LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 20:37:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update to powershell SDK docs: 14407073468

Browse Source
This commit is contained in:
developer-relations-sp
2025-04-11 15:52:43 +00:00
parent 6150a9b9fd
commit 822416d6f5
73 changed files with 4637 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

131
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaAccessRequestsApi.md
View File

@@ -174,6 +174,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -184,6 +185,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/beta/create-access-request)
@@ -213,7 +215,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -274,6 +276,133 @@ $AccessRequest = @"{
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@

190
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaWorkflowsApi.md
View File

@@ -33,9 +33,9 @@ Method | HTTP request | Description
[**Update-BetaWorkflow**](#patch-workflow) | **PATCH** `/workflows/{id}` | Patch Workflow
[**Submit-BetaExternalExecuteWorkflow**](#post-external-execute-workflow) | **POST** `/workflows/execute/external/{id}` | Execute Workflow via External Trigger
[**Submit-BetaWorkflowExternalTrigger**](#post-workflow-external-trigger) | **POST** `/workflows/{id}/external/oauth-clients` | Generate External Trigger OAuth Client
[**Send-BetaWorkflow**](#put-workflow) | **PUT** `/workflows/{id}` | Update Workflow
[**Test-BetaExternalExecuteWorkflow**](#test-external-execute-workflow) | **POST** `/workflows/execute/external/{id}/test` | Test Workflow via External Trigger
[**Test-BetaWorkflow**](#test-workflow) | **POST** `/workflows/{id}/test` | Test Workflow By Id
[**Update-BetaWorkflow**](#update-workflow) | **PUT** `/workflows/{id}` | Update Workflow
## cancel-workflow-execution
@@ -184,6 +184,7 @@ Get a single workflow by id.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
Query | WorkflowMetrics | **Boolean** | (optional) (default to $true) | disable workflow metrics
### Return type
[**Workflow**](../models/workflow)
@@ -205,6 +206,7 @@ Code | Description | Data Type
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
$WorkflowMetrics = $false # Boolean | disable workflow metrics (optional) (default to $true)
# Get Workflow By Id
@@ -212,7 +214,7 @@ try {
Get-BetaWorkflow -Id $Id
# Below is a request that includes all optional parameters
# Get-BetaWorkflow -Id $Id
# Get-BetaWorkflow -Id $Id -WorkflowMetrics $WorkflowMetrics
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaWorkflow"
Write-Host $_.ErrorDetails
@@ -572,6 +574,10 @@ List all workflows in the tenant.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | TriggerId | **String** | (optional) | Trigger ID
Query | ConnectorInstanceId | **String** | (optional) | Connector Instance ID
### Return type
[**Workflow[]**](../models/workflow)
@@ -592,6 +598,10 @@ Code | Description | Data Type
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$TriggerId = "idn:identity-created" # String | Trigger ID (optional)
$ConnectorInstanceId = "28541fec-bb81-4ad4-88ef-0f7d213adcad" # String | Connector Instance ID (optional)
# List Workflows
@@ -599,7 +609,7 @@ try {
Get-BetaWorkflows
# Below is a request that includes all optional parameters
# Get-BetaWorkflows
# Get-BetaWorkflows -Limit $Limit -Offset $Offset -TriggerId $TriggerId -ConnectorInstanceId $ConnectorInstanceId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaWorkflows"
Write-Host $_.ErrorDetails
@@ -752,6 +762,93 @@ try {
```
[[Back to top]](#)
## put-workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/put-workflow)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
Body | WorkflowBody | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
$WorkflowBody = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"formDefinitionId" : "Admin_Access_Request_Form",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}"@
# Update Workflow
try {
$Result = ConvertFrom-JsonToWorkflowBody -Json $WorkflowBody
Send-BetaWorkflow -Id $Id -WorkflowBody $Result
# Below is a request that includes all optional parameters
# Send-BetaWorkflow -Id $Id -WorkflowBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-BetaWorkflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-external-execute-workflow
Validate a workflow with an "External Trigger" can receive input. The response includes the input that the workflow received, which can be used to validate that the input is intact when it reaches the workflow.
@@ -848,90 +945,3 @@ try {
}
```
[[Back to top]](#)
## update-workflow
Perform a full update of a workflow. The updated workflow object is returned in the response.
[API Spec](https://developer.sailpoint.com/docs/api/beta/update-workflow)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Workflow
Body | WorkflowBody | [**WorkflowBody**](../models/workflow-body) | True |
### Return type
[**Workflow**](../models/workflow)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The Workflow object | Workflow
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Workflow
$WorkflowBody = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"name" : "Send Email",
"description" : "Send an email to the identity who's attributes changed.",
"definition" : {
"start" : "Send Email Test",
"steps" : {
"Send Email" : {
"actionId" : "sp:send-email",
"attributes" : {
"body" : "This is a test",
"from" : "sailpoint@sailpoint.com",
"recipientId.$" : "$.identity.id",
"subject" : "test"
},
"nextStep" : "success",
"type" : "ACTION"
},
"success" : {
"type" : "success"
}
}
},
"trigger" : {
"displayName" : "displayName",
"attributes" : {
"description" : "Triggered when an identity's manager attribute changes",
"formDefinitionId" : "Admin_Access_Request_Form",
"attributeToFilter" : "LifecycleState",
"id" : "idn:identity-attributes-changed",
"filter.$" : "$.changes[?(@.attribute == 'manager')]"
},
"type" : "EVENT"
},
"enabled" : false
}"@
# Update Workflow
try {
$Result = ConvertFrom-JsonToWorkflowBody -Json $WorkflowBody
Update-BetaWorkflow -Id $Id -WorkflowBody $Result
# Below is a request that includes all optional parameters
# Update-BetaWorkflow -Id $Id -WorkflowBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-BetaWorkflow"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

6
docs/tools/sdk/powershell/Reference/Beta/Models/AccessRequest.md
View File

@@ -20,15 +20,17 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.BetaAccessRequest -RequestedFor null `
$AccessRequest = Initialize-PSSailpoint.BetaAccessRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app} `
-RequestedForWithRequestedItems null
```
- Convert the resource to JSON

37
docs/tools/sdk/powershell/Reference/Beta/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: beta-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountItemRef', 'BetaAccountItemRef']
slug: /tools/sdk/powershell/beta/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'BetaAccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountUuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
## Examples
- Prepare the resource
```powershell
$AccountItemRef = Initialize-PSSailpoint.BetaAccountItemRef -AccountUuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local
```
- Convert the resource to JSON
```powershell
$AccountItemRef | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/Beta/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: beta-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedForDtoRef', 'BetaRequestedForDtoRef']
slug: /tools/sdk/powershell/beta/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'BetaRequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | The identity id for which the access is requested | [required]
**RequestedItems** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
## Examples
- Prepare the resource
```powershell
$RequestedForDtoRef = Initialize-PSSailpoint.BetaRequestedForDtoRef -IdentityId cb89bc2f1ee6445fbea12224c526ba3a `
-RequestedItems null
```
- Convert the resource to JSON
```powershell
$RequestedForDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/Beta/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: beta-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemDtoRef', 'BetaRequestedItemDtoRef']
slug: /tools/sdk/powershell/beta/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'BetaRequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemDtoRef = Initialize-PSSailpoint.BetaRequestedItemDtoRef -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```
- Convert the resource to JSON
```powershell
$RequestedItemDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/Beta/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: beta-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceItemRef', 'BetaSourceItemRef']
slug: /tools/sdk/powershell/beta/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'BetaSourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | The id for the source on which account selections are made | [optional]
**Accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
## Examples
- Prepare the resource
```powershell
$SourceItemRef = Initialize-PSSailpoint.BetaSourceItemRef -SourceId cb89bc2f1ee6445fbea12224c526ba3a `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceItemRef | ConvertTo-JSON
```
[[Back to top]](#)

244
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024AccessRequestsApi.md
View File

@@ -40,6 +40,7 @@ Method | HTTP request | Description
[**Get-V2024AccessRequestConfig**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**Get-V2024AccessRequestStatus**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**Get-V2024AdministratorsAccessRequestStatus**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**Invoke-V2024LoadAccountSelections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**Set-V2024AccessRequestConfig**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -283,6 +284,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -293,6 +295,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/create-access-request)
@@ -322,7 +325,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -383,6 +386,133 @@ $AccessRequest = @"{
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@
@@ -573,6 +703,118 @@ try {
```
[[Back to top]](#)
## load-account-selections
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccountsSelectionRequest | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Accounts Selection Response | AccountsSelectionResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccountsSelectionRequest = @"{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}"@
# Get accounts selections for identity
try {
$Result = ConvertFrom-JsonToAccountsSelectionRequest -Json $AccountsSelectionRequest
Invoke-V2024LoadAccountSelections -AccountsSelectionRequest $Result
# Below is a request that includes all optional parameters
# Invoke-V2024LoadAccountSelections -AccountsSelectionRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2024LoadAccountSelections"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-config
This endpoint replaces the current access-request configuration.

2
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024ConfigurationHubApi.md
View File

@@ -252,7 +252,7 @@ Code | Description | Data Type
### Example
```powershell
$ScheduledActionPayload = @"{
"cronString" : "0 0 12 * * ?",
"cronString" : "0 0 12 * * * *",
"timeZoneId" : "America/Chicago",
"startTime" : "2024-08-16T14:16:58.389Z",
"jobType" : "BACKUP",

295
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024GlobalTenantSecuritySettingsApi.md
View File

