LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-09 20:37:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Automated commit by github action: 5081271188

Browse Source
This commit is contained in:
GitHub Action Bot
2023-05-25 14:39:38 +00:00
parent a6ae35d16b
commit 74cf45e612
24 changed files with 893 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
static/api-specs/idn/beta/paths/campaign.yaml
View File

@@ -6,6 +6,9 @@ get:
description: >-
Retrieves information for an existing campaign using the campaign's ID. Authorized callers must be a
reviewer for this campaign, an ORG_ADMIN, or a CERT_ADMIN.
deprecated: true
security:
- oauth2: []
parameters:
- in: path
name: id
@@ -48,8 +51,8 @@ patch:
- Certification Campaigns
summary: Update a Campaign
description: Allows updating individual fields on a campaign using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# security:
# - oauth2: [ORG_ADMIN,CERT_ADMIN]
security:
- oauth2: [idn:campaign:update,idn:campaign:read]
parameters:
- in: path
name: id

9
static/api-specs/idn/beta/paths/campaigns.yaml
View File

@@ -6,8 +6,8 @@ get:
description: >-
Gets campaigns and returns them in a list. Can provide increased level of detail for each campaign if provided
the correct query.
# security:
# - oauth2: [CERT_ADMIN,DASHBOARD,ORG_ADMIN,REPORT_ADMIN,ROLE_ADMIN,SOURCE_ADMIN,SOURCE_SUBADMIN]
security:
- oauth2: []
parameters:
- in: query
name: detail
@@ -87,8 +87,9 @@ post:
- Certification Campaigns
summary: Create a campaign
description: Creates a new Certification Campaign with the information provided in the request body.
#security:
# - oauth2: [ORG_ADMIN,CERT_ADMIN]
security:
- oauth2: [idn:campaign:create]
deprecated: true
requestBody:
required: true
content:

3
static/api-specs/idn/beta/schemas/SlimCampaign.yaml
View File

@@ -39,10 +39,12 @@ properties:
emailNotificationEnabled:
type: boolean
description: Enables email notification for this campaign
default: false
example: false
autoRevokeAllowed:
type: boolean
description: Allows auto revoke for this campaign
default: false
example: false
recommendationsEnabled:
type: boolean
@@ -50,6 +52,7 @@ properties:
Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off
then campaigns generated from this template will indicate false. The real value will then be returned if
IAI is ever enabled for the org in the future.
default: false
example: true
status:
type: string

