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.
### Return type
[**BulkTaggedObjectResponse[]**](../models/bulk-tagged-object-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | BulkTaggedObjectResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$BulkAddTaggedObject = @"{
"objectRefs" : [ {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}, {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
} ],
"operation" : "MERGE",
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Tag Multiple Objects
try {
$Result = ConvertFrom-JsonToBulkAddTaggedObject -Json $BulkAddTaggedObject
Set-TagsToManyObjects-BulkAddTaggedObject $Result
# Below is a request that includes all optional parameters
# Set-TagsToManyObjects -BulkAddTaggedObject $BulkAddTaggedObject
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-TagsToManyObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

307
docs/tools/sdk/powershell/refrence/v3/Methods/TransformsApi.md Normal file
View File

@@ -0,0 +1,307 @@
---
id: transforms
title: Transforms
pagination_label: Transforms
sidebar_label: Transforms
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Transforms']
slug: /tools/sdk/powershell/v3/methods/transforms
tags: ['SDK', 'Software Development Kit', 'Transforms']
---
# Transforms
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-Transform**](#create-transform) | **POST** `/transforms` | Create transform
[**Remove-Transform**](#delete-transform) | **DELETE** `/transforms/{id}` | Delete a transform
[**Get-Transform**](#get-transform) | **GET** `/transforms/{id}` | Transform by ID
[**Get-Transforms**](#list-transforms) | **GET** `/transforms` | List transforms
[**Update-Transform**](#update-transform) | **PUT** `/transforms/{id}` | Update a transform
## create-transform
Creates a new transform object immediately. By default, the internal flag is set to false to indicate that this is a custom transform. Only SailPoint employees have the ability to create a transform with internal set to true. Newly created Transforms can be used in the Identity Profile mappings within the UI.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Transform | [**Transform**](../models/transform) | True | The transform to be created.
### Return type
[**TransformRead**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Indicates the transform was successfully created and returns its representation. | TransformRead
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Transform = @"{
"name" : "Timestamp To Date",
"attributes" : {
"input" : {
"type" : "accountAttribute",
"attributes" : {
"attributeName" : "first_name",
"sourceName" : "Source"
}
},
"accountSortAttribute" : "created",
"accountReturnFirstLink" : false,
"requiresPeriodicRefresh" : false,
"accountPropertyFilter" : "(groups.containsAll({'Admin'}) || location == 'Austin')",
"attributeName" : "DEPARTMENT",
"accountSortDescending" : false,
"sourceName" : "Workday",
"accountFilter" : "!(nativeIdentity.startsWith(\"*DELETED*\"))"
},
"type" : "dateFormat"
}"@
# Create transform
try {
$Result = ConvertFrom-JsonToTransform -Json $Transform
New-Transform-Transform $Result
# Below is a request that includes all optional parameters
# New-Transform -Transform $Transform
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-transform
Deletes the transform specified by the given ID. Attempting to delete a transform that is used in one or more Identity Profile mappings will result in an error. If this occurs, you must first remove the transform from all mappings before deleting the transform.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the transform to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2cd78adghjkja34jh2b1hkjhasuecd" # String | ID of the transform to delete
# Delete a transform
try {
Remove-Transform-Id $Id
# Below is a request that includes all optional parameters
# Remove-Transform -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-transform
This API returns the transform specified by the given ID.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the transform to retrieve
### Return type
[**TransformRead**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Transform with the given ID | TransformRead
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2cd78adghjkja34jh2b1hkjhasuecd" # String | ID of the transform to retrieve
# Transform by ID
try {
Get-Transform-Id $Id
# Below is a request that includes all optional parameters
# Get-Transform -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-transforms
Gets a list of all saved transform objects.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Name | **String** | (optional) | Name of the transform to retrieve from the list.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **internal**: *eq* **name**: *eq, sw*
### Return type
[**TransformRead[]**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of transforms matching the given criteria. | TransformRead[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Name = "ExampleTransformName123" # String | Name of the transform to retrieve from the list. (optional)
$Filters = 'name eq "Uppercase"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **internal**: *eq* **name**: *eq, sw* (optional)
# List transforms
try {
Get-Transforms
# Below is a request that includes all optional parameters
# Get-Transforms -Offset $Offset -Limit $Limit -Count $Count -Name $Name -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Transforms"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-transform
Replaces the transform specified by the given ID with the transform provided in the request body. Only the "attributes" field is mutable. Attempting to change other properties (ex. "name" and "type") will result in an error.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the transform to update
Body | Transform | [**Transform**](../models/transform) | (optional) | The updated transform object. Must include ""name"", ""type"", and ""attributes"" fields, but ""name"" and ""type"" must not be modified.
### Return type
[**TransformRead**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the transform was successfully updated and returns its new representation. | TransformRead
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2cd78adghjkja34jh2b1hkjhasuecd" # String | ID of the transform to update
$Transform = @"{
"name" : "Timestamp To Date",
"attributes" : {
"input" : {
"type" : "accountAttribute",
"attributes" : {
"attributeName" : "first_name",
"sourceName" : "Source"
}
},
"accountSortAttribute" : "created",
"accountReturnFirstLink" : false,
"requiresPeriodicRefresh" : false,
"accountPropertyFilter" : "(groups.containsAll({'Admin'}) || location == 'Austin')",
"attributeName" : "DEPARTMENT",
"accountSortDescending" : false,
"sourceName" : "Workday",
"accountFilter" : "!(nativeIdentity.startsWith(\"*DELETED*\"))"
},
"type" : "dateFormat"
}"@
# Update a transform
try {
Update-Transform-Id $Id
# Below is a request that includes all optional parameters
# Update-Transform -Id $Id -Transform $Transform
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

209
docs/tools/sdk/powershell/refrence/v3/Methods/VendorConnectorMappingsApi.md Normal file
View File

@@ -0,0 +1,209 @@
---
id: vendor-connector-mappings
title: VendorConnectorMappings
pagination_label: VendorConnectorMappings
sidebar_label: VendorConnectorMappings
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'VendorConnectorMappings']
slug: /tools/sdk/powershell/v3/methods/vendor-connector-mappings
tags: ['SDK', 'Software Development Kit', 'VendorConnectorMappings']
---
# VendorConnectorMappings
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-VendorConnectorMapping**](#create-vendor-connector-mapping) | **POST** `/vendor-connector-mappings` | Create Vendor Connector Mapping
[**Remove-VendorConnectorMapping**](#delete-vendor-connector-mapping) | **DELETE** `/vendor-connector-mappings` | Delete Vendor Connector Mapping
[**Get-VendorConnectorMappings**](#get-vendor-connector-mappings) | **GET** `/vendor-connector-mappings` | List Vendor Connector Mappings
## create-vendor-connector-mapping
Create a new mapping between a SaaS vendor and an ISC connector to establish correlation paths.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | VendorConnectorMapping | [**VendorConnectorMapping**](../models/vendor-connector-mapping) | True |
### Return type
[**VendorConnectorMapping**](../models/vendor-connector-mapping)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully created a new vendor connector mapping. | VendorConnectorMapping
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
405 | Method Not Allowed - indicates that the server knows the request method, but the target resource doesn&#39;t support this method. | GetVendorConnectorMappings405Response
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$VendorConnectorMapping = @"{
"createdAt" : "2024-03-13T12:56:19.391294Z",
"deletedAt" : {
"Valid" : false,
"Time" : "0001-01-01T00:00:00Z"
},
"updatedBy" : {
"Valid" : true,
"String" : "user-67891"
},
"connector" : "Example connector",
"createdBy" : "admin",
"vendor" : "Example vendor",
"id" : "78733556-9ea3-4f59-bf69-e5cd92b011b4",
"deletedBy" : {
"Valid" : false,
"String" : ""
},
"updatedAt" : {
"Valid" : true,
"Time" : "2024-03-14T12:56:19.391294Z"
}
}"@
# Create Vendor Connector Mapping
try {
$Result = ConvertFrom-JsonToVendorConnectorMapping -Json $VendorConnectorMapping
New-VendorConnectorMapping-VendorConnectorMapping $Result
# Below is a request that includes all optional parameters
# New-VendorConnectorMapping -VendorConnectorMapping $VendorConnectorMapping
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-VendorConnectorMapping"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-vendor-connector-mapping
Soft delete a mapping between a SaaS vendor and an ISC connector, removing the established correlation.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | VendorConnectorMapping | [**VendorConnectorMapping**](../models/vendor-connector-mapping) | True |
### Return type
[**DeleteVendorConnectorMapping200Response**](../models/delete-vendor-connector-mapping200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully deleted the specified vendor connector mapping. | DeleteVendorConnectorMapping200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$VendorConnectorMapping = @"{
"createdAt" : "2024-03-13T12:56:19.391294Z",
"deletedAt" : {
"Valid" : false,
"Time" : "0001-01-01T00:00:00Z"
},
"updatedBy" : {
"Valid" : true,
"String" : "user-67891"
},
"connector" : "Example connector",
"createdBy" : "admin",
"vendor" : "Example vendor",
"id" : "78733556-9ea3-4f59-bf69-e5cd92b011b4",
"deletedBy" : {
"Valid" : false,
"String" : ""
},
"updatedAt" : {
"Valid" : true,
"Time" : "2024-03-14T12:56:19.391294Z"
}
}"@
# Delete Vendor Connector Mapping
try {
$Result = ConvertFrom-JsonToVendorConnectorMapping -Json $VendorConnectorMapping
Remove-VendorConnectorMapping-VendorConnectorMapping $Result
# Below is a request that includes all optional parameters
# Remove-VendorConnectorMapping -VendorConnectorMapping $VendorConnectorMapping
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-VendorConnectorMapping"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-vendor-connector-mappings
Get a list of mappings between SaaS vendors and ISC connectors, detailing the connections established for correlation.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**VendorConnectorMapping[]**](../models/vendor-connector-mapping)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully retrieved list. | VendorConnectorMapping[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
405 | Method Not Allowed - indicates that the server knows the request method, but the target resource doesn&#39;t support this method. | GetVendorConnectorMappings405Response
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Vendor Connector Mappings
try {
Get-VendorConnectorMappings
# Below is a request that includes all optional parameters
# Get-VendorConnectorMappings
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-VendorConnectorMappings"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

651
docs/tools/sdk/powershell/refrence/v3/Methods/WorkItemsApi.md Normal file
View File