@@ -21,8 +21,14 @@ All URIs are relative to *https://sailpoint.api.identitynow.com/v2024*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2024AuthOrgNetworkConfig**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**Get-V2024AuthOrgLockoutConfig**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**Get-V2024AuthOrgNetworkConfig**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**Get-V2024AuthOrgServiceProviderConfig**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**Get-V2024AuthOrgSessionConfig**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**Update-V2024AuthOrgLockoutConfig**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**Update-V2024AuthOrgNetworkConfig**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**Update-V2024AuthOrgServiceProviderConfig**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**Update-V2024AuthOrgSessionConfig**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
@@ -76,6 +82,50 @@ try {
```
[[Back to top]](#)
## get-auth-org-lockout-config
This API returns the details of an org's lockout auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Lockout configuration for the tenant's auth org. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Lockout Configuration.
try {
Get-V2024AuthOrgLockoutConfig
# Below is a request that includes all optional parameters
# Get-V2024AuthOrgLockoutConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-network-config
This API returns the details of an org's network auth configuration.
@@ -120,6 +170,147 @@ try {
```
[[Back to top]](#)
## get-auth-org-service-provider-config
This API returns the details of an org's service provider auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Service Provider Configuration.
try {
Get-V2024AuthOrgServiceProviderConfig
# Below is a request that includes all optional parameters
# Get-V2024AuthOrgServiceProviderConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-session-config
This API returns the details of an org's session auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/get-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Session configuration for the tenant's auth org. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Session Configuration.
try {
Get-V2024AuthOrgSessionConfig
# Below is a request that includes all optional parameters
# Get-V2024AuthOrgSessionConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-lockout-config
This API updates an existing lockout configuration for an org using PATCH
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org lockout configuration. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
# Update Auth Org Lockout Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024AuthOrgLockoutConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024AuthOrgLockoutConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-network-config
This API updates an existing network configuration for an org using PATCH
Requires security scope of: 'sp:auth-org:manage'
@@ -172,3 +363,107 @@ try {
}
```
[[Back to top]](#)
## patch-auth-org-service-provider-config
This API updates an existing service provider configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
# Update Service Provider Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024AuthOrgServiceProviderConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024AuthOrgServiceProviderConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-session-config
This API updates an existing session configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/patch-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org session configuration. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
# Update Auth Org Session Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2024AuthOrgSessionConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2024AuthOrgSessionConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2024AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

6
docs/tools/sdk/powershell/Reference/V2024/Models/AccessRequest.md
View File

@@ -20,15 +20,17 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.V2024AccessRequest -RequestedFor null `
$AccessRequest = Initialize-PSSailpoint.V2024AccessRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app} `
-RequestedForWithRequestedItems null
```
- Convert the resource to JSON

43
docs/tools/sdk/powershell/Reference/V2024/Models/AccountInfoRef.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2024-account-info-ref
title: AccountInfoRef
pagination_label: AccountInfoRef
sidebar_label: AccountInfoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountInfoRef', 'V2024AccountInfoRef']
slug: /tools/sdk/powershell/v2024/models/account-info-ref
tags: ['SDK', 'Software Development Kit', 'AccountInfoRef', 'V2024AccountInfoRef']
---
# AccountInfoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Uuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The account id | [optional]
**Name** | **String** | The account display name | [optional]
## Examples
- Prepare the resource
```powershell
$AccountInfoRef = Initialize-PSSailpoint.V2024AccountInfoRef -Uuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local `
-Type null `
-Id f19d168c27374fd1aff3b483573f997f `
-Name UserAccount.761a2248b
```
- Convert the resource to JSON
```powershell
$AccountInfoRef | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountItemRef', 'V2024AccountItemRef']
slug: /tools/sdk/powershell/v2024/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'V2024AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountUuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
## Examples
- Prepare the resource
```powershell
$AccountItemRef = Initialize-PSSailpoint.V2024AccountItemRef -AccountUuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local
```
- Convert the resource to JSON
```powershell
$AccountItemRef | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/Reference/V2024/Models/AccountsSelectionRequest.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-accounts-selection-request
title: AccountsSelectionRequest
pagination_label: AccountsSelectionRequest
sidebar_label: AccountsSelectionRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountsSelectionRequest', 'V2024AccountsSelectionRequest']
slug: /tools/sdk/powershell/v2024/models/accounts-selection-request
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionRequest', 'V2024AccountsSelectionRequest']
---
# AccountsSelectionRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedFor** | **[]String** | A list of Identity IDs for whom the Access is requested. | [required]
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountsSelectionRequest = Initialize-PSSailpoint.V2024AccountsSelectionRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
```
- Convert the resource to JSON
```powershell
$AccountsSelectionRequest | ConvertTo-JSON
```
[[Back to top]](#)

35
docs/tools/sdk/powershell/Reference/V2024/Models/AccountsSelectionResponse.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2024-accounts-selection-response
title: AccountsSelectionResponse
pagination_label: AccountsSelectionResponse
sidebar_label: AccountsSelectionResponse
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountsSelectionResponse', 'V2024AccountsSelectionResponse']
slug: /tools/sdk/powershell/v2024/models/accounts-selection-response
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionResponse', 'V2024AccountsSelectionResponse']
---
# AccountsSelectionResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Identities** | [**[]IdentityAccountSelections**](identity-account-selections) | A list of available account selections per identity in the request, for all the requested items | [optional]
## Examples
- Prepare the resource
```powershell
$AccountsSelectionResponse = Initialize-PSSailpoint.V2024AccountsSelectionResponse -Identities null
```
- Convert the resource to JSON
```powershell
$AccountsSelectionResponse | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/FederationProtocolDetails.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-federation-protocol-details
title: FederationProtocolDetails
pagination_label: FederationProtocolDetails
sidebar_label: FederationProtocolDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'FederationProtocolDetails', 'V2024FederationProtocolDetails']
slug: /tools/sdk/powershell/v2024/models/federation-protocol-details
tags: ['SDK', 'Software Development Kit', 'FederationProtocolDetails', 'V2024FederationProtocolDetails']
---
# FederationProtocolDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
## Examples
- Prepare the resource
```powershell
$FederationProtocolDetails = Initialize-PSSailpoint.V2024FederationProtocolDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6
```
- Convert the resource to JSON
```powershell
$FederationProtocolDetails | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/Reference/V2024/Models/IdentityAccountSelections.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2024-identity-account-selections
title: IdentityAccountSelections
pagination_label: IdentityAccountSelections
sidebar_label: IdentityAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityAccountSelections', 'V2024IdentityAccountSelections']
slug: /tools/sdk/powershell/v2024/models/identity-account-selections
tags: ['SDK', 'Software Development Kit', 'IdentityAccountSelections', 'V2024IdentityAccountSelections']
---
# IdentityAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedItems** | [**[]RequestedItemAccountSelections**](requested-item-account-selections) | Available account selections for the identity, per requested item | [optional]
**AccountsSelectionRequired** | **Boolean** | A boolean indicating whether any account selections will be required for the user to raise an access request | [optional] [default to $false]
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The identity id for the user | [optional]
**Name** | **String** | The name of the identity | [optional]
## Examples
- Prepare the resource
```powershell
$IdentityAccountSelections = Initialize-PSSailpoint.V2024IdentityAccountSelections -RequestedItems null `
-AccountsSelectionRequired false `
-Type null `
-Id 70016590f2df4b879bdb1313a9e4e19e `
-Name User name
```
- Convert the resource to JSON
```powershell
$IdentityAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

61
docs/tools/sdk/powershell/Reference/V2024/Models/IdpDetails.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: v2024-idp-details
title: IdpDetails
pagination_label: IdpDetails
sidebar_label: IdpDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdpDetails', 'V2024IdpDetails']
slug: /tools/sdk/powershell/v2024/models/idp-details
tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'V2024IdpDetails']
---
# IdpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
## Examples
- Prepare the resource
```powershell
$IdpDetails = Initialize-PSSailpoint.V2024IdpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
-LoginUrlPost https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-LoginUrlRedirect https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-MappingAttribute email `
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL
```
- Convert the resource to JSON
```powershell
$IdpDetails | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2024/Models/JITConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-jit-configuration
title: JITConfiguration
pagination_label: JITConfiguration
sidebar_label: JITConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'JITConfiguration', 'V2024JITConfiguration']
slug: /tools/sdk/powershell/v2024/models/jit-configuration
tags: ['SDK', 'Software Development Kit', 'JITConfiguration', 'V2024JITConfiguration']
---
# JITConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Enabled** | **Boolean** | The indicator for just-in-time provisioning enabled | [optional] [default to $false]
**SourceId** | **String** | the sourceId that mapped to just-in-time provisioning configuration | [optional]
**SourceAttributeMappings** | **map[string]String** | A mapping of identity profile attribute names to SAML assertion attribute names | [optional]
## Examples
- Prepare the resource
```powershell
$JITConfiguration = Initialize-PSSailpoint.V2024JITConfiguration -Enabled false `
-SourceId 2c9180857377ed2901739c12a2da5ac8 `
-SourceAttributeMappings {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}
```
- Convert the resource to JSON
```powershell
$JITConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2024/Models/LockoutConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-lockout-configuration
title: LockoutConfiguration
pagination_label: LockoutConfiguration
sidebar_label: LockoutConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'LockoutConfiguration', 'V2024LockoutConfiguration']
slug: /tools/sdk/powershell/v2024/models/lockout-configuration
tags: ['SDK', 'Software Development Kit', 'LockoutConfiguration', 'V2024LockoutConfiguration']
---
# LockoutConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**MaximumAttempts** | **Int32** | The maximum attempts allowed before lockout occurs. | [optional]
**LockoutDuration** | **Int32** | The total time in minutes a user will be locked out. | [optional]
**LockoutWindow** | **Int32** | A rolling window where authentication attempts in a series count towards the maximum before lockout occurs. | [optional]
## Examples
- Prepare the resource
```powershell
$LockoutConfiguration = Initialize-PSSailpoint.V2024LockoutConfiguration -MaximumAttempts 5 `
-LockoutDuration 15 `
-LockoutWindow 5
```
- Convert the resource to JSON
```powershell
$LockoutConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedForDtoRef', 'V2024RequestedForDtoRef']
slug: /tools/sdk/powershell/v2024/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'V2024RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | The identity id for which the access is requested | [required]
**RequestedItems** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
## Examples
- Prepare the resource
```powershell
$RequestedForDtoRef = Initialize-PSSailpoint.V2024RequestedForDtoRef -IdentityId cb89bc2f1ee6445fbea12224c526ba3a `
-RequestedItems null
```
- Convert the resource to JSON
```powershell
$RequestedForDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