71
static/api-specs/idn/sailpoint-api.v3.yaml
View File

@@ -161,6 +161,73 @@ tags:
- Password Change: These include password changes on sources.
Refer to [Account Activity](https://documentation.sailpoint.com/saas/help/search/index.html#account-activity) for more information about account activities.
- name: Certification Campaigns
description: |
Use this API to implement certification campaign functionality.
With this functionality in place, administrators can create, customize, and manage certification campaigns for their organizations' use.
Certification campaigns provide IdentityNow (IDN) users with an interactive review process they can use to identify and verify access to systems.
Campaigns help organizations reduce risk of inappropriate access and satisfy audit requirements.
A certification refers to IDN's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access.
These certifications serve as a way of showing that a user's access has been reviewed and approved.
Multiple certifications by different reviewers are often required to approve a user's access.
A set of multiple certifications is called a certification campaign.
For example, an organization may use a Manager Certification campaign as a way of showing that a user's access has been reviewed and approved by multiple managers.
Once this campaign has been completed, IDN would provision all the access the user needs, nothing more.
IDN provides two simple campaign types users can create without using search queries, Manager and Source Owner campaigns:
You can create these types of campaigns without using any search queries in IDN:
- ManagerCampaign: IDN provides this campaign type as a way to ensure that an identity's access is certified by their managers.
You only need to provide a name and description to create one.
- Source Owner Campaign: IDN provides this campaign type as a way to ensure that an identity's access to a source is certified by its source owners.
You only need to provide a name and description to create one.
You can specify the sources whose owners you want involved or just run it across all sources.
For more information about these campaign types, refer to [Starting a Manager or Source Owner Campaign](https://documentation.sailpoint.com/saas/help/certs/starting_campaign.html).
One useful way to create certification campaigns in IDN is to use a specific search and then run a campaign on the results returned by that search.
This allows you to be much more specific about whom you are certifying in your campaigns and what access you are certifying in your campaigns.
For example, you can search for all identities who are managed by "Amanda.Ross" and also have the access to the "Accounting" role and then run a certification campaign based on that search to ensure that the returned identities are appropriately certified.
You can use IDN search queries to create these types of campaigns:
- Identities: Use this campaign type to review and revoke access items for specific identities.
You can either build a search query and create a campaign certifying all identities returned by that query, or you can search for individual identities and add those identities to the certification campaign.
- Access Items: Use this campaign type to review and revoke a set of roles, access profiles, or entitlements from the identities that have them.
You can either build a search query and create a campaign certifying all access items returned by that query, or you can search for individual access items and add those items to the certification campaign.
- Role Composition: Use this campaign type to review a role's composition, including its title, description, and membership criteria.
You can either build a search query and create a campaign certifying all roles returned by that query, or you can search for individual roles and add those roles to the certification campaign.
- Uncorrelated Accounts: Use this campaign type to certify source accounts that aren't linked to an authoritative identity in IDN.
You can use this campaign type to view all the uncorrelated accounts for a source and certify them.
For more information about search-based campaigns, refer to [Starting a Campaign from Search](https://documentation.sailpoint.com/saas/help/certs/starting_search_campaign.html).
Once you have generated your campaign, it becomes available for preview.
An administrator can review the campaign and make changes, or if it's ready and accurate, activate it.
Once the campaign is active, organization administrators or certification administrators can designate other IDN users as certification reviewers.
Those reviewers can view any of the certifications they either need to review (active) or have already reviewed (completed).
When a certification campaign is in progress, certification reviewers see the listed active certifications whose involved identities they can review.
Reviewers can then make decisions to grant or revoke access, as well as reassign the ceritifcation to another reviewer. If the reviewer chooses this option, they must provide a reason for reassignment in the form of a comment.
Once a reviewer has made decisions on all the certification's involved access items, he or she must "Sign Off" to complete the review process.
Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items.
Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase.
In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation.
In this situation, the certification campaign completes once all the remediation requests are completed.
The end of a certification campaign is determined by its deadline, its completion status, or by an administrator's decision.
For more information about certifications and certification campaigns, refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html).
- name: Certifications
description: |
Use this API to implement certification functionality.
@@ -712,6 +779,10 @@ paths:
$ref: "./v3/paths/account-activity-list.yaml"
/account-activities/{id}:
$ref: "./v3/paths/account-activity-get-one.yaml"
/campaigns:
$ref: './v3/paths/campaigns.yaml'
/campaigns/{id}:
$ref: './v3/paths/campaign.yaml'
/certifications:
$ref: "./v3/paths/identity-certifications.yaml"
/certifications/{id}:

46
static/api-specs/idn/v3/paths/campaign.yaml Normal file
View File

@@ -0,0 +1,46 @@
get:
operationId: getCampaign
tags:
- Certification Campaigns
summary: Get a campaign
description: >-
Retrieves information for an existing campaign using the campaign's ID. Authorized callers must be a
reviewer for this campaign, an ORG_ADMIN, or a CERT_ADMIN.
security:
- oauth2: []
parameters:
- in: path
name: id
schema:
type: string
required: true
description: The ID of the campaign to be retrieved
example: 2c91808571bcfcf80171c23e4b4221fc
responses:
'200':
description: A campaign object
content:
application/json:
schema:
$ref: '../schemas/SlimCampaign.yaml'
examples:
Manager:
$ref: '../schemas/campaign/examples/SlimCampaignManager.yaml'
Search:
$ref: '../schemas/campaign/examples/SlimCampaignSearch.yaml'
Source Owner:
$ref: '../schemas/campaign/examples/SlimCampaignSourceOwner.yaml'
RoleComposition:
$ref: '../schemas/campaign/examples/SlimCampaignRoleComposition.yaml'
'400':
$ref: '../responses/400.yaml'
'401':
$ref: '../responses/401.yaml'
'403':
$ref: '../responses/403.yaml'
'404':
$ref: '../responses/404.yaml'
'429':
$ref: '../responses/429.yaml'
'500':
$ref: '../responses/500.yaml'