@@ -0,0 +1,651 @@
---
id: work-items
title: WorkItems
pagination_label: WorkItems
sidebar_label: WorkItems
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'WorkItems']
slug: /tools/sdk/powershell/v3/methods/work-items
tags: ['SDK', 'Software Development Kit', 'WorkItems']
---
# WorkItems
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Approve-ApprovalItem**](#approve-approval-item) | **POST** `/work-items/{id}/approve/{approvalItemId}` | Approve an Approval Item
[**Approve-ApprovalItemsInBulk**](#approve-approval-items-in-bulk) | **POST** `/work-items/bulk-approve/{id}` | Bulk approve Approval Items
[**Complete-WorkItem**](#complete-work-item) | **POST** `/work-items/{id}` | Complete a Work Item
[**Get-CompletedWorkItems**](#get-completed-work-items) | **GET** `/work-items/completed` | Completed Work Items
[**Get-CountCompletedWorkItems**](#get-count-completed-work-items) | **GET** `/work-items/completed/count` | Count Completed Work Items
[**Get-CountWorkItems**](#get-count-work-items) | **GET** `/work-items/count` | Count Work Items
[**Get-WorkItem**](#get-work-item) | **GET** `/work-items/{id}` | Get a Work Item
[**Get-WorkItemsSummary**](#get-work-items-summary) | **GET** `/work-items/summary` | Work Items Summary
[**Get-WorkItems**](#list-work-items) | **GET** `/work-items` | List Work Items
[**Deny-ApprovalItem**](#reject-approval-item) | **POST** `/work-items/{id}/reject/{approvalItemId}` | Reject an Approval Item
[**Deny-ApprovalItemsInBulk**](#reject-approval-items-in-bulk) | **POST** `/work-items/bulk-reject/{id}` | Bulk reject Approval Items
[**Send-WorkItemForward**](#send-work-item-forward) | **POST** `/work-items/{id}/forward` | Forward a Work Item
[**Submit-AccountSelection**](#submit-account-selection) | **POST** `/work-items/{id}/submit-account-selection` | Submit Account Selections
## approve-approval-item
This API approves an Approval Item. Either an admin, or the owning/current user must make this request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
Path | ApprovalItemId | **String** | True | The ID of the approval item.
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
$ApprovalItemId = "1211bcaa32112bcef6122adb21cef1ac" # String | The ID of the approval item.
# Approve an Approval Item
try {
Approve-ApprovalItem-Id $Id -ApprovalItemId $ApprovalItemId
# Below is a request that includes all optional parameters
# Approve-ApprovalItem -Id $Id -ApprovalItemId $ApprovalItemId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-ApprovalItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## approve-approval-items-in-bulk
This API bulk approves Approval Items. Either an admin, or the owning/current user must make this request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
# Bulk approve Approval Items
try {
Approve-ApprovalItemsInBulk-Id $Id
# Below is a request that includes all optional parameters
# Approve-ApprovalItemsInBulk -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-ApprovalItemsInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## complete-work-item
This API completes a work item. Either an admin, or the owning/current user must make this request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A WorkItems object | WorkItems
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
# Complete a Work Item
try {
Complete-WorkItem-Id $Id
# Below is a request that includes all optional parameters
# Complete-WorkItem -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Complete-WorkItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-completed-work-items
This gets a collection of completed work items belonging to either the specified user(admin required), or the current user.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**WorkItems[]**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of completed work items. | WorkItems[]
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "1211bcaa32112bcef6122adb21cef1ac" # String | The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Completed Work Items
try {
Get-CompletedWorkItems
# Below is a request that includes all optional parameters
# Get-CompletedWorkItems -OwnerId $OwnerId -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CompletedWorkItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-count-completed-work-items
This gets a count of completed work items belonging to either the specified user(admin required), or the current user.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | ID of the work item owner.
### Return type
[**WorkItemsCount**](../models/work-items-count)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItemsCount
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "1211bcaa32112bcef6122adb21cef1ac" # String | ID of the work item owner. (optional)
# Count Completed Work Items
try {
Get-CountCompletedWorkItems
# Below is a request that includes all optional parameters
# Get-CountCompletedWorkItems -OwnerId $OwnerId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CountCompletedWorkItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-count-work-items
This gets a count of work items belonging to either the specified user(admin required), or the current user.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | ID of the work item owner.
### Return type
[**WorkItemsCount**](../models/work-items-count)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItemsCount
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "ef38f94347e94562b5bb8424a56397d8" # String | ID of the work item owner. (optional)
# Count Work Items
try {
Get-CountWorkItems
# Below is a request that includes all optional parameters
# Get-CountWorkItems -OwnerId $OwnerId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CountWorkItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-work-item
This gets the details of a Work Item belonging to either the specified user(admin required), or the current user.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the work item.
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The work item with the given ID. | WorkItems
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180835d191a86015d28455b4a2329" # String | ID of the work item.
# Get a Work Item
try {
Get-WorkItem-Id $Id
# Below is a request that includes all optional parameters
# Get-WorkItem -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-work-items-summary
This gets a summary of work items belonging to either the specified user(admin required), or the current user.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | ID of the work item owner.
### Return type
[**WorkItemsSummary**](../models/work-items-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItemsSummary
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "1211bcaa32112bcef6122adb21cef1ac" # String | ID of the work item owner. (optional)
# Work Items Summary
try {
Get-WorkItemsSummary
# Below is a request that includes all optional parameters
# Get-WorkItemsSummary -OwnerId $OwnerId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkItemsSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-work-items
This gets a collection of work items belonging to either the specified user(admin required), or the current user.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | OwnerId | **String** | (optional) | ID of the work item owner.
### Return type
[**WorkItems[]**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItems[]
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$OwnerId = "1211bcaa32112bcef6122adb21cef1ac" # String | ID of the work item owner. (optional)
# List Work Items
try {
Get-WorkItems
# Below is a request that includes all optional parameters
# Get-WorkItems -Limit $Limit -Offset $Offset -Count $Count -OwnerId $OwnerId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reject-approval-item
This API rejects an Approval Item. Either an admin, or the owning/current user must make this request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
Path | ApprovalItemId | **String** | True | The ID of the approval item.
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
$ApprovalItemId = "1211bcaa32112bcef6122adb21cef1ac" # String | The ID of the approval item.
# Reject an Approval Item
try {
Deny-ApprovalItem-Id $Id -ApprovalItemId $ApprovalItemId
# Below is a request that includes all optional parameters
# Deny-ApprovalItem -Id $Id -ApprovalItemId $ApprovalItemId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Deny-ApprovalItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reject-approval-items-in-bulk
This API bulk rejects Approval Items. Either an admin, or the owning/current user must make this request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
# Bulk reject Approval Items
try {
Deny-ApprovalItemsInBulk-Id $Id
# Below is a request that includes all optional parameters
# Deny-ApprovalItemsInBulk -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Deny-ApprovalItemsInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-work-item-forward
This API forwards a work item to a new owner. Either an admin, or the owning/current user must make this request. Accessible to work-item Owner, ORG_ADMIN, REPORT_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
Body | WorkItemForward | [**WorkItemForward**](../models/work-item-forward) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Success, but no data is returned. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
$WorkItemForward = @"{
"targetOwnerId" : "2c9180835d2e5168015d32f890ca1581",
"comment" : "I'm going on vacation.",
"sendNotifications" : true
}"@
# Forward a Work Item
try {
$Result = ConvertFrom-JsonToWorkItemForward -Json $WorkItemForward
Send-WorkItemForward-Id $Id -WorkItemForward $Result
# Below is a request that includes all optional parameters
# Send-WorkItemForward -Id $Id -WorkItemForward $WorkItemForward
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-WorkItemForward"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-account-selection
This API submits account selections. Either an admin, or the owning/current user must make this request.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
Body | RequestBody | [**map[string]AnyType**](https://learn.microsoft.com/en-us/powershell/scripting/lang-spec/chapter-04?view=powershell-7.4) | True | Account Selection Data map, keyed on fieldName
### Return type
[**WorkItems**](../models/work-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
$RequestBody = @{ key_example = } # System.Collections.Hashtable | Account Selection Data map, keyed on fieldName
# Submit Account Selections
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Submit-AccountSelection-Id $Id -RequestBody $Result
# Below is a request that includes all optional parameters
# Submit-AccountSelection -Id $Id -RequestBody $RequestBody
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-AccountSelection"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

937
docs/tools/sdk/powershell/refrence/v3/Methods/WorkflowsApi.md Normal file
View File