47
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedItemAccountSelections.md Normal file
View File

@@ -0,0 +1,47 @@
---
id: v2024-requested-item-account-selections
title: RequestedItemAccountSelections
pagination_label: RequestedItemAccountSelections
sidebar_label: RequestedItemAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemAccountSelections', 'V2024RequestedItemAccountSelections']
slug: /tools/sdk/powershell/v2024/models/requested-item-account-selections
tags: ['SDK', 'Software Development Kit', 'RequestedItemAccountSelections', 'V2024RequestedItemAccountSelections']
---
# RequestedItemAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Description** | **String** | The description for this requested item | [optional]
**AccountsSelectionBlocked** | **Boolean** | This field indicates if account selections are not allowed for this requested item. * If true, this field indicates that account selections will not be available for this item and user combination. In this case, no account selections should be provided in the access request for this item and user combination, irrespective of whether the user has single or multiple accounts on a source. * An example is where a user is requesting an access profile that is already assigned to one of their accounts. | [optional] [default to $false]
**AccountsSelectionBlockedReason** | **String** | If account selections are not allowed for an item, this field will denote the reason. | [optional]
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [optional]
**Id** | **String** | The id of the requested item | [optional]
**Name** | **String** | The name of the requested item | [optional]
**Sources** | [**[]SourceAccountSelections**](source-account-selections) | The details for the sources and accounts for the requested item and identity combination | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemAccountSelections = Initialize-PSSailpoint.V2024RequestedItemAccountSelections -Description An access profile for the admins `
-AccountsSelectionBlocked false `
-AccountsSelectionBlockedReason ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT `
-Type ACCESS_PROFILE `
-Id 720fd239701344aea76c93ba91376aec `
-Name Test Access Profile `
-Sources null
```
- Convert the resource to JSON
```powershell
$RequestedItemAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: v2024-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemDtoRef', 'V2024RequestedItemDtoRef']
slug: /tools/sdk/powershell/v2024/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'V2024RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemDtoRef = Initialize-PSSailpoint.V2024RequestedItemDtoRef -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```
- Convert the resource to JSON
```powershell
$RequestedItemDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2024/Models/ScheduledActionPayload.md
View File

@@ -28,7 +28,7 @@ Name | Type | Description | Notes
```powershell
$ScheduledActionPayload = Initialize-PSSailpoint.V2024ScheduledActionPayload -JobType BACKUP `
-StartTime 2024-08-16T14:16:58.389Z `
-CronString 0 0 12 * * ? `
-CronString 0 0 12 * * * * `
-TimeZoneId America/Chicago `
-Content null
```

2
docs/tools/sdk/powershell/Reference/V2024/Models/ScheduledActionResponse.md
View File

@@ -33,7 +33,7 @@ $ScheduledActionResponse = Initialize-PSSailpoint.V2024ScheduledActionResponse
-JobType BACKUP `
-Content null `
-StartTime 2021-05-12T10:00Z `
-CronString 0 0 12 * * ? `
-CronString 0 0 12 * * * * `
-TimeZoneId America/Chicago
```

41
docs/tools/sdk/powershell/Reference/V2024/Models/ServiceProviderConfiguration.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-service-provider-configuration
title: ServiceProviderConfiguration
pagination_label: ServiceProviderConfiguration
sidebar_label: ServiceProviderConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceProviderConfiguration', 'V2024ServiceProviderConfiguration']
slug: /tools/sdk/powershell/v2024/models/service-provider-configuration
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfiguration', 'V2024ServiceProviderConfiguration']
---
# ServiceProviderConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Enabled** | **Boolean** | This determines whether or not the SAML authentication flow is enabled for an org | [optional] [default to $false]
**BypassIdp** | **Boolean** | This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP. | [optional] [default to $false]
**SamlConfigurationValid** | **Boolean** | This indicates whether or not the SAML configuration is valid. | [optional] [default to $false]
**FederationProtocolDetails** | [**[]ServiceProviderConfigurationFederationProtocolDetailsInner**](service-provider-configuration-federation-protocol-details-inner) | A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer's identity provider and a customer's SailPoint instance (i.e., the service provider). | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfiguration = Initialize-PSSailpoint.V2024ServiceProviderConfiguration -Enabled true `
-BypassIdp true `
-SamlConfigurationValid true `
-FederationProtocolDetails [{role=SAML_IDP, entityId=http://www.okta.com/exktq4o24bmQA4fr60h7, cert=MIIDpDCCAoygAwIBAgIGAYhZ+b29MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0yMDY0NDUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjMwNTI2MjEzMDU5WhcNMzMwNTI2MjEzMTU5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMjA2NDQ1MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvi1+WbF2ceGlLCrLl5PrG1lpj04IsrHX6OE666ObC2WFh+Nxvpxy+Vmzon9c9+akhK3bTv+9ifEoVc6tA1qWuCfXISAn9g81JqI68I1PGUbe6eF8pmOA18rjOrt7x94k4QukpR3+I8DfPJ+TynatltB51laLb8H4jchMafA4rDTjV/ZiYPxV0LMEIbprVyGuvBEhiEWha3wwVdDuJq996okX36YNS8PcGH+5CJ8c3YWZp/wrspgJmfCooMXeV+6zBpZfXqPpMWlUo0gcZqDOFgy3r4vkXehJdVYRlInMfDv04Lvy8VI1YAZClG/duO/6o9YVUFLjD9s+mQfhgaF5wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB1CTrA/pTHkarbhMHsdSFAjVoYWwdAfrssG99rIjwwr/CW9tavTC3keaoUmUeddcnLY4V/TfL07+xgQGHCBR88cnzG9h6rC9qWxt6C3nug3YDVQfkdCDgnW9A8QEvLeq/KVLoRccpJNEENb2Y5ESUXHi1+PtjkFBtvfSgZ4eEhVggirL0bJdWVm700hCnjb2iCGSbSX7WflfPi0GSmjht983caG9OwZDnDzNFt8qGWCxo4bNSThT00JnWEN/6f1BWNOt9YDrxqEyNclqhLL+RDqFsPBFIrQlsoXzqpWqCL8oS9UMNxbGATK2v3d5ueE9+SswBAFBhirCuqZw19Ri2W, loginUrlPost=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, loginUrlRedirect=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, logoutUrl=https://dev-206445.oktapreview.com/login/signout, nameId=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, authnContext=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, includeAuthnContext=true, mappingAttribute=email, jitConfiguration={enabled=true, sourceId=2c9180897427f3a501745042afc83144, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}}, certificateExpirationDate=Thu May 26 21:31:59 GMT 2033, certificateName=EMAILADDRESS=info@okta.com, CN=dev-206445, OU=SSOProvider, O=Okta, L=San Francisco, ST=California, C=US}, {role=SAML_SP, entityId=https://acme.identitysoon.com/sp, alias=acme-sp, callbackUrl=https://acme.test-login.sailpoint.com/saml/SSO/alias/acme-sp, legacyAcsUrl=https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp}]
```
- Convert the resource to JSON
```powershell
$ServiceProviderConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

67
docs/tools/sdk/powershell/Reference/V2024/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md Normal file
View File