49
static/api-specs/idn/v3/paths/campaigns.yaml Normal file
View File

@@ -0,0 +1,49 @@
post:
operationId: createCampaign
tags:
- Certification Campaigns
summary: Create a campaign
description: Creates a new Certification Campaign with the information provided in the request body.
security:
- oauth2: [idn:campaign:create]
requestBody:
required: true
content:
application/json:
schema:
$ref: '../schemas/Campaign.yaml'
examples:
Manager:
$ref: '../schemas/campaign/examples/CreateCampaignManager.yaml'
Search:
$ref: '../schemas/campaign/examples/CreateCampaignSearch.yaml'
Source Owner:
$ref: '../schemas/campaign/examples/CreateCampaignSourceOwner.yaml'
Role Composition:
$ref: '../schemas/campaign/examples/CreateCampaignRoleComposition.yaml'
responses:
'200':
description: Indicates that the campaign requested was successfully created and returns its representation.
content:
application/json:
schema:
$ref: '../schemas/Campaign.yaml'
examples:
Manager:
$ref: '../schemas/campaign/examples/FullCampaignManager.yaml'
Search:
$ref: '../schemas/campaign/examples/FullCampaignSearch.yaml'
Source Owner:
$ref: '../schemas/campaign/examples/FullCampaignSourceOwner.yaml'
Role Composition:
$ref: '../schemas/campaign/examples/FullCampaignRoleComposition.yaml'
'400':
$ref: '../responses/400.yaml'
'401':
$ref: '../responses/401.yaml'
'403':
$ref: '../responses/403.yaml'
'429':
$ref: '../responses/429.yaml'
'500':
$ref: '../responses/500.yaml'

26
static/api-specs/idn/v3/schemas/AccessConstraint.yaml Normal file
View File

@@ -0,0 +1,26 @@
type : object
properties:
type:
type: string
enum:
- ENTITLEMENT
- ACCESS_PROFILE
- ROLE
description: Type of Access
example: ENTITLEMENT
ids:
description: Must be set only if operator is SELECTED.
type: array
items:
type: string
example: [2c90ad2a70ace7d50170acf22ca90010]
operator:
type: string
enum:
- ALL
- SELECTED
description: Used to determine whether the scope of the campaign should be reduced for selected ids or all.
example: SELECTED
required:
- type
- operator