@@ -0,0 +1,937 @@
---
id: workflows
title: Workflows
pagination_label: Workflows
sidebar_label: Workflows
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Workflows']
slug: /tools/sdk/powershell/v3/methods/workflows
tags: ['SDK', 'Software Development Kit', 'Workflows']
---
# Workflows
All URIs are relative to *https://sailpoint.api.identitynow.com/v3*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Suspend-WorkflowExecution**](#cancel-workflow-execution) | **POST** `/workflow-executions/{id}/cancel` | Cancel Workflow Execution by ID
[**New-ExternalExecuteWorkflow**](#create-external-execute-workflow) | **POST** `/workflows/execute/external/{id}` | Execute Workflow via External Trigger
[**New-Workflow**](#create-workflow) | **POST** `/workflows` | Create Workflow
[**New-WorkflowExternalTrigger**](#create-workflow-external-trigger) | **POST** `/workflows/{id}/external/oauth-clients` | Generate External Trigger OAuth Client
[**Remove-Workflow**](#delete-workflow) | **DELETE** `/workflows/{id}` | Delete Workflow By Id
[**Get-Workflow**](#get-workflow) | **GET** `/workflows/{id}` | Get Workflow By Id
[**Get-WorkflowExecution**](#get-workflow-execution) | **GET** `/workflow-executions/{id}` | Get Workflow Execution
[**Get-WorkflowExecutionHistory**](#get-workflow-execution-history) | **GET** `/workflow-executions/{id}/history` | Get Workflow Execution History
[**Get-WorkflowExecutions**](#get-workflow-executions) | **GET** `/workflows/{id}/executions` | List Workflow Executions
[**Get-CompleteWorkflowLibrary**](#list-complete-workflow-library) | **GET** `/workflow-library` | List Complete Workflow Library
[**Get-WorkflowLibraryActions**](#list-workflow-library-actions) | **GET** `/workflow-library/actions` | List Workflow Library Actions
[**Get-WorkflowLibraryOperators**](#list-workflow-library-operators) | **GET** `/workflow-library/operators` | List Workflow Library Operators
[**Get-WorkflowLibraryTriggers**](#list-workflow-library-triggers) | **GET** `/workflow-library/triggers` | List Workflow Library Triggers
[**Get-Workflows**](#list-workflows) | **GET** `/workflows` | List Workflows
[**Update-Workflow**](#patch-workflow) | **PATCH** `/workflows/{id}` | Patch Workflow
[**Send-Workflow**](#put-workflow) | **PUT** `/workflows/{id}` | Update Workflow
[**Test-ExternalExecuteWorkflow**](#test-external-execute-workflow) | **POST** `/workflows/execute/external/{id}/test` | Test Workflow via External Trigger
[**Test-Workflow**](#test-workflow) | **POST** `/workflows/{id}/test` | Test Workflow By Id
## cancel-workflow-execution
Use this API to cancel a running workflow execution.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The workflow execution ID
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | The workflow execution ID
# Cancel Workflow Execution by ID
try {
Suspend-WorkflowExecution-Id $Id
# Below is a request that includes all optional parameters
# Suspend-WorkflowExecution -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-WorkflowExecution"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-external-execute-workflow
This endpoint allows a service outside of IdentityNow to initiate a workflow that uses the "External Trigger" step. The external service will invoke this endpoint with the input data it wants to send to the workflow in the body.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
Body | CreateExternalExecuteWorkflowRequest | [**CreateExternalExecuteWorkflowRequest**](../models/create-external-execute-workflow-request) | (optional) |
### Return type
[**CreateExternalExecuteWorkflow200Response**](../models/create-external-execute-workflow200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | CreateExternalExecuteWorkflow200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
$CreateExternalExecuteWorkflowRequest = @""@
# Execute Workflow via External Trigger
try {
New-ExternalExecuteWorkflow-Id $Id
# Below is a request that includes all optional parameters
# New-ExternalExecuteWorkflow -Id $Id -CreateExternalExecuteWorkflowRequest $CreateExternalExecuteWorkflowRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ExternalExecuteWorkflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-workflow
Create a new workflow with the desired trigger and steps specified in the request body.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateWorkflowRequest | [**CreateWorkflowRequest**](../models/create-workflow-request) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateWorkflowRequest = @"{name=Send Email, owner={type=IDENTITY, id=2c91808568c529c60168cca6f90c1313, name=William Wilson}, description=Send an email to the identity who's attributes changed., definition={start=Send Email Test, steps={Send Email={actionId=sp:send-email, attributes={body=This is a test, from=sailpoint@sailpoint.com, recipientId.$=$.identity.id, subject=test}, nextStep=success, selectResult=null, type=action}, success={type=success}}}, enabled=false, trigger={type=EVENT, attributes={id=idn:identity-attributes-changed, filter=$.changes[?(@.attribute == 'manager')]}}}"@
# Create Workflow
try {
$Result = ConvertFrom-JsonToCreateWorkflowRequest -Json $CreateWorkflowRequest
New-Workflow-CreateWorkflowRequest $Result
# Below is a request that includes all optional parameters
# New-Workflow -CreateWorkflowRequest $CreateWorkflowRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-Workflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-workflow-external-trigger
Create OAuth client ID, client secret, and callback URL for use in an external trigger. External triggers will need this information to generate an access token to authenticate to the callback URL and submit a trigger payload that will initiate the workflow.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
### Return type
[**WorkflowOAuthClient**](../models/workflow-o-auth-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The OAuth Client object | WorkflowOAuthClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
# Generate External Trigger OAuth Client
try {
New-WorkflowExternalTrigger-Id $Id
# Below is a request that includes all optional parameters
# New-WorkflowExternalTrigger -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-WorkflowExternalTrigger"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-workflow
Delete a workflow. **Enabled workflows cannot be deleted**. They must first be disabled.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
# Delete Workflow By Id
try {
Remove-Workflow-Id $Id
# Below is a request that includes all optional parameters
# Remove-Workflow -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Workflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-workflow
Get a single workflow by id.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
# Get Workflow By Id
try {
Get-Workflow-Id $Id
# Below is a request that includes all optional parameters
# Get-Workflow -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Workflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-workflow-execution
Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a "404 Not Found" response.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Workflow execution ID.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Workflow execution. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Workflow execution ID.
# Get Workflow Execution
try {
Get-WorkflowExecution-Id $Id
# Below is a request that includes all optional parameters
# Get-WorkflowExecution -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkflowExecution"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-workflow-execution-history
Get a detailed history of a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a 404 Not Found.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow execution
### Return type
[**WorkflowExecutionEvent[]**](../models/workflow-execution-event)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflow execution events for the given workflow execution | WorkflowExecutionEvent[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow execution
# Get Workflow Execution History
try {
Get-WorkflowExecutionHistory-Id $Id
# Below is a request that includes all optional parameters
# Get-WorkflowExecutionHistory -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkflowExecutionHistory"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-workflow-executions
Use this API to list a specified workflow's executions. Workflow executions are available for up to 90 days before being archived. By default, you can get a maximum of 250 executions. To get executions past the first 250 records, you can do the following:
1. Use the [Get Workflows](https://developer.sailpoint.com/idn/api/beta/list-workflows) endpoint to get your workflows.
2. Get your workflow ID from the response.
3. You can then do either of the following:
- Filter to find relevant workflow executions.
For example, you can filter for failed workflow executions: `GET /workflows/:workflowID/executions?filters=status eq "Failed"`
- Paginate through results with the `offset` parameter.
For example, you can page through 50 executions per page and use that as a way to get to the records past the first 250.
Refer to [Paginating Results](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-results) for more information about the query parameters you can use to achieve pagination.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Workflow ID.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **start_time**: *eq, lt, le, gt, ge* **status**: *eq*
### Return type
[**WorkflowExecution[]**](../models/workflow-execution)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflow executions for the specified workflow. | WorkflowExecution[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Workflow ID.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'status eq "Failed"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **start_time**: *eq, lt, le, gt, ge* **status**: *eq* (optional)
# List Workflow Executions
try {
Get-WorkflowExecutions-Id $Id
# Below is a request that includes all optional parameters
# Get-WorkflowExecutions -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkflowExecutions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-complete-workflow-library
This lists all triggers, actions, and operators in the library
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ListCompleteWorkflowLibrary200ResponseInner[]**](../models/list-complete-workflow-library200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflow steps | ListCompleteWorkflowLibrary200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List Complete Workflow Library
try {
Get-CompleteWorkflowLibrary
# Below is a request that includes all optional parameters
# Get-CompleteWorkflowLibrary -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CompleteWorkflowLibrary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-workflow-library-actions
This lists the workflow actions available to you.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq*
### Return type
[**WorkflowLibraryAction[]**](../models/workflow-library-action)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflow actions | WorkflowLibraryAction[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Filters = 'id eq "sp:create-campaign"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* (optional)
# List Workflow Library Actions
try {
Get-WorkflowLibraryActions
# Below is a request that includes all optional parameters
# Get-WorkflowLibraryActions -Limit $Limit -Offset $Offset -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkflowLibraryActions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-workflow-library-operators
This lists the workflow operators available to you
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**WorkflowLibraryOperator[]**](../models/workflow-library-operator)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflow operators | WorkflowLibraryOperator[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Workflow Library Operators
try {
Get-WorkflowLibraryOperators
# Below is a request that includes all optional parameters
# Get-WorkflowLibraryOperators
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkflowLibraryOperators"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-workflow-library-triggers
This lists the workflow triggers available to you
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq*
### Return type
[**WorkflowLibraryTrigger[]**](../models/workflow-library-trigger)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflow triggers | WorkflowLibraryTrigger[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Filters = 'id eq "idn:identity-attributes-changed"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* (optional)
# List Workflow Library Triggers
try {
Get-WorkflowLibraryTriggers
# Below is a request that includes all optional parameters
# Get-WorkflowLibraryTriggers -Limit $Limit -Offset $Offset -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-WorkflowLibraryTriggers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-workflows
List all workflows in the tenant.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**Workflow[]**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of workflows | Workflow[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Workflows
try {
Get-Workflows
# Below is a request that includes all optional parameters
# Get-Workflows
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Workflows"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-workflow
Partially update an existing Workflow using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
# JsonPatchOperation[] |
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Patch Workflow
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-Workflow-Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-Workflow -Id $Id -JsonPatchOperation $JsonPatchOperation
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Workflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
Body | WorkflowBody | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
$WorkflowBody = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}"@
# Update Workflow
try {
$Result = ConvertFrom-JsonToWorkflowBody -Json $WorkflowBody
Send-Workflow-Id $Id -WorkflowBody $Result
# Below is a request that includes all optional parameters
# Send-Workflow -Id $Id -WorkflowBody $WorkflowBody
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-Workflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-external-execute-workflow
Validate a workflow with an "External Trigger" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
Body | TestExternalExecuteWorkflowRequest | [**TestExternalExecuteWorkflowRequest**](../models/test-external-execute-workflow-request) | (optional) |
### Return type
[**TestExternalExecuteWorkflow200Response**](../models/test-external-execute-workflow200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the test input | TestExternalExecuteWorkflow200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
$TestExternalExecuteWorkflowRequest = @""@
# Test Workflow via External Trigger
try {
Test-ExternalExecuteWorkflow-Id $Id
# Below is a request that includes all optional parameters
# Test-ExternalExecuteWorkflow -Id $Id -TestExternalExecuteWorkflowRequest $TestExternalExecuteWorkflowRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-ExternalExecuteWorkflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-workflow
Test a workflow with the provided input data. The input data should resemble the input that the trigger will send the workflow. See the [event trigger documentation](https://developer.sailpoint.com/idn/docs/event-triggers/available) for an example input for the trigger that initiates this workflow.
This endpoint will return an execution ID, which can be used to lookup more information about the execution using the `Get a Workflow Execution` endpoint.
**This will cause a live run of the workflow, which could result in unintended modifications to your IDN tenant.**
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
Body | TestWorkflowRequest | [**TestWorkflowRequest**](../models/test-workflow-request) | True |
### Return type
[**TestWorkflow200Response**](../models/test-workflow200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | TestWorkflow200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
$TestWorkflowRequest = @"{input={identity={id=ee769173319b41d19ccec6cea52f237b, name=john.doe, type=IDENTITY}, changes=[{attribute=department, oldValue=sales, newValue=marketing}, {attribute=manager, oldValue={id=ee769173319b41d19ccec6c235423237b, name=nice.guy, type=IDENTITY}, newValue={id=ee769173319b41d19ccec6c235423236c, name=mean.guy, type=IDENTITY}}, {attribute=email, oldValue=john.doe@hotmail.com, newValue=john.doe@gmail.com}]}}"@
# Test Workflow By Id
try {
$Result = ConvertFrom-JsonToTestWorkflowRequest -Json $TestWorkflowRequest
Test-Workflow-Id $Id -TestWorkflowRequest $Result
# Below is a request that includes all optional parameters
# Test-Workflow -Id $Id -TestWorkflowRequest $TestWorkflowRequest
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-Workflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/refrence/v3/Models/Access.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: access
title: Access
pagination_label: Access
sidebar_label: Access
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Access']
slug: /tools/sdk/powershell/v3/models/access
tags: ['SDK', 'Software Development Kit', 'Access']
---
# Access
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The unique ID of the referenced object. | [optional]
**Name** | Pointer to **String** | The human readable name of the referenced object. | [optional]
**DisplayName** | Pointer to **String** | | [optional]
**Type** | Pointer to [**DtoType**](dto-type) | | [optional]
**Description** | Pointer to **String** | | [optional]
## Examples
- Prepare the resource
```powershell
$Access = Initialize-PSSailpoint.V3Access -Id 2c91808568c529c60168cca6f90c1313 `
-Name John Doe `
-DisplayName John Q. Doe `
-Type null `
-Description null
```
- Convert the resource to JSON
```powershell
$Access | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessConstraint.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-constraint
title: AccessConstraint
pagination_label: AccessConstraint
sidebar_label: AccessConstraint
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessConstraint']
slug: /tools/sdk/powershell/v3/models/access-constraint
tags: ['SDK', 'Software Development Kit', 'AccessConstraint']
---
# AccessConstraint
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ENTITLEMENT", "ACCESS_PROFILE", "ROLE" ] | Type of Access | [required]
**Ids** | Pointer to **[]String** | Must be set only if operator is SELECTED. | [optional]
**Operator** | **Enum** [ "ALL", "SELECTED" ] | Used to determine whether the scope of the campaign should be reduced for selected ids or all. | [required]
## Examples
- Prepare the resource
```powershell
$AccessConstraint = Initialize-PSSailpoint.V3AccessConstraint -Type ENTITLEMENT `
-Ids [2c90ad2a70ace7d50170acf22ca90010] `
-Operator SELECTED
```
- Convert the resource to JSON
```powershell
$AccessConstraint | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccessCriteria.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: access-criteria
title: AccessCriteria
pagination_label: AccessCriteria
sidebar_label: AccessCriteria
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessCriteria']
slug: /tools/sdk/powershell/v3/models/access-criteria
tags: ['SDK', 'Software Development Kit', 'AccessCriteria']
---
# AccessCriteria
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Name** | Pointer to **String** | Business name for the access construct list | [optional]
**CriteriaList** | Pointer to [**[]AccessCriteriaCriteriaListInner**](access-criteria-criteria-list-inner) | List of criteria. There is a min of 1 and max of 50 items in the list. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessCriteria = Initialize-PSSailpoint.V3AccessCriteria -Name money-in `
-CriteriaList [{type&#x3D;ENTITLEMENT, id&#x3D;2c9180866166b5b0016167c32ef31a66, name&#x3D;Administrator}, {type&#x3D;ENTITLEMENT, id&#x3D;2c9180866166b5b0016167c32ef31a67, name&#x3D;Administrator}]
```
- Convert the resource to JSON
```powershell
$AccessCriteria | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessCriteriaCriteriaListInner.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-criteria-criteria-list-inner
title: AccessCriteriaCriteriaListInner
pagination_label: AccessCriteriaCriteriaListInner
sidebar_label: AccessCriteriaCriteriaListInner
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessCriteriaCriteriaListInner']
slug: /tools/sdk/powershell/v3/models/access-criteria-criteria-list-inner
tags: ['SDK', 'Software Development Kit', 'AccessCriteriaCriteriaListInner']
---
# AccessCriteriaCriteriaListInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | Pointer to **Enum** [ "ENTITLEMENT" ] | Type of the propery to which this reference applies to | [optional]
**Id** | Pointer to **String** | ID of the object to which this reference applies to | [optional]
**Name** | Pointer to **String** | Human-readable display name of the object to which this reference applies to | [optional]
## Examples
- Prepare the resource
```powershell
$AccessCriteriaCriteriaListInner = Initialize-PSSailpoint.V3AccessCriteriaCriteriaListInner -Type ENTITLEMENT `
-Id 2c91808568c529c60168cca6f90c1313 `
-Name Administrator
```
- Convert the resource to JSON
```powershell
$AccessCriteriaCriteriaListInner | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessItemRequestedFor.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-item-requested-for
title: AccessItemRequestedFor
pagination_label: AccessItemRequestedFor
sidebar_label: AccessItemRequestedFor
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessItemRequestedFor']
slug: /tools/sdk/powershell/v3/models/access-item-requested-for
tags: ['SDK', 'Software Development Kit', 'AccessItemRequestedFor']
---
# AccessItemRequestedFor
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | Pointer to **Enum** [ "IDENTITY" ] | DTO type of identity the access item is requested for. | [optional]
**Id** | Pointer to **String** | ID of identity the access item is requested for. | [optional]
**Name** | Pointer to **String** | Human-readable display name of identity the access item is requested for. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessItemRequestedFor = Initialize-PSSailpoint.V3AccessItemRequestedFor -Type IDENTITY `
-Id 2c4180a46faadee4016fb4e018c20626 `
-Name Robert Robinson
```
- Convert the resource to JSON
```powershell
$AccessItemRequestedFor | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessItemRequester.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-item-requester
title: AccessItemRequester
pagination_label: AccessItemRequester
sidebar_label: AccessItemRequester
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessItemRequester']
slug: /tools/sdk/powershell/v3/models/access-item-requester
tags: ['SDK', 'Software Development Kit', 'AccessItemRequester']
---
# AccessItemRequester
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | Pointer to **Enum** [ "IDENTITY" ] | Access item requester's DTO type. | [optional]
**Id** | Pointer to **String** | Access item requester's identity ID. | [optional]
**Name** | Pointer to **String** | Access item owner's human-readable display name. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessItemRequester = Initialize-PSSailpoint.V3AccessItemRequester -Type IDENTITY `
-Id 2c7180a46faadee4016fb4e018c20648 `
-Name William Wilson
```
- Convert the resource to JSON
```powershell
$AccessItemRequester | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessItemReviewedBy.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-item-reviewed-by
title: AccessItemReviewedBy
pagination_label: AccessItemReviewedBy
sidebar_label: AccessItemReviewedBy
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessItemReviewedBy']
slug: /tools/sdk/powershell/v3/models/access-item-reviewed-by
tags: ['SDK', 'Software Development Kit', 'AccessItemReviewedBy']
---
# AccessItemReviewedBy
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | Pointer to **Enum** [ "IDENTITY" ] | DTO type of identity who reviewed the access item request. | [optional]
**Id** | Pointer to **String** | ID of identity who reviewed the access item request. | [optional]
**Name** | Pointer to **String** | Human-readable display name of identity who reviewed the access item request. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessItemReviewedBy = Initialize-PSSailpoint.V3AccessItemReviewedBy -Type IDENTITY `
-Id 2c3780a46faadee4016fb4e018c20652 `
-Name Allen Albertson
```
- Convert the resource to JSON
```powershell
$AccessItemReviewedBy | ConvertTo-JSON
```
[[Back to top]](#)