@@ -0,0 +1,67 @@
---
id: v2024-service-provider-configuration-federation-protocol-details-inner
title: ServiceProviderConfigurationFederationProtocolDetailsInner
pagination_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2024ServiceProviderConfigurationFederationProtocolDetailsInner']
slug: /tools/sdk/powershell/v2024/models/service-provider-configuration-federation-protocol-details-inner
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2024ServiceProviderConfigurationFederationProtocolDetailsInner']
---
# ServiceProviderConfigurationFederationProtocolDetailsInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner = Initialize-PSSailpoint.V2024ServiceProviderConfigurationFederationProtocolDetailsInner -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
-LoginUrlPost https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-LoginUrlRedirect https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-MappingAttribute email `
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2024/Models/SessionConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2024-session-configuration
title: SessionConfiguration
pagination_label: SessionConfiguration
sidebar_label: SessionConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SessionConfiguration', 'V2024SessionConfiguration']
slug: /tools/sdk/powershell/v2024/models/session-configuration
tags: ['SDK', 'Software Development Kit', 'SessionConfiguration', 'V2024SessionConfiguration']
---
# SessionConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**MaxIdleTime** | **Int32** | The maximum time in minutes a session can be idle. | [optional]
**RememberMe** | **Boolean** | Denotes if 'remember me' is enabled. | [optional] [default to $false]
**MaxSessionTime** | **Int32** | The maximum allowable session time in minutes. | [optional]
## Examples
- Prepare the resource
```powershell
$SessionConfiguration = Initialize-PSSailpoint.V2024SessionConfiguration -MaxIdleTime 15 `
-RememberMe true `
-MaxSessionTime 45
```
- Convert the resource to JSON
```powershell
$SessionConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/Reference/V2024/Models/SourceAccountSelections.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2024-source-account-selections
title: SourceAccountSelections
pagination_label: SourceAccountSelections
sidebar_label: SourceAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceAccountSelections', 'V2024SourceAccountSelections']
slug: /tools/sdk/powershell/v2024/models/source-account-selections
tags: ['SDK', 'Software Development Kit', 'SourceAccountSelections', 'V2024SourceAccountSelections']
---
# SourceAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The source id | [optional]
**Name** | **String** | The source name | [optional]
**Accounts** | [**[]AccountInfoRef**](account-info-ref) | The accounts information for a particular source in the requested item | [optional]
## Examples
- Prepare the resource
```powershell
$SourceAccountSelections = Initialize-PSSailpoint.V2024SourceAccountSelections -Type null `
-Id 3ac3c43785a845fa9820b0c1ac767cd5 `
-Name Test Source_Name `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2024/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2024-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceItemRef', 'V2024SourceItemRef']
slug: /tools/sdk/powershell/v2024/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'V2024SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | The id for the source on which account selections are made | [optional]
**Accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
## Examples
- Prepare the resource
```powershell
$SourceItemRef = Initialize-PSSailpoint.V2024SourceItemRef -SourceId cb89bc2f1ee6445fbea12224c526ba3a `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceItemRef | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/Reference/V2024/Models/SpDetails.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2024-sp-details
title: SpDetails
pagination_label: SpDetails
sidebar_label: SpDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SpDetails', 'V2024SpDetails']
slug: /tools/sdk/powershell/v2024/models/sp-details
tags: ['SDK', 'Software Development Kit', 'SpDetails', 'V2024SpDetails']
---
# SpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$SpDetails = Initialize-PSSailpoint.V2024SpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON
```powershell
$SpDetails | ConvertTo-JSON
```
[[Back to top]](#)

298
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestsApi.md
View File

@@ -38,8 +38,10 @@ Method | HTTP request | Description
[**Close-V2025AccessRequest**](#close-access-request) | **POST** `/access-requests/close` | Close Access Request
[**New-V2025AccessRequest**](#create-access-request) | **POST** `/access-requests` | Submit Access Request
[**Get-V2025AccessRequestConfig**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**Get-V2025EntitlementDetailsForIdentity**](#get-entitlement-details-for-identity) | **GET** `/access-requests/revocable-objects` | Identity Entitlement Details
[**Get-V2025AccessRequestStatus**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**Get-V2025AdministratorsAccessRequestStatus**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**Invoke-V2025LoadAccountSelections**](#load-account-selections) | **POST** `/access-requests/accounts-selection` | Get accounts selections for identity
[**Set-V2025AccessRequestConfig**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
@@ -283,6 +285,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -293,6 +296,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-request)
@@ -322,7 +326,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -373,6 +377,133 @@ $AccessRequest = @"{
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@
@@ -434,6 +565,59 @@ try {
```
[[Back to top]](#)
## get-entitlement-details-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to return the details for a entitlement on an identity including specific data relating to remove date and the ability to revoke the identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-details-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Path | IdentityId | **String** | True | The identity ID.
Path | EntitlementId | **String** | True | The entitlement ID
### Return type
[**IdentityEntitlementDetails**](../models/identity-entitlement-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Entitlement and Account Reference | IdentityEntitlementDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityId = "7025c863c2704ba6beeaedf3cb091573" # String | The identity ID.
$EntitlementId = "ef38f94347e94562b5bb8424a56397d8" # String | The entitlement ID
# Identity Entitlement Details
try {
Get-V2025EntitlementDetailsForIdentity -XSailPointExperimental $XSailPointExperimental -IdentityId $IdentityId -EntitlementId $EntitlementId
# Below is a request that includes all optional parameters
# Get-V2025EntitlementDetailsForIdentity -XSailPointExperimental $XSailPointExperimental -IdentityId $IdentityId -EntitlementId $EntitlementId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementDetailsForIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-request-status
Use this API to return a list of access request statuses based on the specified query parameters.
If an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses.
@@ -563,6 +747,118 @@ try {
```
[[Back to top]](#)
## load-account-selections
Use this API to fetch account information for an identity against the items in an access request.
Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/load-account-selections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccountsSelectionRequest | [**AccountsSelectionRequest**](../models/accounts-selection-request) | True |
### Return type
[**AccountsSelectionResponse**](../models/accounts-selection-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Accounts Selection Response | AccountsSelectionResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccountsSelectionRequest = @"{
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}"@
# Get accounts selections for identity
try {
$Result = ConvertFrom-JsonToAccountsSelectionRequest -Json $AccountsSelectionRequest
Invoke-V2025LoadAccountSelections -AccountsSelectionRequest $Result
# Below is a request that includes all optional parameters
# Invoke-V2025LoadAccountSelections -AccountsSelectionRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025LoadAccountSelections"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-config
This endpoint replaces the current access-request configuration.

2
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ConfigurationHubApi.md
View File

@@ -252,7 +252,7 @@ Code | Description | Data Type
### Example
```powershell
$ScheduledActionPayload = @"{
"cronString" : "0 0 12 * * ?",
"cronString" : "0 0 * * * *",
"timeZoneId" : "America/Chicago",
"startTime" : "2024-08-16T14:16:58.389Z",
"jobType" : "BACKUP",

295
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025GlobalTenantSecuritySettingsApi.md
View File

@@ -21,8 +21,14 @@ All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025AuthOrgNetworkConfig**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**Get-V2025AuthOrgLockoutConfig**](#get-auth-org-lockout-config) | **GET** `/auth-org/lockout-config` | Get Auth Org Lockout Configuration.
[**Get-V2025AuthOrgNetworkConfig**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**Get-V2025AuthOrgServiceProviderConfig**](#get-auth-org-service-provider-config) | **GET** `/auth-org/service-provider-config` | Get Service Provider Configuration.
[**Get-V2025AuthOrgSessionConfig**](#get-auth-org-session-config) | **GET** `/auth-org/session-config` | Get Auth Org Session Configuration.
[**Update-V2025AuthOrgLockoutConfig**](#patch-auth-org-lockout-config) | **PATCH** `/auth-org/lockout-config` | Update Auth Org Lockout Configuration
[**Update-V2025AuthOrgNetworkConfig**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
[**Update-V2025AuthOrgServiceProviderConfig**](#patch-auth-org-service-provider-config) | **PATCH** `/auth-org/service-provider-config` | Update Service Provider Configuration
[**Update-V2025AuthOrgSessionConfig**](#patch-auth-org-session-config) | **PATCH** `/auth-org/session-config` | Update Auth Org Session Configuration
## create-auth-org-network-config
@@ -76,6 +82,50 @@ try {
```
[[Back to top]](#)
## get-auth-org-lockout-config
This API returns the details of an org's lockout auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Lockout configuration for the tenant&#39;s auth org. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Lockout Configuration.
try {
Get-V2025AuthOrgLockoutConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgLockoutConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-network-config
This API returns the details of an org's network auth configuration.
@@ -120,6 +170,147 @@ try {
```
[[Back to top]](#)
## get-auth-org-service-provider-config
This API returns the details of an org's service provider auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Service provider configuration for the tenant. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Service Provider Configuration.
try {
Get-V2025AuthOrgServiceProviderConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgServiceProviderConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-session-config
This API returns the details of an org's session auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Session configuration for the tenant&#39;s auth org. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Auth Org Session Configuration.
try {
Get-V2025AuthOrgSessionConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgSessionConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-lockout-config
This API updates an existing lockout configuration for an org using PATCH
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-lockout-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
### Return type
[**LockoutConfiguration**](../models/lockout-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org lockout configuration. | LockoutConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are: `1. maximumAttempts >= 1 && maximumAttempts <= 15 2. lockoutDuration >= 5 && lockoutDuration <= 60 3. lockoutWindow >= 5 && lockoutDuration <= 60`
# Update Auth Org Lockout Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgLockoutConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgLockoutConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgLockoutConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-network-config
This API updates an existing network configuration for an org using PATCH
Requires security scope of: 'sp:auth-org:manage'
@@ -172,3 +363,107 @@ try {
}
```
[[Back to top]](#)
## patch-auth-org-service-provider-config
This API updates an existing service provider configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-service-provider-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
### Return type
[**ServiceProviderConfiguration**](../models/service-provider-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth Org Service Provider configuration updated. | ServiceProviderConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are: 1. Do not add or remove any elements in the federation protocol details in the service provider configuration. 2. Do not modify, add, or delete the service provider details element in the federation protocol details. 3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails. 4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID. 5. Any JIT configuration update must be valid. Just in time configuration update must be valid when enabled. This includes: - A Source ID - Source attribute mappings - Source attribute maps have all the required key values (firstName, lastName, email)
# Update Service Provider Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgServiceProviderConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgServiceProviderConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgServiceProviderConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-session-config
This API updates an existing session configuration for an org using PATCH.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-session-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
### Return type
[**SessionConfiguration**](../models/session-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org session configuration. | SessionConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Session Config conforms to certain logical guidelines, which are: `1. maxSessionTime >= 1 && maxSessionTime <= 10080 (1 week) 2. maxIdleTime >= 1 && maxIdleTime <= 1440 (1 day) 3. maxSessionTime must have a greater duration than maxIdleTime.`
# Update Auth Org Session Configuration
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgSessionConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgSessionConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgSessionConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

6
docs/tools/sdk/powershell/Reference/V2025/Models/AccessRequest.md
View File

@@ -20,15 +20,17 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.V2025AccessRequest -RequestedFor null `
$AccessRequest = Initialize-PSSailpoint.V2025AccessRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app} `
-RequestedForWithRequestedItems null
```
- Convert the resource to JSON