208
static/api-specs/idn/v3/schemas/Campaign.yaml Normal file
View File

@@ -0,0 +1,208 @@
type : object
title: Campaign
allOf:
- $ref: 'SlimCampaign.yaml'
- type: object
properties:
created:
type: string
readOnly: true
format: date-time
description: Created time of the campaign
example: '2020-03-03T22:15:13.611Z'
modified:
type: string
readOnly: true
format: date-time
description: Modified time of the campaign
example: '2020-03-03T22:20:12.674Z'
correlatedStatus:
description: >-
The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated.
An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).
enum:
- "CORRELATED"
- "UNCORRELATED"
example: CORRELATED
filter:
type: object
description: >-
Determines which items will be included in this campaign. The default campaign filter is used if this
field is left blank.
properties:
id:
type: string
description: The ID of whatever type of filter is being used.
example: 0fbe863c063c4c88a35fd7f17e8a3df5
type:
type: string
description: Type of the filter
enum:
- CAMPAIGN_FILTER
- RULE
example: CAMPAIGN_FILTER
name:
type: string
description: Name of the filter
example: Test Filter
sunsetCommentsRequired:
type: boolean
description: >-
Determines if comments on sunset date changes are required.
default: true
example: true
sourceOwnerCampaignInfo:
type: object
description: Must be set only if the campaign type is SOURCE_OWNER.
properties:
sourceIds:
type: array
description: The list of sources to be included in the campaign.
items:
type: string
example: [0fbe863c063c4c88a35fd7f17e8a3df5]
searchCampaignInfo:
type: object
description: Must be set only if the campaign type is SEARCH.
properties:
type:
type: string
description: The type of search campaign represented.
enum:
- IDENTITY
- ACCESS
example: ACCESS
description:
type: string
description: >-
Describes this search campaign. Intended for storing the query used, and possibly the number of identities
selected/available.
example: Search Campaign description
reviewer:
description: >-
If specified, this identity or governance group will be the reviewer for all certifications in
this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP
allOf:
- $ref: './BaseReferenceDto.yaml'
- type: object
query:
type: string
description: >-
The scope for the campaign. The campaign will cover identities returned by the query and identities that
have access items returned by the query. One of `query` or `identityIds` must be set.
example: Search Campaign query description
identityIds:
type: array
description: A direct list of identities to include in this campaign. One of `identityIds` or `query` must be set.
items:
type: string
maxItems: 1000
example: [0fbe863c063c4c88a35fd7f17e8a3df5]
accessConstraints:
type: array
description: >-
Further reduces the scope of the campaign by excluding identities (from `query` or `identityIds`) that do
not have this access.
items:
$ref: './AccessConstraint.yaml'
maxItems: 1000
required:
- type
roleCompositionCampaignInfo:
type: object
description: Optional configuration options for role composition campaigns.
properties:
reviewer:
description: >-
If specified, this identity or governance group will be the reviewer for all certifications in
this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP
allOf:
- $ref: './BaseReferenceDto.yaml'
- type: object
roleIds:
type: array
description: >-
Optional list of roles to include in this campaign. Only one of `roleIds` and `query` may be set; if
neither are set, all roles are included.
items:
type: string
example: [2c90ad2a70ace7d50170acf22ca90010]
remediatorRef:
type: object
description: >-
This determines who remediation tasks will be assigned to. Remediation tasks are created for each
revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the
chosen identity must be a Role Admin or Org Admin.
properties:
type:
type: string
enum:
- IDENTITY
description: Legal Remediator Type
example: IDENTITY
id:
type: string
description: The ID of the remediator.
example: 2c90ad2a70ace7d50170acf22ca90010
name:
type: string
description: The name of the remediator.
readOnly: true
example: Role Admin
required:
- type
- id
query:
type: string
description: >-
Optional search query to scope this campaign to a set of roles. Only one of `roleIds` and `query` may
be set; if neither are set, all roles are included.
example: Search Query
description:
type: string
description: >-
Describes this role composition campaign. Intended for storing the query used, and possibly the number
of roles selected/available.
example: Role Composition Description
required:
- remediatorRef
alerts:
type: array
description: A list of errors and warnings that have accumulated.
readOnly: true
items:
$ref: './CampaignAlert.yaml'
totalCertifications:
type: integer
description: The total number of certifications in this campaign.
readOnly: true
example: 100
completedCertifications:
type: integer
description: The number of completed certifications in this campaign.
readOnly: true
example: 10
sourcesWithOrphanEntitlements:
type: array
description: >-
A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding
Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may
be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).
readOnly: true
items:
type: object
properties:
id:
type: string
description: Id of the source
example: 2c90ad2a70ace7d50170acf22ca90010
type:
type: string
enum:
- SOURCE
description: Type
example: SOURCE
name:
type: string
description: Name of the source
example: Source with orphan entitlements

14
static/api-specs/idn/v3/schemas/CampaignAlert.yaml Normal file
View File

@@ -0,0 +1,14 @@
type : object
properties:
level:
type: string
enum:
- ERROR
- WARN
- INFO
description: Denotes the level of the message
example: ERROR
localizations:
type: array
items:
$ref: './ErrorMessageDto.yaml'