61
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfile.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: access-profile
title: AccessProfile
pagination_label: AccessProfile
sidebar_label: AccessProfile
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfile']
slug: /tools/sdk/powershell/v3/models/access-profile
tags: ['SDK', 'Software Development Kit', 'AccessProfile']
---
# AccessProfile
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The ID of the Access Profile | [optional] [readonly]
**Name** | **String** | Name of the Access Profile | [required]
**Description** | Pointer to **String** | Information about the Access Profile | [optional]
**Created** | Pointer to **System.DateTime** | Date the Access Profile was created | [optional] [readonly]
**Modified** | Pointer to **System.DateTime** | Date the Access Profile was last modified. | [optional] [readonly]
**Enabled** | Pointer to **Boolean** | Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement. | [optional] [default to $true]
**Owner** | [**OwnerReference**](owner-reference) | | [required]
**Source** | [**AccessProfileSourceRef**](access-profile-source-ref) | | [required]
**Entitlements** | Pointer to [**[]EntitlementRef**](entitlement-ref) | A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement. | [optional]
**Requestable** | Pointer to **Boolean** | Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value **false** in this field results in a 400 error. | [optional] [default to $true]
**AccessRequestConfig** | Pointer to [**Requestability**](requestability) | | [optional]
**RevocationRequestConfig** | Pointer to [**Revocability**](revocability) | | [optional]
**Segments** | Pointer to **[]String** | List of IDs of segments, if any, to which this Access Profile is assigned. | [optional]
**ProvisioningCriteria** | Pointer to [**ProvisioningCriteriaLevel1**](provisioning-criteria-level1) | | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfile = Initialize-PSSailpoint.V3AccessProfile -Id 2c91808a7190d06e01719938fcd20792 `
-Name Employee-database-read-write `
-Description Collection of entitlements to read/write the employee database `
-Created 2021-03-01T22:32:58.104Z `
-Modified 2021-03-02T20:22:28.104Z `
-Enabled true `
-Owner null `
-Source null `
-Entitlements null `
-Requestable true `
-AccessRequestConfig null `
-RevocationRequestConfig null `
-Segments [f7b1b8a3-5fed-4fd4-ad29-82014e137e19, 29cb6c06-1da8-43ea-8be4-b3125f248f2a] `
-ProvisioningCriteria null
```
- Convert the resource to JSON
```powershell
$AccessProfile | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileApprovalScheme.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: access-profile-approval-scheme
title: AccessProfileApprovalScheme
pagination_label: AccessProfileApprovalScheme
sidebar_label: AccessProfileApprovalScheme
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileApprovalScheme']
slug: /tools/sdk/powershell/v3/models/access-profile-approval-scheme
tags: ['SDK', 'Software Development Kit', 'AccessProfileApprovalScheme']
---
# AccessProfileApprovalScheme
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ApproverType** | Pointer to **Enum** [ "APP_OWNER", "OWNER", "SOURCE_OWNER", "MANAGER", "GOVERNANCE_GROUP" ] | Describes the individual or group that is responsible for an approval step. Values are as follows. **APP_OWNER**: The owner of the Application **OWNER**: Owner of the associated Access Profile or Role **SOURCE_OWNER**: Owner of the Source associated with an Access Profile **MANAGER**: Manager of the Identity making the request **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field | [optional]
**ApproverId** | Pointer to **String** | Id of the specific approver, used only when approverType is GOVERNANCE_GROUP | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileApprovalScheme = Initialize-PSSailpoint.V3AccessProfileApprovalScheme -ApproverType GOVERNANCE_GROUP `
-ApproverId 46c79819-a69f-49a2-becb-12c971ae66c6
```
- Convert the resource to JSON
```powershell
$AccessProfileApprovalScheme | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileBulkDeleteRequest.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: access-profile-bulk-delete-request
title: AccessProfileBulkDeleteRequest
pagination_label: AccessProfileBulkDeleteRequest
sidebar_label: AccessProfileBulkDeleteRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileBulkDeleteRequest']
slug: /tools/sdk/powershell/v3/models/access-profile-bulk-delete-request
tags: ['SDK', 'Software Development Kit', 'AccessProfileBulkDeleteRequest']
---
# AccessProfileBulkDeleteRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccessProfileIds** | Pointer to **[]String** | List of IDs of Access Profiles to be deleted. | [optional]
**BestEffortOnly** | Pointer to **Boolean** | If **true**, silently skip over any of the specified Access Profiles if they cannot be deleted because they are in use. If **false**, no deletions will be attempted if any of the Access Profiles are in use. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileBulkDeleteRequest = Initialize-PSSailpoint.V3AccessProfileBulkDeleteRequest -AccessProfileIds [2c9180847812e0b1017817051919ecca, 2c9180887812e0b201781e129f151816] `
-BestEffortOnly true
```
- Convert the resource to JSON
```powershell
$AccessProfileBulkDeleteRequest | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileBulkDeleteResponse.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-profile-bulk-delete-response
title: AccessProfileBulkDeleteResponse
pagination_label: AccessProfileBulkDeleteResponse
sidebar_label: AccessProfileBulkDeleteResponse
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileBulkDeleteResponse']
slug: /tools/sdk/powershell/v3/models/access-profile-bulk-delete-response
tags: ['SDK', 'Software Development Kit', 'AccessProfileBulkDeleteResponse']
---
# AccessProfileBulkDeleteResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**TaskId** | Pointer to **String** | ID of the task which is executing the bulk deletion. This can be passed to the **/task-status** API to track status. | [optional]
**Pending** | Pointer to **[]String** | List of IDs of Access Profiles which are pending deletion. | [optional]
**InUse** | Pointer to [**[]AccessProfileUsage**](access-profile-usage) | List of usages of Access Profiles targeted for deletion. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileBulkDeleteResponse = Initialize-PSSailpoint.V3AccessProfileBulkDeleteResponse -TaskId 2c9180867817ac4d017817c491119a20 `
-Pending [2c91808876438bbb017668c21919ecca, 2c91808876438bb201766e129f151816] `
-InUse null
```
- Convert the resource to JSON
```powershell
$AccessProfileBulkDeleteResponse | ConvertTo-JSON
```
[[Back to top]](#)

63
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileDocument.md Normal file
View File

@@ -0,0 +1,63 @@
---
id: access-profile-document
title: AccessProfileDocument
pagination_label: AccessProfileDocument
sidebar_label: AccessProfileDocument
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileDocument']
slug: /tools/sdk/powershell/v3/models/access-profile-document
tags: ['SDK', 'Software Development Kit', 'AccessProfileDocument']
---
# AccessProfileDocument
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | Access profile's ID. | [required]
**Name** | **String** | Access profile's name. | [required]
**Description** | Pointer to **String** | Access item's description. | [optional]
**Created** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the time when the object was created. | [optional]
**Modified** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the time when the object was last modified. | [optional]
**Synced** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the date-time when object was queued to be synced into search database for use in the search API. This date-time changes anytime there is an update to the object, which triggers a synchronization event being sent to the search database. There may be some delay between the `synced` time and the time when the updated data is actually available in the search API. | [optional]
**Enabled** | Pointer to **Boolean** | Indicates whether the access item is currently enabled. | [optional] [default to $false]
**Requestable** | Pointer to **Boolean** | Indicates whether the access item can be requested. | [optional] [default to $true]
**RequestCommentsRequired** | Pointer to **Boolean** | Indicates whether comments are required for requests to access the item. | [optional] [default to $false]
**Owner** | Pointer to [**BaseAccessAllOfOwner**](base-access-all-of-owner) | | [optional]
**Type** | **Enum** [ "accessprofile", "accountactivity", "account", "aggregation", "entitlement", "event", "identity", "role" ] | Access profile's document type. This enum represents the currently supported document types. Additional values may be added in the future without notice. | [required]
**Source** | Pointer to [**AccessProfileDocumentAllOfSource**](access-profile-document-all-of-source) | | [optional]
**Entitlements** | Pointer to [**[]BaseEntitlement**](base-entitlement) | Entitlements the access profile has access to. | [optional]
**EntitlementCount** | Pointer to **Int32** | Number of entitlements. | [optional]
**Tags** | Pointer to **[]String** | Tags that have been applied to the object. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileDocument = Initialize-PSSailpoint.V3AccessProfileDocument -Id 2c9180825a6c1adc015a71c9023f0818 `
-Name Cloud Eng `
-Description The admin role `
-Created 2018-06-25T20:22:28.104Z `
-Modified 2018-06-25T20:22:28.104Z `
-Synced 2018-06-25T20:22:33.104Z `
-Enabled true `
-Requestable true `
-RequestCommentsRequired false `
-Owner null `
-Type accessprofile `
-Source null `
-Entitlements null `
-EntitlementCount 5 `
-Tags [TAG_1, TAG_2]
```
- Convert the resource to JSON
```powershell
$AccessProfileDocument | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileDocumentAllOfSource.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: access-profile-document-all-of-source
title: AccessProfileDocumentAllOfSource
pagination_label: AccessProfileDocumentAllOfSource
sidebar_label: AccessProfileDocumentAllOfSource
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileDocumentAllOfSource']
slug: /tools/sdk/powershell/v3/models/access-profile-document-all-of-source
tags: ['SDK', 'Software Development Kit', 'AccessProfileDocumentAllOfSource']
---
# AccessProfileDocumentAllOfSource
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | Source's ID. | [optional]
**Name** | Pointer to **String** | Source's name. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileDocumentAllOfSource = Initialize-PSSailpoint.V3AccessProfileDocumentAllOfSource -Id ff8081815757d4fb0157588f3d9d008f `
-Name Employees
```
- Convert the resource to JSON
```powershell
$AccessProfileDocumentAllOfSource | ConvertTo-JSON
```
[[Back to top]](#)

53
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileEntitlement.md Normal file
View File