47
docs/tools/sdk/powershell/Reference/V2025/Models/AccessRequestItem1.md Normal file
View File

@@ -0,0 +1,47 @@
---
id: v2025-access-request-item1
title: AccessRequestItem1
pagination_label: AccessRequestItem1
sidebar_label: AccessRequestItem1
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestItem1', 'V2025AccessRequestItem1']
slug: /tools/sdk/powershell/v2025/models/access-request-item1
tags: ['SDK', 'Software Development Kit', 'AccessRequestItem1', 'V2025AccessRequestItem1']
---
# AccessRequestItem1
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestItem1 = Initialize-PSSailpoint.V2025AccessRequestItem1 -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN
```
- Convert the resource to JSON
```powershell
$AccessRequestItem1 | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/Reference/V2025/Models/AccountInfoRef.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2025-account-info-ref
title: AccountInfoRef
pagination_label: AccountInfoRef
sidebar_label: AccountInfoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountInfoRef', 'V2025AccountInfoRef']
slug: /tools/sdk/powershell/v2025/models/account-info-ref
tags: ['SDK', 'Software Development Kit', 'AccountInfoRef', 'V2025AccountInfoRef']
---
# AccountInfoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Uuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The account id | [optional]
**Name** | **String** | The account display name | [optional]
## Examples
- Prepare the resource
```powershell
$AccountInfoRef = Initialize-PSSailpoint.V2025AccountInfoRef -Uuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local `
-Type null `
-Id f19d168c27374fd1aff3b483573f997f `
-Name UserAccount.761a2248b
```
- Convert the resource to JSON
```powershell
$AccountInfoRef | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2025/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountItemRef', 'V2025AccountItemRef']
slug: /tools/sdk/powershell/v2025/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'V2025AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountUuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
## Examples
- Prepare the resource
```powershell
$AccountItemRef = Initialize-PSSailpoint.V2025AccountItemRef -AccountUuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local
```
- Convert the resource to JSON
```powershell
$AccountItemRef | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/Reference/V2025/Models/AccountsSelectionRequest.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2025-accounts-selection-request
title: AccountsSelectionRequest
pagination_label: AccountsSelectionRequest
sidebar_label: AccountsSelectionRequest
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountsSelectionRequest', 'V2025AccountsSelectionRequest']
slug: /tools/sdk/powershell/v2025/models/accounts-selection-request
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionRequest', 'V2025AccountsSelectionRequest']
---
# AccountsSelectionRequest
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedFor** | **[]String** | A list of Identity IDs for whom the Access is requested. | [required]
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem1**](access-request-item1) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
## Examples
- Prepare the resource
```powershell
$AccountsSelectionRequest = Initialize-PSSailpoint.V2025AccountsSelectionRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
```
- Convert the resource to JSON
```powershell
$AccountsSelectionRequest | ConvertTo-JSON
```
[[Back to top]](#)

35
docs/tools/sdk/powershell/Reference/V2025/Models/AccountsSelectionResponse.md Normal file
View File

@@ -0,0 +1,35 @@
---
id: v2025-accounts-selection-response
title: AccountsSelectionResponse
pagination_label: AccountsSelectionResponse
sidebar_label: AccountsSelectionResponse
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountsSelectionResponse', 'V2025AccountsSelectionResponse']
slug: /tools/sdk/powershell/v2025/models/accounts-selection-response
tags: ['SDK', 'Software Development Kit', 'AccountsSelectionResponse', 'V2025AccountsSelectionResponse']
---
# AccountsSelectionResponse
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Identities** | [**[]IdentityAccountSelections**](identity-account-selections) | A list of available account selections per identity in the request, for all the requested items | [optional]
## Examples
- Prepare the resource
```powershell
$AccountsSelectionResponse = Initialize-PSSailpoint.V2025AccountsSelectionResponse -Identities null
```
- Convert the resource to JSON
```powershell
$AccountsSelectionResponse | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2025/Models/FederationProtocolDetails.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-federation-protocol-details
title: FederationProtocolDetails
pagination_label: FederationProtocolDetails
sidebar_label: FederationProtocolDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'FederationProtocolDetails', 'V2025FederationProtocolDetails']
slug: /tools/sdk/powershell/v2025/models/federation-protocol-details
tags: ['SDK', 'Software Development Kit', 'FederationProtocolDetails', 'V2025FederationProtocolDetails']
---
# FederationProtocolDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
## Examples
- Prepare the resource
```powershell
$FederationProtocolDetails = Initialize-PSSailpoint.V2025FederationProtocolDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6
```
- Convert the resource to JSON
```powershell
$FederationProtocolDetails | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/Reference/V2025/Models/IdentityAccountSelections.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2025-identity-account-selections
title: IdentityAccountSelections
pagination_label: IdentityAccountSelections
sidebar_label: IdentityAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityAccountSelections', 'V2025IdentityAccountSelections']
slug: /tools/sdk/powershell/v2025/models/identity-account-selections
tags: ['SDK', 'Software Development Kit', 'IdentityAccountSelections', 'V2025IdentityAccountSelections']
---
# IdentityAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedItems** | [**[]RequestedItemAccountSelections**](requested-item-account-selections) | Available account selections for the identity, per requested item | [optional]
**AccountsSelectionRequired** | **Boolean** | A boolean indicating whether any account selections will be required for the user to raise an access request | [optional] [default to $false]
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The identity id for the user | [optional]
**Name** | **String** | The name of the identity | [optional]
## Examples
- Prepare the resource
```powershell
$IdentityAccountSelections = Initialize-PSSailpoint.V2025IdentityAccountSelections -RequestedItems null `
-AccountsSelectionRequired false `
-Type null `
-Id 70016590f2df4b879bdb1313a9e4e19e `
-Name User name
```
- Convert the resource to JSON
```powershell
$IdentityAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/Reference/V2025/Models/IdentityEntitlementDetails.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2025-identity-entitlement-details
title: IdentityEntitlementDetails
pagination_label: IdentityEntitlementDetails
sidebar_label: IdentityEntitlementDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityEntitlementDetails', 'V2025IdentityEntitlementDetails']
slug: /tools/sdk/powershell/v2025/models/identity-entitlement-details
tags: ['SDK', 'Software Development Kit', 'IdentityEntitlementDetails', 'V2025IdentityEntitlementDetails']
---
# IdentityEntitlementDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | Id of Identity | [optional]
**Entitlement** | [**IdentityEntitlementDetailsEntitlementDto**](identity-entitlement-details-entitlement-dto) | | [optional]
**SourceId** | **String** | Id of Source | [optional]
**AccountTargets** | [**[]IdentityEntitlementDetailsAccountTarget**](identity-entitlement-details-account-target) | A list of account targets on the identity provisioned with the requested entitlement. | [optional]
## Examples
- Prepare the resource
```powershell
$IdentityEntitlementDetails = Initialize-PSSailpoint.V2025IdentityEntitlementDetails -IdentityId 5928c61f-3f2e-417a-8d65-f76451e2050a `
-Entitlement null `
-SourceId b56728da-a24d-4177-a207-2bc4d42cba27 `
-AccountTargets [{accountId=e7ef11cee24542b78618ce017117699f, accountName=Adalberto.XYZ, accountUUID=null, sourceId=0108906b66634d9ab7819a03eb263a88, sourceName=ODS-AD-FF-Source [source-XYZ], removeDate=null, assignmentId=null, revocable=true}]
```
- Convert the resource to JSON
```powershell
$IdentityEntitlementDetails | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/V2025/Models/IdentityEntitlementDetailsAccountTarget.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: v2025-identity-entitlement-details-account-target
title: IdentityEntitlementDetailsAccountTarget
pagination_label: IdentityEntitlementDetailsAccountTarget
sidebar_label: IdentityEntitlementDetailsAccountTarget
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityEntitlementDetailsAccountTarget', 'V2025IdentityEntitlementDetailsAccountTarget']
slug: /tools/sdk/powershell/v2025/models/identity-entitlement-details-account-target
tags: ['SDK', 'Software Development Kit', 'IdentityEntitlementDetailsAccountTarget', 'V2025IdentityEntitlementDetailsAccountTarget']
---
# IdentityEntitlementDetailsAccountTarget
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountId** | **String** | The id of account | [optional]
**AccountName** | **String** | The name of account | [optional]
**AccountUUID** | **String** | The UUID representation of the account if available | [optional]
**SourceId** | **String** | The id of Source | [optional]
**SourceName** | **String** | The name of Source | [optional]
**RemoveDate** | **String** | The removal date scheduled for the entitlement on the Identity | [optional]
**AssignmentId** | **String** | The assignmentId of the entitlement on the Identity | [optional]
**Revocable** | **Boolean** | If the entitlement can be revoked | [optional] [default to $false]
## Examples
- Prepare the resource
```powershell
$IdentityEntitlementDetailsAccountTarget = Initialize-PSSailpoint.V2025IdentityEntitlementDetailsAccountTarget -AccountId c5ef070e-92c6-4276-a006-98490f132dec `
-AccountName Adalberto.XYZ `
-AccountUUID 2236c29e-68a6-494d-a469-d072172f46cf `
-SourceId 9269d764-8358-4ab9-9748-d4b7418548ca `
-SourceName JDBC XYZ Source `
-RemoveDate 2035-01-01T12:00:00.000Z `
-AssignmentId 77a5b7b4-262f-4b6a-a2aa-87f84f45f96f `
-Revocable true
```
- Convert the resource to JSON
```powershell
$IdentityEntitlementDetailsAccountTarget | ConvertTo-JSON
```
[[Back to top]](#)