80
static/api-specs/idn/v3/schemas/SlimCampaign.yaml Normal file
View File

@@ -0,0 +1,80 @@
type : object
title: Slim Campaign
required:
- name
- description
- type
properties:
id:
type: string
readOnly: true
description: Id of the campaign
example: 2c9079b270a266a60170a2779fcb0007
name:
description: >-
The campaign name. If this object is part of a template, special formatting applies; see the
`/campaign-templates/{id}/generate` endpoint documentation for details.
type: string
example: Manager Campaign
description:
type: string
description: >-
The campaign description. If this object is part of a template, special formatting applies; see the
`/campaign-templates/{id}/generate` endpoint documentation for details.
example: Everyone needs to be reviewed by their manager
deadline:
type: string
format: date-time
description: The campaign's completion deadline.
example: '2020-03-15T10:00:01.456Z'
type:
type: string
description: The type of campaign. Could be extended in the future.
enum:
- MANAGER
- SOURCE_OWNER
- SEARCH
- ROLE_COMPOSITION
example: MANAGER
emailNotificationEnabled:
type: boolean
description: Enables email notification for this campaign
default: false
example: false
autoRevokeAllowed:
type: boolean
description: Allows auto revoke for this campaign
default: false
example: false
recommendationsEnabled:
type: boolean
description: >-
Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off
then campaigns generated from this template will indicate false. The real value will then be returned if
IAI is ever enabled for the org in the future.
default: false
example: true
status:
type: string
description: The campaign's current status.
readOnly: true
enum:
- PENDING
- STAGED
- CANCELING
- ACTIVATING
- ACTIVE
- COMPLETING
- COMPLETED
- ERROR
- ARCHIVED
example: ACTIVE
correlatedStatus:
type: string
description: >-
The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated.
An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).
enum:
- CORRELATED
- UNCORRELATED
example: CORRELATED

15
static/api-specs/idn/v3/schemas/campaign/examples/CreateCampaignManager.yaml Normal file
View File

@@ -0,0 +1,15 @@
value:
name: Manager Review
description: A review of everyone's access by their manager.
deadline: 2020-12-25T06:00:00.468Z
type: MANAGER
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
filter:
type: CAMPAIGN_FILTER
id: 0c46fb26c6b20967a55517ee90d15b93

19
static/api-specs/idn/v3/schemas/campaign/examples/CreateCampaignRoleComposition.yaml Normal file
View File

@@ -0,0 +1,19 @@
value:
name: Role Composition Campaign
description: A review done by a role owner.
deadline: 2020-12-25T06:00:00.468Z
type: ROLE_COMPOSITION
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
filter:
type: CAMPAIGN_FILTER
id: 0c46fb26c6b20967a55517ee90d15b93
roleCompositionCampaignInfo:
remediatorRef:
type: IDENTITY
id: 7ec252acbd4245548bc25df22348cb75
name: SailPoint Support
roleIds:
- b15d609fc5c8434b865fe552315fda8f

15
static/api-specs/idn/v3/schemas/campaign/examples/CreateCampaignSearch.yaml Normal file
View File

@@ -0,0 +1,15 @@
value:
name: Search Campaign
description: Search Campaign
deadline: 2020-12-25T06:00:00.468Z
type: SEARCH
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
filter:
type: CAMPAIGN_FILTER
id: 0c46fb26c6b20967a55517ee90d15b93
searchCampaignInfo:
type: ACCESS
query: user

16
static/api-specs/idn/v3/schemas/campaign/examples/CreateCampaignSourceOwner.yaml Normal file
View File

@@ -0,0 +1,16 @@
value:
name: Source Owner
description: Source Owner Info
deadline: 2020-12-25T06:00:00.468Z
type: SOURCE_OWNER
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
filter:
type: CAMPAIGN_FILTER
id: 0c46fb26c6b20967a55517ee90d15b93
sourceOwnerCampaignInfo:
sourceIds:
- 612b31b1a0f04aaf83123bdb80e70db6
correlatedStatus: CORRELATED

24
static/api-specs/idn/v3/schemas/campaign/examples/FullCampaignManager.yaml Normal file
View File

@@ -0,0 +1,24 @@
value:
id: 5594f43b76804a6980ece5fdccf74be7
name: Manager Review
description: A review of everyone's access by their manager.
deadline: 2020-12-25T06:00:00.468Z
type: MANAGER
status: PENDING
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-08-02T20:21:18.421Z
modified: null
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Manager Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo: null
searchCampaignInfo: null
roleCompositionCampaignInfo: null
alerts: null
totalCertifications: 0
completedCertifications: 0
sourcesWithOrphanEntitlements: null

35
static/api-specs/idn/v3/schemas/campaign/examples/FullCampaignRoleComposition.yaml Normal file
View File