@@ -0,0 +1,53 @@
---
id: access-profile-entitlement
title: AccessProfileEntitlement
pagination_label: AccessProfileEntitlement
sidebar_label: AccessProfileEntitlement
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileEntitlement']
slug: /tools/sdk/powershell/v3/models/access-profile-entitlement
tags: ['SDK', 'Software Development Kit', 'AccessProfileEntitlement']
---
# AccessProfileEntitlement
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The unique ID of the referenced object. | [optional]
**Name** | Pointer to **String** | The human readable name of the referenced object. | [optional]
**DisplayName** | Pointer to **String** | | [optional]
**Type** | Pointer to [**DtoType**](dto-type) | | [optional]
**Description** | Pointer to **String** | | [optional]
**Source** | Pointer to [**Reference1**](reference1) | | [optional]
**Privileged** | Pointer to **Boolean** | | [optional]
**Attribute** | Pointer to **String** | | [optional]
**Value** | Pointer to **String** | | [optional]
**Standalone** | Pointer to **Boolean** | | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileEntitlement = Initialize-PSSailpoint.V3AccessProfileEntitlement -Id 2c91808568c529c60168cca6f90c1313 `
-Name John Doe `
-DisplayName John Q. Doe `
-Type null `
-Description null `
-Source null `
-Privileged false `
-Attribute memberOf `
-Value CN&#x3D;Buyer,OU&#x3D;Groups,OU&#x3D;Demo,DC&#x3D;seri,DC&#x3D;sailpointdemo,DC&#x3D;com `
-Standalone false
```
- Convert the resource to JSON
```powershell
$AccessProfileEntitlement | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileRef.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-profile-ref
title: AccessProfileRef
pagination_label: AccessProfileRef
sidebar_label: AccessProfileRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileRef']
slug: /tools/sdk/powershell/v3/models/access-profile-ref
tags: ['SDK', 'Software Development Kit', 'AccessProfileRef']
---
# AccessProfileRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | ID of the Access Profile | [optional]
**Type** | Pointer to **Enum** [ "ACCESS_PROFILE" ] | Type of requested object. This field must be either left null or set to 'ACCESS_PROFILE' when creating an Access Profile, otherwise a 400 Bad Request error will result. | [optional]
**Name** | Pointer to **String** | Human-readable display name of the Access Profile. This field is ignored on input. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileRef = Initialize-PSSailpoint.V3AccessProfileRef -Id ff808081751e6e129f1518161919ecca `
-Type ACCESS_PROFILE `
-Name Access Profile 2567
```
- Convert the resource to JSON
```powershell
$AccessProfileRef | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileRole.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: access-profile-role
title: AccessProfileRole
pagination_label: AccessProfileRole
sidebar_label: AccessProfileRole
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileRole']
slug: /tools/sdk/powershell/v3/models/access-profile-role
tags: ['SDK', 'Software Development Kit', 'AccessProfileRole']
---
# AccessProfileRole
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The unique ID of the referenced object. | [optional]
**Name** | Pointer to **String** | The human readable name of the referenced object. | [optional]
**DisplayName** | Pointer to **String** | | [optional]
**Type** | Pointer to [**DtoType**](dto-type) | | [optional]
**Description** | Pointer to **String** | | [optional]
**Owner** | Pointer to [**DisplayReference**](display-reference) | | [optional]
**Disabled** | Pointer to **Boolean** | | [optional]
**Revocable** | Pointer to **Boolean** | | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileRole = Initialize-PSSailpoint.V3AccessProfileRole -Id 2c91808568c529c60168cca6f90c1313 `
-Name John Doe `
-DisplayName John Q. Doe `
-Type null `
-Description null `
-Owner null `
-Disabled null `
-Revocable null
```
- Convert the resource to JSON
```powershell
$AccessProfileRole | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileSourceRef.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-profile-source-ref
title: AccessProfileSourceRef
pagination_label: AccessProfileSourceRef
sidebar_label: AccessProfileSourceRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileSourceRef']
slug: /tools/sdk/powershell/v3/models/access-profile-source-ref
tags: ['SDK', 'Software Development Kit', 'AccessProfileSourceRef']
---
# AccessProfileSourceRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The ID of the Source with with which the Access Profile is associated | [optional]
**Type** | Pointer to **Enum** [ "SOURCE" ] | The type of the Source, will always be SOURCE | [optional]
**Name** | Pointer to **String** | The display name of the associated Source | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileSourceRef = Initialize-PSSailpoint.V3AccessProfileSourceRef -Id 2c91809773dee3610173fdb0b6061ef4 `
-Type SOURCE `
-Name ODS-AD-SOURCE
```
- Convert the resource to JSON
```powershell
$AccessProfileSourceRef | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileSummary.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: access-profile-summary
title: AccessProfileSummary
pagination_label: AccessProfileSummary
sidebar_label: AccessProfileSummary
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileSummary']
slug: /tools/sdk/powershell/v3/models/access-profile-summary
tags: ['SDK', 'Software Development Kit', 'AccessProfileSummary']
---
# AccessProfileSummary
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The unique ID of the referenced object. | [optional]
**Name** | Pointer to **String** | The human readable name of the referenced object. | [optional]
**DisplayName** | Pointer to **String** | | [optional]
**Type** | Pointer to [**DtoType**](dto-type) | | [optional]
**Description** | Pointer to **String** | | [optional]
**Source** | Pointer to [**Reference1**](reference1) | | [optional]
**Owner** | Pointer to [**DisplayReference**](display-reference) | | [optional]
**Revocable** | Pointer to **Boolean** | | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileSummary = Initialize-PSSailpoint.V3AccessProfileSummary -Id 2c91808568c529c60168cca6f90c1313 `
-Name John Doe `
-DisplayName John Q. Doe `
-Type null `
-Description null `
-Source null `
-Owner null `
-Revocable true
```
- Convert the resource to JSON
```powershell
$AccessProfileSummary | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileUsage.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: access-profile-usage
title: AccessProfileUsage
pagination_label: AccessProfileUsage
sidebar_label: AccessProfileUsage
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileUsage']
slug: /tools/sdk/powershell/v3/models/access-profile-usage
tags: ['SDK', 'Software Development Kit', 'AccessProfileUsage']
---
# AccessProfileUsage
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccessProfileId** | Pointer to **String** | ID of the Access Profile that is in use | [optional]
**UsedBy** | Pointer to [**[]AccessProfileUsageUsedByInner**](access-profile-usage-used-by-inner) | List of references to objects which are using the indicated Access Profile | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileUsage = Initialize-PSSailpoint.V3AccessProfileUsage -AccessProfileId 2c91808876438bbb017668c21919ecca `
-UsedBy null
```
- Convert the resource to JSON
```powershell
$AccessProfileUsage | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessProfileUsageUsedByInner.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-profile-usage-used-by-inner
title: AccessProfileUsageUsedByInner
pagination_label: AccessProfileUsageUsedByInner
sidebar_label: AccessProfileUsageUsedByInner
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfileUsageUsedByInner']
slug: /tools/sdk/powershell/v3/models/access-profile-usage-used-by-inner
tags: ['SDK', 'Software Development Kit', 'AccessProfileUsageUsedByInner']
---
# AccessProfileUsageUsedByInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | Pointer to **Enum** [ "ROLE" ] | DTO type of role using the access profile. | [optional]
**Id** | Pointer to **String** | ID of role using the access profile. | [optional]
**Name** | Pointer to **String** | Display name of role using the access profile. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessProfileUsageUsedByInner = Initialize-PSSailpoint.V3AccessProfileUsageUsedByInner -Type ROLE `
-Id 2c8180857a9b3da0017aa03418480f9d `
-Name Manager Role
```
- Convert the resource to JSON
```powershell
$AccessProfileUsageUsedByInner | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequest.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: access-request
title: AccessRequest
pagination_label: AccessRequest
sidebar_label: AccessRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequest']
slug: /tools/sdk/powershell/v3/models/access-request
tags: ['SDK', 'Software Development Kit', 'AccessRequest']
---
# AccessRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedFor** | **[]String** | A list of Identity IDs for whom the Access is requested. If it's a Revoke request, there can only be one Identity ID. | [required]
**RequestType** | Pointer to [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | Pointer to **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.V3AccessRequest -RequestedFor null `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId&#x3D;2c91808f7892918f0178b78da4a305a1, requestedAppName&#x3D;test-app}
```
- Convert the resource to JSON
```powershell
$AccessRequest | ConvertTo-JSON
```
[[Back to top]](#)

45
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequestConfig.md Normal file
View File

@@ -0,0 +1,45 @@
---
id: access-request-config
title: AccessRequestConfig
pagination_label: AccessRequestConfig
sidebar_label: AccessRequestConfig
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestConfig']
slug: /tools/sdk/powershell/v3/models/access-request-config
tags: ['SDK', 'Software Development Kit', 'AccessRequestConfig']
---
# AccessRequestConfig
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ApprovalsMustBeExternal** | Pointer to **Boolean** | If this is true, approvals must be processed by an external system. Also, if this is true, it blocks Request Center access requests and returns an error for any user who isn't an org admin. | [optional] [default to $false]
**AutoApprovalEnabled** | Pointer to **Boolean** | If this is true and the requester and reviewer are the same, the request is automatically approved. | [optional] [default to $false]
**ReauthorizationEnabled** | Pointer to **Boolean** | If this is true, reauthorization will be enforced for appropriately configured access items. Enablement of this feature is currently in a limited state. | [optional] [default to $false]
**RequestOnBehalfOfConfig** | Pointer to [**RequestOnBehalfOfConfig**](request-on-behalf-of-config) | | [optional]
**ApprovalReminderAndEscalationConfig** | Pointer to [**ApprovalReminderAndEscalationConfig**](approval-reminder-and-escalation-config) | | [optional]
**EntitlementRequestConfig** | Pointer to [**EntitlementRequestConfig**](entitlement-request-config) | | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestConfig = Initialize-PSSailpoint.V3AccessRequestConfig -ApprovalsMustBeExternal true `
-AutoApprovalEnabled true `
-ReauthorizationEnabled true `
-RequestOnBehalfOfConfig null `
-ApprovalReminderAndEscalationConfig null `
-EntitlementRequestConfig null
```
- Convert the resource to JSON
```powershell
$AccessRequestConfig | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequestItem.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: access-request-item
title: AccessRequestItem
pagination_label: AccessRequestItem
sidebar_label: AccessRequestItem
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestItem']
slug: /tools/sdk/powershell/v3/models/access-request-item
tags: ['SDK', 'Software Development Kit', 'AccessRequestItem']
---
# AccessRequestItem
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | Pointer to **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | Pointer to **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | Pointer to **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestItem = Initialize-PSSailpoint.V3AccessRequestItem -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName&#x3D;test-app, requestedAppId&#x3D;2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z
```
- Convert the resource to JSON
```powershell
$AccessRequestItem | ConvertTo-JSON
```
[[Back to top]](#)

45
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequestPhases.md Normal file
View File

@@ -0,0 +1,45 @@
---
id: access-request-phases
title: AccessRequestPhases
pagination_label: AccessRequestPhases
sidebar_label: AccessRequestPhases
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestPhases']
slug: /tools/sdk/powershell/v3/models/access-request-phases
tags: ['SDK', 'Software Development Kit', 'AccessRequestPhases']
---
# AccessRequestPhases
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Started** | Pointer to **System.DateTime** | The time that this phase started. | [optional]
**Finished** | Pointer to **System.DateTime** | The time that this phase finished. | [optional]
**Name** | Pointer to **String** | The name of this phase. | [optional]
**State** | Pointer to **Enum** [ "PENDING", "EXECUTING", "COMPLETED", "CANCELLED", "NOT_EXECUTED" ] | The state of this phase. | [optional]
**Result** | Pointer to **Enum** [ "SUCCESSFUL", "FAILED" ] | The state of this phase. | [optional]
**PhaseReference** | Pointer to **String** | A reference to another object on the RequestedItemStatus that contains more details about the phase. Note that for the Provisioning phase, this will be empty if there are no manual work items. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestPhases = Initialize-PSSailpoint.V3AccessRequestPhases -Started 2020-07-11T00:00Z `
-Finished 2020-07-12T00:00Z `
-Name APPROVAL_PHASE `
-State COMPLETED `
-Result SUCCESSFUL `
-PhaseReference approvalDetails
```
- Convert the resource to JSON
```powershell
$AccessRequestPhases | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequestResponse.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: access-request-response
title: AccessRequestResponse
pagination_label: AccessRequestResponse
sidebar_label: AccessRequestResponse
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestResponse']
slug: /tools/sdk/powershell/v3/models/access-request-response
tags: ['SDK', 'Software Development Kit', 'AccessRequestResponse']
---
# AccessRequestResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**NewRequests** | Pointer to [**[]AccessRequestTracking**](access-request-tracking) | A list of new access request tracking data mapped to the values requested. | [optional]
**ExistingRequests** | Pointer to [**[]AccessRequestTracking**](access-request-tracking) | A list of existing access request tracking data mapped to the values requested. This indicates access has already been requested for this item. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestResponse = Initialize-PSSailpoint.V3AccessRequestResponse -NewRequests [{requestedFor&#x3D;899fd612ecfc4cf3bf48f14d0afdef89, requestedItemsDetails&#x3D;[{type&#x3D;ENTITLEMENT, id&#x3D;779c6fd7171540bba1184e5946112c28}], attributesHash&#x3D;-1928438224, accessRequestIds&#x3D;[5d3118c518a44ec7805450d53479ccdb]}] `
-ExistingRequests [{requestedFor&#x3D;899fd612ecfc4cf3bf48f14d0afdef89, requestedItemsDetails&#x3D;[{type&#x3D;ROLE, id&#x3D;779c6fd7171540bbc1184e5946112c28}], attributesHash&#x3D;2843118224, accessRequestIds&#x3D;[5d3118c518a44ec7805450d53479ccdc]}]
```
- Convert the resource to JSON
```powershell
$AccessRequestResponse | ConvertTo-JSON
```
[[Back to top]](#)

44
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequestTracking.md Normal file
View File

@@ -0,0 +1,44 @@
---
id: access-request-tracking
title: AccessRequestTracking
pagination_label: AccessRequestTracking
sidebar_label: AccessRequestTracking
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestTracking']
slug: /tools/sdk/powershell/v3/models/access-request-tracking
tags: ['SDK', 'Software Development Kit', 'AccessRequestTracking']
---
# AccessRequestTracking
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedFor** | Pointer to **String** | The identity id in which the access request is for. | [optional]
**RequestedItemsDetails** | Pointer to [**[]RequestedItemDetails**](requested-item-details) | The details of the item requested. | [optional]
**AttributesHash** | Pointer to **String** | a hash representation of the access requested, useful for longer term tracking client side. | [optional]
**AccessRequestIds** | Pointer to **[]String** | a list of access request identifiers, generally only one will be populated, but high volume requested may result in multiple ids. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestTracking = Initialize-PSSailpoint.V3AccessRequestTracking -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestedItemsDetails {
&quot;type&quot;: &quot;ENTITLEMENT&quot;,
&quot;id&quot;: &quot;779c6fd7171540bba1184e5946112c28&quot;
} `
-AttributesHash -1928438224 `
-AccessRequestIds [5d3118c518a44ec7805450d53479ccdb]
```
- Convert the resource to JSON
```powershell
$AccessRequestTracking | ConvertTo-JSON
```
[[Back to top]](#)