55
docs/tools/sdk/powershell/Reference/V2025/Models/IdentityEntitlementDetailsEntitlementDto.md Normal file
View File

@@ -0,0 +1,55 @@
---
id: v2025-identity-entitlement-details-entitlement-dto
title: IdentityEntitlementDetailsEntitlementDto
pagination_label: IdentityEntitlementDetailsEntitlementDto
sidebar_label: IdentityEntitlementDetailsEntitlementDto
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityEntitlementDetailsEntitlementDto', 'V2025IdentityEntitlementDetailsEntitlementDto']
slug: /tools/sdk/powershell/v2025/models/identity-entitlement-details-entitlement-dto
tags: ['SDK', 'Software Development Kit', 'IdentityEntitlementDetailsEntitlementDto', 'V2025IdentityEntitlementDetailsEntitlementDto']
---
# IdentityEntitlementDetailsEntitlementDto
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Id** | **String** | The entitlement id | [optional]
**Name** | **String** | The entitlement name | [optional]
**Created** | **System.DateTime** | Time when the entitlement was last modified | [optional]
**Modified** | **System.DateTime** | Time when the entitlement was last modified | [optional]
**Description** | **String** | The description of the entitlement | [optional]
**Type** | **String** | The type of the object, will always be ""ENTITLEMENT"" | [optional]
**SourceId** | **String** | The source ID | [optional]
**SourceName** | **String** | The source name | [optional]
**Owner** | [**OwnerDto**](owner-dto) | | [optional]
**Value** | **String** | The value of the entitlement | [optional]
**Flags** | **[]String** | a list of properties informing the viewer about the entitlement | [optional]
## Examples
- Prepare the resource
```powershell
$IdentityEntitlementDetailsEntitlementDto = Initialize-PSSailpoint.V2025IdentityEntitlementDetailsEntitlementDto -Id 2c91808874ff91550175097daaec161c `
-Name LauncherTest2 `
-Created 2020-10-08T18:33:52.029Z `
-Modified 2020-10-08T18:33:52.029Z `
-Description CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local `
-Type ENTITLEMENT `
-SourceId 2c9180827ca885d7017ca8ce28a000eb `
-SourceName ODS-AD-Source `
-Owner null `
-Value CN=LauncherTest2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local `
-Flags [privileged]
```
- Convert the resource to JSON
```powershell
$IdentityEntitlementDetailsEntitlementDto | ConvertTo-JSON
```
[[Back to top]](#)

61
docs/tools/sdk/powershell/Reference/V2025/Models/IdpDetails.md Normal file
View File

@@ -0,0 +1,61 @@
---
id: v2025-idp-details
title: IdpDetails
pagination_label: IdpDetails
sidebar_label: IdpDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdpDetails', 'V2025IdpDetails']
slug: /tools/sdk/powershell/v2025/models/idp-details
tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'V2025IdpDetails']
---
# IdpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
## Examples
- Prepare the resource
```powershell
$IdpDetails = Initialize-PSSailpoint.V2025IdpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
-LoginUrlPost https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-LoginUrlRedirect https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-MappingAttribute email `
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL
```
- Convert the resource to JSON
```powershell
$IdpDetails | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2025/Models/JITConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2025-jit-configuration
title: JITConfiguration
pagination_label: JITConfiguration
sidebar_label: JITConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'JITConfiguration', 'V2025JITConfiguration']
slug: /tools/sdk/powershell/v2025/models/jit-configuration
tags: ['SDK', 'Software Development Kit', 'JITConfiguration', 'V2025JITConfiguration']
---
# JITConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Enabled** | **Boolean** | The indicator for just-in-time provisioning enabled | [optional] [default to $false]
**SourceId** | **String** | the sourceId that mapped to just-in-time provisioning configuration | [optional]
**SourceAttributeMappings** | **map[string]String** | A mapping of identity profile attribute names to SAML assertion attribute names | [optional]
## Examples
- Prepare the resource
```powershell
$JITConfiguration = Initialize-PSSailpoint.V2025JITConfiguration -Enabled false `
-SourceId 2c9180857377ed2901739c12a2da5ac8 `
-SourceAttributeMappings {firstName=okta.firstName, lastName=okta.lastName, email=okta.email}
```
- Convert the resource to JSON
```powershell
$JITConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2025/Models/LockoutConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2025-lockout-configuration
title: LockoutConfiguration
pagination_label: LockoutConfiguration
sidebar_label: LockoutConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'LockoutConfiguration', 'V2025LockoutConfiguration']
slug: /tools/sdk/powershell/v2025/models/lockout-configuration
tags: ['SDK', 'Software Development Kit', 'LockoutConfiguration', 'V2025LockoutConfiguration']
---
# LockoutConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**MaximumAttempts** | **Int32** | The maximum attempts allowed before lockout occurs. | [optional]
**LockoutDuration** | **Int32** | The total time in minutes a user will be locked out. | [optional]
**LockoutWindow** | **Int32** | A rolling window where authentication attempts in a series count towards the maximum before lockout occurs. | [optional]
## Examples
- Prepare the resource
```powershell
$LockoutConfiguration = Initialize-PSSailpoint.V2025LockoutConfiguration -MaximumAttempts 5 `
-LockoutDuration 15 `
-LockoutWindow 5
```
- Convert the resource to JSON
```powershell
$LockoutConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2025/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedForDtoRef', 'V2025RequestedForDtoRef']
slug: /tools/sdk/powershell/v2025/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'V2025RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | The identity id for which the access is requested | [required]
**RequestedItems** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
## Examples
- Prepare the resource
```powershell
$RequestedForDtoRef = Initialize-PSSailpoint.V2025RequestedForDtoRef -IdentityId cb89bc2f1ee6445fbea12224c526ba3a `
-RequestedItems null
```
- Convert the resource to JSON
```powershell
$RequestedForDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

47
docs/tools/sdk/powershell/Reference/V2025/Models/RequestedItemAccountSelections.md Normal file
View File

@@ -0,0 +1,47 @@
---
id: v2025-requested-item-account-selections
title: RequestedItemAccountSelections
pagination_label: RequestedItemAccountSelections
sidebar_label: RequestedItemAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemAccountSelections', 'V2025RequestedItemAccountSelections']
slug: /tools/sdk/powershell/v2025/models/requested-item-account-selections
tags: ['SDK', 'Software Development Kit', 'RequestedItemAccountSelections', 'V2025RequestedItemAccountSelections']
---
# RequestedItemAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Description** | **String** | The description for this requested item | [optional]
**AccountsSelectionBlocked** | **Boolean** | This field indicates if account selections are not allowed for this requested item. * If true, this field indicates that account selections will not be available for this item and user combination. In this case, no account selections should be provided in the access request for this item and user combination, irrespective of whether the user has single or multiple accounts on a source. * An example is where a user is requesting an access profile that is already assigned to one of their accounts. | [optional] [default to $false]
**AccountsSelectionBlockedReason** | **String** | If account selections are not allowed for an item, this field will denote the reason. | [optional]
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [optional]
**Id** | **String** | The id of the requested item | [optional]
**Name** | **String** | The name of the requested item | [optional]
**Sources** | [**[]SourceAccountSelections**](source-account-selections) | The details for the sources and accounts for the requested item and identity combination | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemAccountSelections = Initialize-PSSailpoint.V2025RequestedItemAccountSelections -Description An access profile for the admins `
-AccountsSelectionBlocked false `
-AccountsSelectionBlockedReason ACCESS_PROFILE_ALREADY_ASSIGNED_TO_AN_ACCOUNT `
-Type ACCESS_PROFILE `
-Id 720fd239701344aea76c93ba91376aec `
-Name Test Access Profile `
-Sources null
```
- Convert the resource to JSON
```powershell
$RequestedItemAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/V2025/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: v2025-requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemDtoRef', 'V2025RequestedItemDtoRef']
slug: /tools/sdk/powershell/v2025/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'V2025RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemDtoRef = Initialize-PSSailpoint.V2025RequestedItemDtoRef -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```
- Convert the resource to JSON
```powershell
$RequestedItemDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2025/Models/ScheduledActionPayload.md
View File

@@ -28,7 +28,7 @@ Name | Type | Description | Notes
```powershell
$ScheduledActionPayload = Initialize-PSSailpoint.V2025ScheduledActionPayload -JobType BACKUP `
-StartTime 2024-08-16T14:16:58.389Z `
-CronString 0 0 12 * * ? `
-CronString 0 0 * * * * `
-TimeZoneId America/Chicago `
-Content null
```

2
docs/tools/sdk/powershell/Reference/V2025/Models/ScheduledActionResponse.md
View File

@@ -33,7 +33,7 @@ $ScheduledActionResponse = Initialize-PSSailpoint.V2025ScheduledActionResponse
-JobType BACKUP `
-Content null `
-StartTime 2021-05-12T10:00Z `
-CronString 0 0 12 * * ? `
-CronString 0 0 * * * * `
-TimeZoneId America/Chicago
```