@@ -0,0 +1,35 @@
value:
id: 3b2e2e5821e84127b6d693d41c40623b
name: Role Composition Campaign
description: A review done by a role owner.
deadline: 2020-12-25T06:00:00.468Z
type: ROLE_COMPOSITION
status: PENDING
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-08-02T20:30:46.083Z
modified: null
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Role Composition Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo: null
searchCampaignInfo: null
roleCompositionCampaignInfo:
remediatorRef:
type: IDENTITY
id: 7ec252acbd4245548bc25df22348cb75
name: SailPoint Support
reviewerId: null
reviewer: null
roleIds:
- b15d609fc5c8434b865fe552315fda8f
query: null
description: null
alerts: null
totalCertifications: 0
completedCertifications: 0
sourcesWithOrphanEntitlements: null

33
static/api-specs/idn/v3/schemas/campaign/examples/FullCampaignSearch.yaml Normal file
View File

@@ -0,0 +1,33 @@
value:
id: ec041831cb2147778b594feb9d8db44a
name: Search Campaign
description: Search Campaign
deadline: 2020-12-25T06:00:00.468Z
type: SEARCH
status: PENDING
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-08-03T13:54:34.344Z
modified: null
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Search Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo: null
searchCampaignInfo:
type: ACCESS
description: user
reviewer:
type: IDENTITY
id: 7ec252acbd4245548bc25df22348cb75
name: null
query: user
identityIds: null
accessConstraints: []
roleCompositionCampaignInfo: null
alerts: null
totalCertifications: 0
completedCertifications: 0
sourcesWithOrphanEntitlements: null

28
static/api-specs/idn/v3/schemas/campaign/examples/FullCampaignSourceOwner.yaml Normal file
View File

@@ -0,0 +1,28 @@
value:
id: fd7b76ba4ea042de8a9414aa12fc977a
name: Source Owner
description: Source Owner Info
deadline: 2020-12-25T06:00:00.468Z
type: SOURCE_OWNER
status: PENDING
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-08-03T13:34:19.541Z
modified: null
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Source Owner Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo:
sourceIds:
- 612b31b1a0f04aaf83123bdb80e70db6
searchCampaignInfo: null
roleCompositionCampaignInfo: null
alerts: null
totalCertifications: 0
completedCertifications: 0
sourcesWithOrphanEntitlements: null
correlatedStatus: CORRELATED

121
static/api-specs/idn/v3/schemas/campaign/examples/FullCampaigns.yaml Normal file
View File

@@ -0,0 +1,121 @@
description: List of Campaigns that would result from specifying *detail* as FULL
value:
- id: 078696a575e045c68d6722ccdb9f101d
name: Role Composition Campaign
description: A review done by a role owner.
deadline: 2020-12-25T06:00:00.468Z
type: ROLE_COMPOSITION
status: ERROR
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-08-02T20:29:51.065Z
modified: 2022-08-02T20:29:51.331Z
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Role Composition Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo: null
searchCampaignInfo: null
roleCompositionCampaignInfo:
remediatorRef:
type: IDENTITY
id: 7ec252acbd4245548bc25df22348cb75
name: SailPoint Support
reviewerId: null
reviewer: null
roleIds:
- b15d609fc5c8434b865fe552315fda8f
query: null
description: null
alerts:
- level: ERROR
localizations:
- locale: en
localeOrigin: DEFAULT
text: Composite criterion must have children non-composite criterion must not.
totalCertifications: 0
completedCertifications: 0
sourcesWithOrphanEntitlements: null
- id: 1be8fc1103914bf0a4e14e316b6a7b7c
name: Manager Review
description: A review of everyone's access by their manager.
deadline: 2020-12-25T06:00:00.468Z
type: MANAGER
status: STAGED
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-08-02T19:00:27.731Z
modified: 2022-08-02T19:00:34.391Z
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Manager Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo: null
searchCampaignInfo: null
roleCompositionCampaignInfo: null
alerts: null
totalCertifications: 5
completedCertifications: 0
sourcesWithOrphanEntitlements: []
- id: 7e1a731e3fb845cfbe58112ba4673ee4
name: Search Campaign
description: Search Campaign for Identities
deadline: 2022-07-26T15:42:44Z
type: SEARCH
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-07-25T15:42:18.276Z
modified: 2022-07-25T15:42:53.718Z
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Search Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo: null
searchCampaignInfo:
type: IDENTITY
description: Example of Search Campaign
reviewer:
type: IDENTITY
id: 7ec252acbd4245548bc25df22348cb75
name: null
query: user
identityIds: null
accessConstraints: []
roleCompositionCampaignInfo: null
alerts: null
totalCertifications: 6
completedCertifications: 0
sourcesWithOrphanEntitlements: []
- id: ad3cf3dd50394b1bad646de4bc51b999
name: Source Owner Campaign
description: Example for Source Owner Campaign
deadline: 2022-08-10T17:09:02Z
type: SOURCE_OWNER
status: ACTIVE
emailNotificationEnabled: true
autoRevokeAllowed: false
recommendationsEnabled: false
created: 2022-07-27T17:04:19.027Z
modified: 2022-07-27T17:09:13.925Z
filter:
type: CAMPAIGN_FILTER
id: 0fbe863c063c4c88a35fd7f17e8a3df5
name: Test Source Owner Filter
sunsetCommentsRequired: true
sourceOwnerCampaignInfo:
sourceIds:
- 2c91808781fd5aea01821200dc88318e
searchCampaignInfo: null
roleCompositionCampaignInfo: null
alerts: null
totalCertifications: 2
completedCertifications: 0
sourcesWithOrphanEntitlements: []
correlatedStatus: CORRELATED