24
docs/tools/sdk/powershell/refrence/v3/Models/AccessRequestType.md Normal file
View File

@@ -0,0 +1,24 @@
---
id: access-request-type
title: AccessRequestType
pagination_label: AccessRequestType
sidebar_label: AccessRequestType
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestType']
slug: /tools/sdk/powershell/v3/models/access-request-type
tags: ['SDK', 'Software Development Kit', 'AccessRequestType']
---
# AccessRequestType
## Enum
* `GRANT_ACCESS` (value: `"GRANT_ACCESS"`)
* `REVOKE_ACCESS` (value: `"REVOKE_ACCESS"`)
[[Back to top]](#)

47
docs/tools/sdk/powershell/refrence/v3/Models/AccessReviewItem.md Normal file
View File

@@ -0,0 +1,47 @@
---
id: access-review-item
title: AccessReviewItem
pagination_label: AccessReviewItem
sidebar_label: AccessReviewItem
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessReviewItem']
slug: /tools/sdk/powershell/v3/models/access-review-item
tags: ['SDK', 'Software Development Kit', 'AccessReviewItem']
---
# AccessReviewItem
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccessSummary** | Pointer to [**AccessSummary**](access-summary) | | [optional]
**IdentitySummary** | Pointer to [**CertificationIdentitySummary**](certification-identity-summary) | | [optional]
**Id** | Pointer to **String** | The review item's id | [optional]
**Completed** | Pointer to **Boolean** | Whether the review item is complete | [optional]
**NewAccess** | Pointer to **Boolean** | Indicates whether the review item is for new access to a source | [optional]
**Decision** | Pointer to [**CertificationDecision**](certification-decision) | | [optional]
**Comments** | Pointer to **String** | Comments for this review item | [optional]
## Examples
- Prepare the resource
```powershell
$AccessReviewItem = Initialize-PSSailpoint.V3AccessReviewItem -AccessSummary null `
-IdentitySummary null `
-Id ef38f94347e94562b5bb8424a56397d8 `
-Completed false `
-NewAccess false `
-Decision null `
-Comments This user still needs access to this source
```
- Convert the resource to JSON
```powershell
$AccessReviewItem | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessReviewReassignment.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-review-reassignment
title: AccessReviewReassignment
pagination_label: AccessReviewReassignment
sidebar_label: AccessReviewReassignment
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessReviewReassignment']
slug: /tools/sdk/powershell/v3/models/access-review-reassignment
tags: ['SDK', 'Software Development Kit', 'AccessReviewReassignment']
---
# AccessReviewReassignment
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Reassign** | [**[]ReassignReference**](reassign-reference) | | [required]
**ReassignTo** | **String** | The ID of the identity to which the certification is reassigned | [required]
**Reason** | **String** | The reason comment for why the reassign was made | [required]
## Examples
- Prepare the resource
```powershell
$AccessReviewReassignment = Initialize-PSSailpoint.V3AccessReviewReassignment -Reassign null `
-ReassignTo ef38f94347e94562b5bb8424a56397d8 `
-Reason reassigned for some reason
```
- Convert the resource to JSON
```powershell
$AccessReviewReassignment | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/refrence/v3/Models/AccessSummary.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: access-summary
title: AccessSummary
pagination_label: AccessSummary
sidebar_label: AccessSummary
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessSummary']
slug: /tools/sdk/powershell/v3/models/access-summary
tags: ['SDK', 'Software Development Kit', 'AccessSummary']
---
# AccessSummary
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Access** | Pointer to [**AccessSummaryAccess**](access-summary-access) | | [optional]
**Entitlement** | Pointer to [**ReviewableEntitlement**](reviewable-entitlement) | | [optional]
**AccessProfile** | Pointer to [**ReviewableAccessProfile**](reviewable-access-profile) | | [optional]
**Role** | Pointer to [**ReviewableRole**](reviewable-role) | | [optional]
## Examples
- Prepare the resource
```powershell
$AccessSummary = Initialize-PSSailpoint.V3AccessSummary -Access null `
-Entitlement null `
-AccessProfile null `
-Role null
```
- Convert the resource to JSON
```powershell
$AccessSummary | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccessSummaryAccess.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: access-summary-access
title: AccessSummaryAccess
pagination_label: AccessSummaryAccess
sidebar_label: AccessSummaryAccess
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessSummaryAccess']
slug: /tools/sdk/powershell/v3/models/access-summary-access
tags: ['SDK', 'Software Development Kit', 'AccessSummaryAccess']
---
# AccessSummaryAccess
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | Pointer to [**DtoType**](dto-type) | | [optional]
**Id** | Pointer to **String** | The ID of the item being certified | [optional]
**Name** | Pointer to **String** | The name of the item being certified | [optional]
## Examples
- Prepare the resource
```powershell
$AccessSummaryAccess = Initialize-PSSailpoint.V3AccessSummaryAccess -Type null `
-Id 2c9180867160846801719932c5153fb7 `
-Name Entitlement for Company Database
```
- Convert the resource to JSON
```powershell
$AccessSummaryAccess | ConvertTo-JSON
```
[[Back to top]](#)

24
docs/tools/sdk/powershell/refrence/v3/Models/AccessType.md Normal file
View File

@@ -0,0 +1,24 @@
---
id: access-type
title: AccessType
pagination_label: AccessType
sidebar_label: AccessType
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessType']
slug: /tools/sdk/powershell/v3/models/access-type
tags: ['SDK', 'Software Development Kit', 'AccessType']
---
# AccessType
## Enum
* `ONLINE` (value: `"ONLINE"`)
* `OFFLINE` (value: `"OFFLINE"`)
[[Back to top]](#)

89
docs/tools/sdk/powershell/refrence/v3/Models/Account.md Normal file
View File

@@ -0,0 +1,89 @@
---
id: account
title: Account
pagination_label: Account
sidebar_label: Account
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Account']
slug: /tools/sdk/powershell/v3/models/account
tags: ['SDK', 'Software Development Kit', 'Account']
---
# Account
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | System-generated unique ID of the Object | [optional] [readonly]
**Name** | **String** | Name of the Object | [required]
**Created** | Pointer to **System.DateTime** | Creation date of the Object | [optional] [readonly]
**Modified** | Pointer to **System.DateTime** | Last modification date of the Object | [optional] [readonly]
**SourceId** | **String** | The unique ID of the source this account belongs to | [required]
**SourceName** | **String** | The display name of the source this account belongs to | [required]
**IdentityId** | Pointer to **String** | The unique ID of the identity this account is correlated to | [optional]
**CloudLifecycleState** | Pointer to **String** | The lifecycle state of the identity this account is correlated to | [optional]
**IdentityState** | Pointer to **String** | The identity state of the identity this account is correlated to | [optional]
**ConnectionType** | Pointer to **String** | The connection type of the source this account is from | [optional]
**IsMachine** | Pointer to **Boolean** | Indicates if the account is of machine type | [optional] [default to $false]
**Recommendation** | Pointer to [**Recommendation**](recommendation) | | [optional]
**Attributes** | [**map[string]AnyType**]https://learn.microsoft.com/en-us/powershell/scripting/lang-spec/chapter-04?view=powershell-7.4 | The account attributes that are aggregated | [required]
**Authoritative** | **Boolean** | Indicates if this account is from an authoritative source | [required]
**Description** | Pointer to **String** | A description of the account | [optional]
**Disabled** | **Boolean** | Indicates if the account is currently disabled | [required]
**Locked** | **Boolean** | Indicates if the account is currently locked | [required]
**NativeIdentity** | **String** | The unique ID of the account generated by the source system | [required]
**SystemAccount** | **Boolean** | If true, this is a user account within IdentityNow. If false, this is an account from a source system. | [required]
**Uncorrelated** | **Boolean** | Indicates if this account is not correlated to an identity | [required]
**Uuid** | Pointer to **String** | The unique ID of the account as determined by the account schema | [optional]
**ManuallyCorrelated** | **Boolean** | Indicates if the account has been manually correlated to an identity | [required]
**HasEntitlements** | **Boolean** | Indicates if the account has entitlements | [required]
**Identity** | Pointer to [**BaseReferenceDto**](base-reference-dto) | | [optional]
**SourceOwner** | Pointer to [**BaseReferenceDto**](base-reference-dto) | | [optional]
**Features** | Pointer to **String** | A string list containing the owning source's features | [optional]
**Origin** | Pointer to **Enum** [ "AGGREGATED", "PROVISIONED" ] | The origin of the account either aggregated or provisioned | [optional]
**OwnerIdentity** | Pointer to [**BaseReferenceDto**](base-reference-dto) | | [optional]
## Examples
- Prepare the resource
```powershell
$Account = Initialize-PSSailpoint.V3Account -Id id12345 `
-Name aName `
-Created 2015-05-28T14:07:17Z `
-Modified 2015-05-28T14:07:17Z `
-SourceId 2c9180835d2e5168015d32f890ca1581 `
-SourceName Employees `
-IdentityId 2c9180835d2e5168015d32f890ca1581 `
-CloudLifecycleState active `
-IdentityState ACTIVE `
-ConnectionType direct `
-IsMachine true `
-Recommendation null `
-Attributes {firstName&#x3D;SailPoint, lastName&#x3D;Support, displayName&#x3D;SailPoint Support} `
-Authoritative false `
-Description null `
-Disabled false `
-Locked false `
-NativeIdentity 552775 `
-SystemAccount false `
-Uncorrelated false `
-Uuid {b0dce506-d6d4-44d2-8a32-d9a5b21fb175} `
-ManuallyCorrelated false `
-HasEntitlements true `
-Identity null `
-SourceOwner null `
-Features ENABLE `
-Origin AGGREGATED `
-OwnerIdentity null
```
- Convert the resource to JSON
```powershell
$Account | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccountAction.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: account-action
title: AccountAction
pagination_label: AccountAction
sidebar_label: AccountAction
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountAction']
slug: /tools/sdk/powershell/v3/models/account-action
tags: ['SDK', 'Software Development Kit', 'AccountAction']
---
# AccountAction
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Action** | Pointer to **Enum** [ "ENABLE", "DISABLE" ] | Describes if action will be enabled or disabled | [optional]
**SourceIds** | Pointer to **[]String** | List of unique source IDs. The sources must have the ENABLE feature or flat file source. See ""/sources"" endpoint for source features. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountAction = Initialize-PSSailpoint.V3AccountAction -Action ENABLE `
-SourceIds [2c918084660f45d6016617daa9210584, 2c918084660f45d6016617daa9210500]
```
- Convert the resource to JSON
```powershell
$AccountAction | ConvertTo-JSON
```
[[Back to top]](#)

61
docs/tools/sdk/powershell/refrence/v3/Models/AccountActivity.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: account-activity
title: AccountActivity
pagination_label: AccountActivity
sidebar_label: AccountActivity
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivity']
slug: /tools/sdk/powershell/v3/models/account-activity
tags: ['SDK', 'Software Development Kit', 'AccountActivity']
---
# AccountActivity
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | Id of the account activity | [optional]
**Name** | Pointer to **String** | The name of the activity | [optional]
**Created** | Pointer to **System.DateTime** | When the activity was first created | [optional]
**Modified** | Pointer to **System.DateTime** | When the activity was last modified | [optional]
**Completed** | Pointer to **System.DateTime** | When the activity was completed | [optional]
**CompletionStatus** | Pointer to [**CompletionStatus**](completion-status) | | [optional]
**Type** | Pointer to **String** | The type of action the activity performed. Please see the following list of types. This list may grow over time. - CloudAutomated - IdentityAttributeUpdate - appRequest - LifecycleStateChange - AccountStateUpdate - AccountAttributeUpdate - CloudPasswordRequest - Attribute Synchronization Refresh - Certification - Identity Refresh - Lifecycle Change Refresh [Learn more here](https://documentation.sailpoint.com/saas/help/search/searchable-fields.html#searching-account-activity-data). | [optional]
**RequesterIdentitySummary** | Pointer to [**IdentitySummary**](identity-summary) | | [optional]
**TargetIdentitySummary** | Pointer to [**IdentitySummary**](identity-summary) | | [optional]
**Errors** | Pointer to **[]String** | A list of error messages, if any, that were encountered. | [optional]
**Warnings** | Pointer to **[]String** | A list of warning messages, if any, that were encountered. | [optional]
**Items** | Pointer to [**[]AccountActivityItem**](account-activity-item) | Individual actions performed as part of this account activity | [optional]
**ExecutionStatus** | Pointer to [**ExecutionStatus**](execution-status) | | [optional]
**ClientMetadata** | Pointer to **map[string]String** | Arbitrary key-value pairs, if any were included in the corresponding access request | [optional]
## Examples
- Prepare the resource
```powershell
$AccountActivity = Initialize-PSSailpoint.V3AccountActivity -Id 2c9180835d2e5168015d32f890ca1581 `
-Name 2c9180835d2e5168015d32f890ca1581 `
-Created 2017-07-11T18:45:37.098Z `
-Modified 2018-06-25T20:22:28.104Z `
-Completed 2018-10-19T13:49:37.385Z `
-CompletionStatus null `
-Type appRequest `
-RequesterIdentitySummary null `
-TargetIdentitySummary null `
-Errors [sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message 0 from client 57a4ab97-ab3f-4aef-9fe2-0eaf15c73d26 after 60 seconds.] `
-Warnings [Some warning, another warning] `
-Items null `
-ExecutionStatus null `
-ClientMetadata {customKey1&#x3D;custom value 1, customKey2&#x3D;custom value 2}
```
- Convert the resource to JSON
```powershell
$AccountActivity | ConvertTo-JSON
```
[[Back to top]](#)

32
docs/tools/sdk/powershell/refrence/v3/Models/AccountActivityApprovalStatus.md Normal file
View File

@@ -0,0 +1,32 @@
---
id: account-activity-approval-status
title: AccountActivityApprovalStatus
pagination_label: AccountActivityApprovalStatus
sidebar_label: AccountActivityApprovalStatus
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivityApprovalStatus']
slug: /tools/sdk/powershell/v3/models/account-activity-approval-status
tags: ['SDK', 'Software Development Kit', 'AccountActivityApprovalStatus']
---
# AccountActivityApprovalStatus
## Enum
* `FINISHED` (value: `"FINISHED"`)
* `REJECTED` (value: `"REJECTED"`)
* `RETURNED` (value: `"RETURNED"`)
* `EXPIRED` (value: `"EXPIRED"`)
* `PENDING` (value: `"PENDING"`)
* `CANCELED` (value: `"CANCELED"`)
[[Back to top]](#)

71
docs/tools/sdk/powershell/refrence/v3/Models/AccountActivityDocument.md Normal file
View File

@@ -0,0 +1,71 @@
---
id: account-activity-document
title: AccountActivityDocument
pagination_label: AccountActivityDocument
sidebar_label: AccountActivityDocument
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivityDocument']
slug: /tools/sdk/powershell/v3/models/account-activity-document
tags: ['SDK', 'Software Development Kit', 'AccountActivityDocument']
---
# AccountActivityDocument
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | | [required]
**Name** | **String** | | [required]
**Type** | [**DocumentType**](document-type) | | [required]
**Action** | Pointer to **String** | Type of action performed in the activity. | [optional]
**Created** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the time when the object was created. | [optional]
**Modified** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the time when the object was last modified. | [optional]
**Stage** | Pointer to **String** | Activity's current stage. | [optional]
**Origin** | Pointer to **String** | Activity's origin. | [optional]
**Status** | Pointer to **String** | Activity's current status. | [optional]
**Requester** | Pointer to [**AccountSource**](account-source) | | [optional]
**Recipient** | Pointer to [**AccountSource**](account-source) | | [optional]
**TrackingNumber** | Pointer to **String** | Account activity's tracking number. | [optional]
**Errors** | Pointer to **[]String** | Errors provided by the source while completing account actions. | [optional]
**Warnings** | Pointer to **[]String** | Warnings provided by the source while completing account actions. | [optional]
**Approvals** | Pointer to [**[]Approval**](approval) | Approvals performed on an item during activity. | [optional]
**OriginalRequests** | Pointer to [**[]OriginalRequest**](original-request) | Original actions that triggered all individual source actions related to the account action. | [optional]
**ExpansionItems** | Pointer to [**[]ExpansionItem**](expansion-item) | Controls that translated the attribute requests into actual provisioning actions on the source. | [optional]
**AccountRequests** | Pointer to [**[]AccountRequest**](account-request) | Account data for each individual source action triggered by the original requests. | [optional]
**Sources** | Pointer to **String** | Sources involved in the account activity. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountActivityDocument = Initialize-PSSailpoint.V3AccountActivityDocument -Id 2c91808375d8e80a0175e1f88a575222 `
-Name john.doe `
-Type null `
-Action Identity Refresh. `
-Created 2018-06-25T20:22:28.104Z `
-Modified 2018-06-25T20:22:28.104Z `
-Stage Completed `
-Origin null `
-Status Complete `
-Requester null `
-Recipient null `
-TrackingNumber 61aad0c9e8134eca89e76a35e0cabe3f `
-Errors null `
-Warnings null `
-Approvals null `
-OriginalRequests null `
-ExpansionItems null `
-AccountRequests null `
-Sources smartsheet-test, airtable-v4, IdentityNow
```
- Convert the resource to JSON
```powershell
$AccountActivityDocument | ConvertTo-JSON
```
[[Back to top]](#)