41
docs/tools/sdk/powershell/Reference/V2025/Models/ServiceProviderConfiguration.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2025-service-provider-configuration
title: ServiceProviderConfiguration
pagination_label: ServiceProviderConfiguration
sidebar_label: ServiceProviderConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceProviderConfiguration', 'V2025ServiceProviderConfiguration']
slug: /tools/sdk/powershell/v2025/models/service-provider-configuration
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfiguration', 'V2025ServiceProviderConfiguration']
---
# ServiceProviderConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Enabled** | **Boolean** | This determines whether or not the SAML authentication flow is enabled for an org | [optional] [default to $false]
**BypassIdp** | **Boolean** | This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP. | [optional] [default to $false]
**SamlConfigurationValid** | **Boolean** | This indicates whether or not the SAML configuration is valid. | [optional] [default to $false]
**FederationProtocolDetails** | [**[]ServiceProviderConfigurationFederationProtocolDetailsInner**](service-provider-configuration-federation-protocol-details-inner) | A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer's identity provider and a customer's SailPoint instance (i.e., the service provider). | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfiguration = Initialize-PSSailpoint.V2025ServiceProviderConfiguration -Enabled true `
-BypassIdp true `
-SamlConfigurationValid true `
-FederationProtocolDetails [{role=SAML_IDP, entityId=http://www.okta.com/exktq4o24bmQA4fr60h7, cert=MIIDpDCCAoygAwIBAgIGAYhZ+b29MA0GCSqGSIb3DQEBCwUAMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxEzARBgNVBAMMCmRldi0yMDY0NDUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMjMwNTI2MjEzMDU5WhcNMzMwNTI2MjEzMTU5WjCBkjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRMwEQYDVQQDDApkZXYtMjA2NDQ1MRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvi1+WbF2ceGlLCrLl5PrG1lpj04IsrHX6OE666ObC2WFh+Nxvpxy+Vmzon9c9+akhK3bTv+9ifEoVc6tA1qWuCfXISAn9g81JqI68I1PGUbe6eF8pmOA18rjOrt7x94k4QukpR3+I8DfPJ+TynatltB51laLb8H4jchMafA4rDTjV/ZiYPxV0LMEIbprVyGuvBEhiEWha3wwVdDuJq996okX36YNS8PcGH+5CJ8c3YWZp/wrspgJmfCooMXeV+6zBpZfXqPpMWlUo0gcZqDOFgy3r4vkXehJdVYRlInMfDv04Lvy8VI1YAZClG/duO/6o9YVUFLjD9s+mQfhgaF5wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB1CTrA/pTHkarbhMHsdSFAjVoYWwdAfrssG99rIjwwr/CW9tavTC3keaoUmUeddcnLY4V/TfL07+xgQGHCBR88cnzG9h6rC9qWxt6C3nug3YDVQfkdCDgnW9A8QEvLeq/KVLoRccpJNEENb2Y5ESUXHi1+PtjkFBtvfSgZ4eEhVggirL0bJdWVm700hCnjb2iCGSbSX7WflfPi0GSmjht983caG9OwZDnDzNFt8qGWCxo4bNSThT00JnWEN/6f1BWNOt9YDrxqEyNclqhLL+RDqFsPBFIrQlsoXzqpWqCL8oS9UMNxbGATK2v3d5ueE9+SswBAFBhirCuqZw19Ri2W, loginUrlPost=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, loginUrlRedirect=https://dev-206445.oktapreview.com/app/tivolidev206445_acmeidntest_1/exktq4o24bmQA4fr60h7/sso/saml, logoutUrl=https://dev-206445.oktapreview.com/login/signout, nameId=urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress, binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, authnContext=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, includeAuthnContext=true, mappingAttribute=email, jitConfiguration={enabled=true, sourceId=2c9180897427f3a501745042afc83144, sourceAttributeMappings={firstName=okta.firstName, lastName=okta.lastName, email=okta.email}}, certificateExpirationDate=Thu May 26 21:31:59 GMT 2033, certificateName=EMAILADDRESS=info@okta.com, CN=dev-206445, OU=SSOProvider, O=Okta, L=San Francisco, ST=California, C=US}, {role=SAML_SP, entityId=https://acme.identitysoon.com/sp, alias=acme-sp, callbackUrl=https://acme.test-login.sailpoint.com/saml/SSO/alias/acme-sp, legacyAcsUrl=https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp}]
```
- Convert the resource to JSON
```powershell
$ServiceProviderConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

67
docs/tools/sdk/powershell/Reference/V2025/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md Normal file
View File

@@ -0,0 +1,67 @@
---
id: v2025-service-provider-configuration-federation-protocol-details-inner
title: ServiceProviderConfigurationFederationProtocolDetailsInner
pagination_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_label: ServiceProviderConfigurationFederationProtocolDetailsInner
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2025ServiceProviderConfigurationFederationProtocolDetailsInner']
slug: /tools/sdk/powershell/v2025/models/service-provider-configuration-federation-protocol-details-inner
tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederationProtocolDetailsInner', 'V2025ServiceProviderConfigurationFederationProtocolDetailsInner']
---
# ServiceProviderConfigurationFederationProtocolDetailsInner
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner = Initialize-PSSailpoint.V2025ServiceProviderConfigurationFederationProtocolDetailsInner -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
-LoginUrlPost https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-LoginUrlRedirect https://dev-157216.okta.com/app/sailpointdev157216_cdovsaml_1/exkdaruy8Ln5Ry7C54x6/sso/saml `
-MappingAttribute email `
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner | ConvertTo-JSON
```
[[Back to top]](#)

39
docs/tools/sdk/powershell/Reference/V2025/Models/SessionConfiguration.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: v2025-session-configuration
title: SessionConfiguration
pagination_label: SessionConfiguration
sidebar_label: SessionConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SessionConfiguration', 'V2025SessionConfiguration']
slug: /tools/sdk/powershell/v2025/models/session-configuration
tags: ['SDK', 'Software Development Kit', 'SessionConfiguration', 'V2025SessionConfiguration']
---
# SessionConfiguration
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**MaxIdleTime** | **Int32** | The maximum time in minutes a session can be idle. | [optional]
**RememberMe** | **Boolean** | Denotes if 'remember me' is enabled. | [optional] [default to $false]
**MaxSessionTime** | **Int32** | The maximum allowable session time in minutes. | [optional]
## Examples
- Prepare the resource
```powershell
$SessionConfiguration = Initialize-PSSailpoint.V2025SessionConfiguration -MaxIdleTime 15 `
-RememberMe true `
-MaxSessionTime 45
```
- Convert the resource to JSON
```powershell
$SessionConfiguration | ConvertTo-JSON
```
[[Back to top]](#)

41
docs/tools/sdk/powershell/Reference/V2025/Models/SourceAccountSelections.md Normal file
View File

@@ -0,0 +1,41 @@
---
id: v2025-source-account-selections
title: SourceAccountSelections
pagination_label: SourceAccountSelections
sidebar_label: SourceAccountSelections
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceAccountSelections', 'V2025SourceAccountSelections']
slug: /tools/sdk/powershell/v2025/models/source-account-selections
tags: ['SDK', 'Software Development Kit', 'SourceAccountSelections', 'V2025SourceAccountSelections']
---
# SourceAccountSelections
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | [**DtoType**](dto-type) | | [optional]
**Id** | **String** | The source id | [optional]
**Name** | **String** | The source name | [optional]
**Accounts** | [**[]AccountInfoRef**](account-info-ref) | The accounts information for a particular source in the requested item | [optional]
## Examples
- Prepare the resource
```powershell
$SourceAccountSelections = Initialize-PSSailpoint.V2025SourceAccountSelections -Type null `
-Id 3ac3c43785a845fa9820b0c1ac767cd5 `
-Name Test Source_Name `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceAccountSelections | ConvertTo-JSON
```
[[Back to top]](#)

37
docs/tools/sdk/powershell/Reference/V2025/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: v2025-source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceItemRef', 'V2025SourceItemRef']
slug: /tools/sdk/powershell/v2025/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'V2025SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | The id for the source on which account selections are made | [optional]
**Accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
## Examples
- Prepare the resource
```powershell
$SourceItemRef = Initialize-PSSailpoint.V2025SourceItemRef -SourceId cb89bc2f1ee6445fbea12224c526ba3a `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceItemRef | ConvertTo-JSON
```
[[Back to top]](#)

43
docs/tools/sdk/powershell/Reference/V2025/Models/SpDetails.md Normal file
View File

@@ -0,0 +1,43 @@
---
id: v2025-sp-details
title: SpDetails
pagination_label: SpDetails
sidebar_label: SpDetails
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SpDetails', 'V2025SpDetails']
slug: /tools/sdk/powershell/v2025/models/sp-details
tags: ['SDK', 'Software Development Kit', 'SpDetails', 'V2025SpDetails']
---
# SpDetails
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$SpDetails = Initialize-PSSailpoint.V2025SpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON
```powershell
$SpDetails | ConvertTo-JSON
```
[[Back to top]](#)

131
docs/tools/sdk/powershell/Reference/V3/Methods/AccessRequestsApi.md
View File

@@ -111,6 +111,7 @@ __GRANT_ACCESS__
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
* Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
@@ -121,6 +122,7 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
[API Spec](https://developer.sailpoint.com/docs/api/v3/create-access-request)
@@ -150,7 +152,7 @@ Code | Description | Data Type
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"requestedFor" : "2c918084660f45d6016617daa9210584",
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
@@ -211,6 +213,133 @@ $AccessRequest = @"{
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"accountSelection" : [ {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
}, {
"sourceId" : "cb89bc2f1ee6445fbea12224c526ba3a",
"accounts" : [ {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
}, {
"accountUuid" : "{fab7119e-004f-4822-9c33-b8d570d6c6a6}",
"nativeIdentity" : "CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local"
} ]
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ]
} ]
}"@

14
docs/tools/sdk/powershell/Reference/V3/Methods/WorkflowsApi.md
View File

@@ -276,6 +276,7 @@ Get a single workflow by id.
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the workflow
Query | WorkflowMetrics | **Boolean** | (optional) (default to $true) | disable workflow metrics
### Return type
[**Workflow**](../models/workflow)
@@ -297,6 +298,7 @@ Code | Description | Data Type
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the workflow
$WorkflowMetrics = $false # Boolean | disable workflow metrics (optional) (default to $true)
# Get Workflow By Id
@@ -304,7 +306,7 @@ try {
Get-Workflow -Id $Id
# Below is a request that includes all optional parameters
# Get-Workflow -Id $Id
# Get-Workflow -Id $Id -WorkflowMetrics $WorkflowMetrics
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Workflow"
Write-Host $_.ErrorDetails
@@ -664,6 +666,10 @@ List all workflows in the tenant.
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | TriggerId | **String** | (optional) | Trigger ID
Query | ConnectorInstanceId | **String** | (optional) | Connector Instance ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**Workflow[]**](../models/workflow)
@@ -684,6 +690,10 @@ Code | Description | Data Type
### Example
```powershell
$TriggerId = "idn:identity-created" # String | Trigger ID (optional)
$ConnectorInstanceId = "28541fec-bb81-4ad4-88ef-0f7d213adcad" # String | Connector Instance ID (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List Workflows
@@ -691,7 +701,7 @@ try {
Get-Workflows
# Below is a request that includes all optional parameters
# Get-Workflows
# Get-Workflows -TriggerId $TriggerId -ConnectorInstanceId $ConnectorInstanceId -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Workflows"
Write-Host $_.ErrorDetails