10
static/api-specs/idn/v3/schemas/campaign/examples/SlimCampaignManager.yaml Normal file
View File

@@ -0,0 +1,10 @@
value:
id: 2c918086719eec070171a7e3355a360a
name: Manager Review
description: A review of everyone's access by their manager.
deadline: "2020-12-25T06:00:00.123Z"
type: MANAGER
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false

10
static/api-specs/idn/v3/schemas/campaign/examples/SlimCampaignRoleComposition.yaml Normal file
View File

@@ -0,0 +1,10 @@
value:
id: 3b2e2e5821e84127b6d693d41c40623b
name: Role Composition Campaign
description: A review done by a role owner.
deadline: 2020-12-25T06:00:00.468Z
type: ROLE_COMPOSITION
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false

10
static/api-specs/idn/v3/schemas/campaign/examples/SlimCampaignSearch.yaml Normal file
View File

@@ -0,0 +1,10 @@
value:
id: 7e1a731e3fb845cfbe58112ba4673ee4
name: Search Campaign
description: Search Campaign Info
deadline: 2022-07-26T15:42:44Z
type: SEARCH
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false

11
static/api-specs/idn/v3/schemas/campaign/examples/SlimCampaignSourceOwner.yaml Normal file
View File

@@ -0,0 +1,11 @@
value:
id: 2c918086719eec070171a7e3355a412b
name: AD Source Review
description: A review of our AD source.
deadline: "2020-12-25T06:00:00.123Z"
type: SOURCE_OWNER
status: STAGED
emailNotificationEnabled: true
autoRevokeAllowed: false
recommendationsEnabled: false
correlatedStatus: CORRELATED

39
static/api-specs/idn/v3/schemas/campaign/examples/SlimCampaigns.yaml Normal file
View File

@@ -0,0 +1,39 @@
description: List of Slim Campaigns that would result from not specifying *detail* or specifying SLIM
value:
- id: 2c918086719eec070171a7e3355a360a
name: Manager Review
description: A review of everyone's access by their manager.
deadline: "2020-12-25T06:00:00.123Z"
type: MANAGER
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
- id: 7e1a731e3fb845cfbe58112ba4673ee4
name: Search Campaign
description: Search Campaign Info
deadline: 2022-07-26T15:42:44Z
type: SEARCH
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false
- id: 2c918086719eec070171a7e3355a412b
name: AD Source Review
description: A review of our AD source.
deadline: "2020-12-25T06:00:00.123Z"
type: SOURCE_OWNER
status: STAGED
emailNotificationEnabled: true
autoRevokeAllowed: false
recommendationsEnabled: false
correlatedStatus: CORRELATED
- id: 3b2e2e5821e84127b6d693d41c40623b
name: Role Composition Campaign
description: A review done by a role owner.
deadline: 2020-12-25T06:00:00.468Z
type: ROLE_COMPOSITION
status: ACTIVE
emailNotificationEnabled: false
autoRevokeAllowed: false
recommendationsEnabled: false