65
docs/tools/sdk/powershell/refrence/v3/Models/AccountActivityItem.md Normal file
View File

@@ -0,0 +1,65 @@
---
id: account-activity-item
title: AccountActivityItem
pagination_label: AccountActivityItem
sidebar_label: AccountActivityItem
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivityItem']
slug: /tools/sdk/powershell/v3/models/account-activity-item
tags: ['SDK', 'Software Development Kit', 'AccountActivityItem']
---
# AccountActivityItem
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | Item id | [optional]
**Name** | Pointer to **String** | Human-readable display name of item | [optional]
**Requested** | Pointer to **System.DateTime** | Date and time item was requested | [optional]
**ApprovalStatus** | Pointer to [**AccountActivityApprovalStatus**](account-activity-approval-status) | | [optional]
**ProvisioningStatus** | Pointer to [**ProvisioningState**](provisioning-state) | | [optional]
**RequesterComment** | Pointer to [**Comment**](comment) | | [optional]
**ReviewerIdentitySummary** | Pointer to [**IdentitySummary**](identity-summary) | | [optional]
**ReviewerComment** | Pointer to [**Comment**](comment) | | [optional]
**Operation** | Pointer to [**AccountActivityItemOperation**](account-activity-item-operation) | | [optional]
**Attribute** | Pointer to **String** | Attribute to which account activity applies | [optional]
**Value** | Pointer to **String** | Value of attribute | [optional]
**NativeIdentity** | Pointer to **String** | Native identity in the target system to which the account activity applies | [optional]
**SourceId** | Pointer to **String** | Id of Source to which account activity applies | [optional]
**AccountRequestInfo** | Pointer to [**AccountRequestInfo**](account-request-info) | | [optional]
**ClientMetadata** | Pointer to **map[string]String** | Arbitrary key-value pairs, if any were included in the corresponding access request item | [optional]
**RemoveDate** | Pointer to **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountActivityItem = Initialize-PSSailpoint.V3AccountActivityItem -Id 48c545831b264409a81befcabb0e3c5a `
-Name 48c545831b264409a81befcabb0e3c5a `
-Requested 2017-07-11T18:45:37.098Z `
-ApprovalStatus null `
-ProvisioningStatus null `
-RequesterComment null `
-ReviewerIdentitySummary null `
-ReviewerComment null `
-Operation null `
-Attribute detectedRoles `
-Value Treasury Analyst [AccessProfile-1529010191212] `
-NativeIdentity Sandie.Camero `
-SourceId 2c91808363ef85290164000587130c0c `
-AccountRequestInfo null `
-ClientMetadata {customKey1&#x3D;custom value 1, customKey2&#x3D;custom value 2} `
-RemoveDate 2020-07-11T00:00Z
```
- Convert the resource to JSON
```powershell
$AccountActivityItem | ConvertTo-JSON
```
[[Back to top]](#)

40
docs/tools/sdk/powershell/refrence/v3/Models/AccountActivityItemOperation.md Normal file
View File

@@ -0,0 +1,40 @@
---
id: account-activity-item-operation
title: AccountActivityItemOperation
pagination_label: AccountActivityItemOperation
sidebar_label: AccountActivityItemOperation
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivityItemOperation']
slug: /tools/sdk/powershell/v3/models/account-activity-item-operation
tags: ['SDK', 'Software Development Kit', 'AccountActivityItemOperation']
---
# AccountActivityItemOperation
## Enum
* `ADD` (value: `"ADD"`)
* `CREATE` (value: `"CREATE"`)
* `MODIFY` (value: `"MODIFY"`)
* `DELETE` (value: `"DELETE"`)
* `DISABLE` (value: `"DISABLE"`)
* `ENABLE` (value: `"ENABLE"`)
* `UNLOCK` (value: `"UNLOCK"`)
* `LOCK` (value: `"LOCK"`)
* `REMOVE` (value: `"REMOVE"`)
* `SET` (value: `"SET"`)
[[Back to top]](#)

71
docs/tools/sdk/powershell/refrence/v3/Models/AccountActivitySearchedItem.md Normal file
View File

@@ -0,0 +1,71 @@
---
id: account-activity-searched-item
title: AccountActivitySearchedItem
pagination_label: AccountActivitySearchedItem
sidebar_label: AccountActivitySearchedItem
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivitySearchedItem']
slug: /tools/sdk/powershell/v3/models/account-activity-searched-item
tags: ['SDK', 'Software Development Kit', 'AccountActivitySearchedItem']
---
# AccountActivitySearchedItem
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | | [required]
**Name** | **String** | | [required]
**Type** | [**DocumentType**](document-type) | | [required]
**Action** | Pointer to **String** | Type of action performed in the activity. | [optional]
**Created** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the time when the object was created. | [optional]
**Modified** | Pointer to **System.DateTime** | ISO-8601 date-time referring to the time when the object was last modified. | [optional]
**Stage** | Pointer to **String** | Activity's current stage. | [optional]
**Origin** | Pointer to **String** | Activity's origin. | [optional]
**Status** | Pointer to **String** | Activity's current status. | [optional]
**Requester** | Pointer to [**AccountSource**](account-source) | | [optional]
**Recipient** | Pointer to [**AccountSource**](account-source) | | [optional]
**TrackingNumber** | Pointer to **String** | Account activity's tracking number. | [optional]
**Errors** | Pointer to **[]String** | Errors provided by the source while completing account actions. | [optional]
**Warnings** | Pointer to **[]String** | Warnings provided by the source while completing account actions. | [optional]
**Approvals** | Pointer to [**[]Approval**](approval) | Approvals performed on an item during activity. | [optional]
**OriginalRequests** | Pointer to [**[]OriginalRequest**](original-request) | Original actions that triggered all individual source actions related to the account action. | [optional]
**ExpansionItems** | Pointer to [**[]ExpansionItem**](expansion-item) | Controls that translated the attribute requests into actual provisioning actions on the source. | [optional]
**AccountRequests** | Pointer to [**[]AccountRequest**](account-request) | Account data for each individual source action triggered by the original requests. | [optional]
**Sources** | Pointer to **String** | Sources involved in the account activity. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountActivitySearchedItem = Initialize-PSSailpoint.V3AccountActivitySearchedItem -Id 2c91808375d8e80a0175e1f88a575222 `
-Name john.doe `
-Type null `
-Action Identity Refresh. `
-Created 2018-06-25T20:22:28.104Z `
-Modified 2018-06-25T20:22:28.104Z `
-Stage Completed `
-Origin null `
-Status Complete `
-Requester null `
-Recipient null `
-TrackingNumber 61aad0c9e8134eca89e76a35e0cabe3f `
-Errors null `
-Warnings null `
-Approvals null `
-OriginalRequests null `
-ExpansionItems null `
-AccountRequests null `
-Sources smartsheet-test, airtable-v4, IdentityNow
```
- Convert the resource to JSON
```powershell
$AccountActivitySearchedItem | ConvertTo-JSON
```
[[Back to top]](#)

51
docs/tools/sdk/powershell/refrence/v3/Models/AccountAttribute.md Normal file
View File

@@ -0,0 +1,51 @@
---
id: account-attribute
title: AccountAttribute
pagination_label: AccountAttribute
sidebar_label: AccountAttribute
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountAttribute']
slug: /tools/sdk/powershell/v3/models/account-attribute
tags: ['SDK', 'Software Development Kit', 'AccountAttribute']
---
# AccountAttribute
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceName** | **String** | A reference to the source to search for the account | [required]
**AttributeName** | **String** | The name of the attribute on the account to return. This should match the name of the account attribute name visible in the user interface, or on the source schema. | [required]
**AccountSortAttribute** | Pointer to **String** | The value of this configuration is a string name of the attribute to use when determining the ordering of returned accounts when there are multiple entries | [optional] [default to "created"]
**AccountSortDescending** | Pointer to **Boolean** | The value of this configuration is a boolean (true/false). Controls the order of the sort when there are multiple accounts. If not defined, the transform will default to false (ascending order) | [optional] [default to $false]
**AccountReturnFirstLink** | Pointer to **Boolean** | The value of this configuration is a boolean (true/false). Controls which account to source a value from for an attribute. If this flag is set to true, the transform returns the value from the first account in the list, even if it is null. If it is set to false, the transform returns the first non-null value. If not defined, the transform will default to false | [optional] [default to $false]
**AccountFilter** | Pointer to **String** | This expression queries the database to narrow search results. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the database. The default filter will always include the source and identity, and any subsequent expressions will be combined in an AND operation to the existing search criteria. Only certain searchable attributes are available: - `nativeIdentity` - the Account ID - `displayName` - the Account Name - `entitlements` - a boolean value to determine if the account has entitlements | [optional]
**AccountPropertyFilter** | Pointer to **String** | This expression is used to search and filter accounts in memory. The value of this configuration is a sailpoint.object.Filter expression and used when searching against the returned resultset. All account attributes are available for filtering as this operation is performed in memory. | [optional]
**RequiresPeriodicRefresh** | Pointer to **Boolean** | A value that indicates whether the transform logic should be re-evaluated every evening as part of the identity refresh process | [optional] [default to $false]
**VarInput** | Pointer to [**map[string]AnyType**]https://learn.microsoft.com/en-us/powershell/scripting/lang-spec/chapter-04?view=powershell-7.4 | This is an optional attribute that can explicitly define the input data which will be fed into the transform logic. If input is not provided, the transform will take its input from the source and attribute combination configured via the UI. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountAttribute = Initialize-PSSailpoint.V3AccountAttribute -SourceName Workday `
-AttributeName DEPARTMENT `
-AccountSortAttribute created `
-AccountSortDescending false `
-AccountReturnFirstLink false `
-AccountFilter !(nativeIdentity.startsWith(&quot;*DELETED*&quot;)) `
-AccountPropertyFilter (groups.containsAll({&#39;Admin&#39;}) || location &#x3D;&#x3D; &#39;Austin&#39;) `
-RequiresPeriodicRefresh false `
-VarInput {type&#x3D;accountAttribute, attributes&#x3D;{attributeName&#x3D;first_name, sourceName&#x3D;Source}}
```
- Convert the resource to JSON
```powershell
$AccountAttribute | ConvertTo-JSON
```
[[Back to top]](#)

35
docs/tools/sdk/powershell/refrence/v3/Models/AccountAttributes.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: account-attributes
title: AccountAttributes
pagination_label: AccountAttributes
sidebar_label: AccountAttributes
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountAttributes']
slug: /tools/sdk/powershell/v3/models/account-attributes
tags: ['SDK', 'Software Development Kit', 'AccountAttributes']
---
# AccountAttributes
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Attributes** | [**map[string]AnyType**]https://learn.microsoft.com/en-us/powershell/scripting/lang-spec/chapter-04?view=powershell-7.4 | The schema attribute values for the account | [required]
## Examples
- Prepare the resource
```powershell
$AccountAttributes = Initialize-PSSailpoint.V3AccountAttributes -Attributes {city&#x3D;Austin, displayName&#x3D;John Doe, userName&#x3D;jdoe, sAMAccountName&#x3D;jDoe, mail&#x3D;john.doe@sailpoint.com}
```
- Convert the resource to JSON
```powershell
$AccountAttributes | ConvertTo-JSON
```
[[Back to top]](#)

35
docs/tools/sdk/powershell/refrence/v3/Models/AccountAttributesCreate.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: account-attributes-create
title: AccountAttributesCreate
pagination_label: AccountAttributesCreate
sidebar_label: AccountAttributesCreate
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountAttributesCreate']
slug: /tools/sdk/powershell/v3/models/account-attributes-create
tags: ['SDK', 'Software Development Kit', 'AccountAttributesCreate']
---
# AccountAttributesCreate
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Attributes** | [**AccountAttributesCreateAttributes**](account-attributes-create-attributes) | | [required]
## Examples
- Prepare the resource
```powershell
$AccountAttributesCreate = Initialize-PSSailpoint.V3AccountAttributesCreate -Attributes null
```
- Convert the resource to JSON
```powershell
$AccountAttributesCreate | ConvertTo-JSON
```
[[Back to top]](#)

35
docs/tools/sdk/powershell/refrence/v3/Models/AccountAttributesCreateAttributes.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: account-attributes-create-attributes
title: AccountAttributesCreateAttributes
pagination_label: AccountAttributesCreateAttributes
sidebar_label: AccountAttributesCreateAttributes
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountAttributesCreateAttributes']
slug: /tools/sdk/powershell/v3/models/account-attributes-create-attributes
tags: ['SDK', 'Software Development Kit', 'AccountAttributesCreateAttributes']
---
# AccountAttributesCreateAttributes
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | Target source to create an account | [required]
## Examples
- Prepare the resource
```powershell
$AccountAttributesCreateAttributes = Initialize-PSSailpoint.V3AccountAttributesCreateAttributes -SourceId 34bfcbe116c9407464af37acbaf7a4dc
```
- Convert the resource to JSON
```powershell
$AccountAttributesCreateAttributes | ConvertTo-JSON
```
[[Back to top]](#)

45
docs/tools/sdk/powershell/refrence/v3/Models/AccountRequest.md Normal file
View File

@@ -0,0 +1,45 @@
---
id: account-request
title: AccountRequest
pagination_label: AccountRequest
sidebar_label: AccountRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountRequest']
slug: /tools/sdk/powershell/v3/models/account-request
tags: ['SDK', 'Software Development Kit', 'AccountRequest']
---
# AccountRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountId** | Pointer to **String** | Unique ID of the account | [optional]
**AttributeRequests** | Pointer to [**[]AttributeRequest**](attribute-request) | | [optional]
**Op** | Pointer to **String** | The operation that was performed | [optional]
**ProvisioningTarget** | Pointer to [**AccountSource**](account-source) | | [optional]
**Result** | Pointer to [**AccountRequestResult**](account-request-result) | | [optional]
**Source** | Pointer to [**AccountSource**](account-source) | | [optional]
## Examples
- Prepare the resource
```powershell
$AccountRequest = Initialize-PSSailpoint.V3AccountRequest -AccountId John.Doe `
-AttributeRequests null `
-Op Modify `
-ProvisioningTarget null `
-Result null `
-Source null
```
- Convert the resource to JSON
```powershell
$AccountRequest | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccountRequestInfo.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: account-request-info
title: AccountRequestInfo
pagination_label: AccountRequestInfo
sidebar_label: AccountRequestInfo
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountRequestInfo']
slug: /tools/sdk/powershell/v3/models/account-request-info
tags: ['SDK', 'Software Development Kit', 'AccountRequestInfo']
---
# AccountRequestInfo
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedObjectId** | Pointer to **String** | Id of requested object | [optional]
**RequestedObjectName** | Pointer to **String** | Human-readable name of requested object | [optional]
**RequestedObjectType** | Pointer to [**RequestableObjectType**](requestable-object-type) | | [optional]
## Examples
- Prepare the resource
```powershell
$AccountRequestInfo = Initialize-PSSailpoint.V3AccountRequestInfo -RequestedObjectId 2c91808563ef85690164001c31140c0c `
-RequestedObjectName Treasury Analyst `
-RequestedObjectType null
```
- Convert the resource to JSON
```powershell
$AccountRequestInfo | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccountRequestResult.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: account-request-result
title: AccountRequestResult
pagination_label: AccountRequestResult
sidebar_label: AccountRequestResult
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountRequestResult']
slug: /tools/sdk/powershell/v3/models/account-request-result
tags: ['SDK', 'Software Development Kit', 'AccountRequestResult']
---
# AccountRequestResult
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Errors** | Pointer to **[]String** | | [optional]
**Status** | Pointer to **String** | The status of the account request | [optional]
**TicketId** | Pointer to **String** | | [optional]
## Examples
- Prepare the resource
```powershell
$AccountRequestResult = Initialize-PSSailpoint.V3AccountRequestResult -Errors null `
-Status failed `
-TicketId null
```
- Convert the resource to JSON
```powershell
$AccountRequestResult | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccountSource.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: account-source
title: AccountSource
pagination_label: AccountSource
sidebar_label: AccountSource
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountSource']
slug: /tools/sdk/powershell/v3/models/account-source
tags: ['SDK', 'Software Development Kit', 'AccountSource']
---
# AccountSource
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | Pointer to **String** | The unique ID of the referenced object. | [optional]
**Name** | Pointer to **String** | The human readable name of the referenced object. | [optional]
**Type** | Pointer to **String** | Type of source returned. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountSource = Initialize-PSSailpoint.V3AccountSource -Id 2c91808568c529c60168cca6f90c1313 `
-Name John Doe `
-Type Delimited File
```
- Convert the resource to JSON
```powershell
$AccountSource | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/refrence/v3/Models/AccountToggleRequest.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: account-toggle-request
title: AccountToggleRequest
pagination_label: AccountToggleRequest
sidebar_label: AccountToggleRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountToggleRequest']
slug: /tools/sdk/powershell/v3/models/account-toggle-request
tags: ['SDK', 'Software Development Kit', 'AccountToggleRequest']
---
# AccountToggleRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ExternalVerificationId** | Pointer to **String** | If set, an external process validates that the user wants to proceed with this request. | [optional]
**ForceProvisioning** | Pointer to **Boolean** | If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. Providing 'true' for an unlocked account will add and process 'Unlock' operation by the workflow. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountToggleRequest = Initialize-PSSailpoint.V3AccountToggleRequest -ExternalVerificationId 3f9180835d2e5168015d32f890ca1581 `
-ForceProvisioning false
```
- Convert the resource to JSON
```powershell
$AccountToggleRequest | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/refrence/v3/Models/AccountUnlockRequest.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: account-unlock-request
title: AccountUnlockRequest
pagination_label: AccountUnlockRequest
sidebar_label: AccountUnlockRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountUnlockRequest']
slug: /tools/sdk/powershell/v3/models/account-unlock-request
tags: ['SDK', 'Software Development Kit', 'AccountUnlockRequest']
---
# AccountUnlockRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**ExternalVerificationId** | Pointer to **String** | If set, an external process validates that the user wants to proceed with this request. | [optional]
**UnlockIDNAccount** | Pointer to **Boolean** | If set, the IDN account is unlocked after the workflow completes. | [optional]
**ForceProvisioning** | Pointer to **Boolean** | If set, provisioning updates the account attribute at the source. This option is used when the account is not synced to ensure the attribute is updated. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountUnlockRequest = Initialize-PSSailpoint.V3AccountUnlockRequest -ExternalVerificationId 3f9180835d2e5168015d32f890ca1581 `
-UnlockIDNAccount false `
-ForceProvisioning false
```
- Convert the resource to JSON
```powershell
$AccountUnlockRequest | ConvertTo-JSON
```
[[Back to top]](#)

Some files were not shown because too many files have changed in this diff Show More