6
docs/tools/sdk/powershell/Reference/V3/Models/AccessRequest.md
View File

@@ -20,15 +20,17 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequest = Initialize-PSSailpoint.V3AccessRequest -RequestedFor null `
$AccessRequest = Initialize-PSSailpoint.V3AccessRequest -RequestedFor 2c918084660f45d6016617daa9210584 `
-RequestType null `
-RequestedItems null `
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app}
-ClientMetadata {requestedAppId=2c91808f7892918f0178b78da4a305a1, requestedAppName=test-app} `
-RequestedForWithRequestedItems null
```
- Convert the resource to JSON

37
docs/tools/sdk/powershell/Reference/V3/Models/AccountItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: account-item-ref
title: AccountItemRef
pagination_label: AccountItemRef
sidebar_label: AccountItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountItemRef', 'AccountItemRef']
slug: /tools/sdk/powershell/v3/models/account-item-ref
tags: ['SDK', 'Software Development Kit', 'AccountItemRef', 'AccountItemRef']
---
# AccountItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AccountUuid** | **String** | The uuid for the account, available under the 'objectguid' attribute | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' attribute for the account | [optional]
## Examples
- Prepare the resource
```powershell
$AccountItemRef = Initialize-PSSailpoint.V3AccountItemRef -AccountUuid {fab7119e-004f-4822-9c33-b8d570d6c6a6} `
-NativeIdentity CN=Glen 067da3248e914,OU=YOUROU,OU=org-data-service,DC=YOURDC,DC=local
```
- Convert the resource to JSON
```powershell
$AccountItemRef | ConvertTo-JSON
```
[[Back to top]](#)

12
docs/tools/sdk/powershell/Reference/V3/Models/IdpDetails.md
View File

@@ -16,18 +16,18 @@ tags: ['SDK', 'Software Development Kit', 'IdpDetails', 'IdpDetails']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_IDP" ] | Federation protocol role | [optional]
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
@@ -38,9 +38,9 @@ Name | Type | Description | Notes
$IdpDetails = Initialize-PSSailpoint.V3IdpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthContext false `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `

37
docs/tools/sdk/powershell/Reference/V3/Models/RequestedForDtoRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: requested-for-dto-ref
title: RequestedForDtoRef
pagination_label: RequestedForDtoRef
sidebar_label: RequestedForDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedForDtoRef', 'RequestedForDtoRef']
slug: /tools/sdk/powershell/v3/models/requested-for-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedForDtoRef', 'RequestedForDtoRef']
---
# RequestedForDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**IdentityId** | **String** | The identity id for which the access is requested | [required]
**RequestedItems** | [**[]RequestedItemDtoRef**](requested-item-dto-ref) | the details for the access items that are requested for the identity | [required]
## Examples
- Prepare the resource
```powershell
$RequestedForDtoRef = Initialize-PSSailpoint.V3RequestedForDtoRef -IdentityId cb89bc2f1ee6445fbea12224c526ba3a `
-RequestedItems null
```
- Convert the resource to JSON
```powershell
$RequestedForDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

49
docs/tools/sdk/powershell/Reference/V3/Models/RequestedItemDtoRef.md Normal file
View File

@@ -0,0 +1,49 @@
---
id: requested-item-dto-ref
title: RequestedItemDtoRef
pagination_label: RequestedItemDtoRef
sidebar_label: RequestedItemDtoRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestedItemDtoRef', 'RequestedItemDtoRef']
slug: /tools/sdk/powershell/v3/models/requested-item-dto-ref
tags: ['SDK', 'Software Development Kit', 'RequestedItemDtoRef', 'RequestedItemDtoRef']
---
# RequestedItemDtoRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
- Prepare the resource
```powershell
$RequestedItemDtoRef = Initialize-PSSailpoint.V3RequestedItemDtoRef -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```
- Convert the resource to JSON
```powershell
$RequestedItemDtoRef | ConvertTo-JSON
```
[[Back to top]](#)

20
docs/tools/sdk/powershell/Reference/V3/Models/ServiceProviderConfigurationFederationProtocolDetailsInner.md
View File

@@ -16,33 +16,34 @@ tags: ['SDK', 'Software Development Kit', 'ServiceProviderConfigurationFederatio
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_SP" ] | Federation protocol role | [optional]
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Binding** | **String** | Defines the binding used for the SAML flow. Used with IDP configurations. | [optional]
**AuthContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**AuthnContext** | **String** | Specifies the SAML authentication method to use. Used with IDP configurations. | [optional]
**LogoutUrl** | **String** | The IDP logout URL. Used with IDP configurations. | [optional]
**IncludeAuthContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**IncludeAuthnContext** | **Boolean** | Determines if the configured AuthnContext should be used or the default. Used with IDP configurations. | [optional] [default to $false]
**NameId** | **String** | The name id format to use. Used with IDP configurations. | [optional]
**JitConfiguration** | [**JITConfiguration**](jit-configuration) | | [optional]
**Cert** | **String** | The Base64-encoded certificate used by the IDP. Used with IDP configurations. | [optional]
**LoginUrlPost** | **String** | The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations. | [optional]
**LoginUrlRedirect** | **String** | The IDP Redirect URL. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [optional]
**MappingAttribute** | **String** | Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations. | [required]
**CertificateExpirationDate** | **String** | The expiration date extracted from the certificate. | [optional]
**CertificateName** | **String** | The name extracted from the certificate. | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$ServiceProviderConfigurationFederationProtocolDetailsInner = Initialize-PSSailpoint.V3ServiceProviderConfigurationFederationProtocolDetailsInner -Role SAML_SP `
$ServiceProviderConfigurationFederationProtocolDetailsInner = Initialize-PSSailpoint.V3ServiceProviderConfigurationFederationProtocolDetailsInner -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST `
-AuthContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-AuthnContext urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport `
-LogoutUrl https://dev-206445.oktapreview.com/login/signout `
-IncludeAuthContext false `
-IncludeAuthnContext false `
-NameId urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress `
-JitConfiguration null `
-Cert -----BEGIN CERTIFICATE-----****-----END CERTIFICATE----- `
@@ -52,7 +53,8 @@ $ServiceProviderConfigurationFederationProtocolDetailsInner = Initialize-PSSailp
-CertificateExpirationDate Fri Mar 08 08:54:24 UTC 2013 `
-CertificateName OU=Conext, O=Surfnet, L=Utrecht, ST=Utrecht, C=NL `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON

37
docs/tools/sdk/powershell/Reference/V3/Models/SourceItemRef.md Normal file
View File

@@ -0,0 +1,37 @@
---
id: source-item-ref
title: SourceItemRef
pagination_label: SourceItemRef
sidebar_label: SourceItemRef
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceItemRef', 'SourceItemRef']
slug: /tools/sdk/powershell/v3/models/source-item-ref
tags: ['SDK', 'Software Development Kit', 'SourceItemRef', 'SourceItemRef']
---
# SourceItemRef
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**SourceId** | **String** | The id for the source on which account selections are made | [optional]
**Accounts** | [**[]AccountItemRef**](account-item-ref) | A list of account selections on the source. Currently, only one selection per source is supported. | [optional]
## Examples
- Prepare the resource
```powershell
$SourceItemRef = Initialize-PSSailpoint.V3SourceItemRef -SourceId cb89bc2f1ee6445fbea12224c526ba3a `
-Accounts null
```
- Convert the resource to JSON
```powershell
$SourceItemRef | ConvertTo-JSON
```
[[Back to top]](#)

10
docs/tools/sdk/powershell/Reference/V3/Models/SpDetails.md
View File

@@ -16,19 +16,21 @@ tags: ['SDK', 'Software Development Kit', 'SpDetails', 'SpDetails']
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Role** | **Enum** [ "SAML_SP" ] | Federation protocol role | [optional]
**Role** | **Enum** [ "SAML_IDP", "SAML_SP" ] | Federation protocol role | [optional]
**EntityId** | **String** | An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP). | [optional]
**Alias** | **String** | Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [optional]
**CallbackUrl** | **String** | The allowed callback URL where users will be redirected to after authentication. Used with SP configurations. | [required]
**LegacyAcsUrl** | **String** | The legacy ACS URL used for SAML authentication. Used with SP configurations. | [optional]
## Examples
- Prepare the resource
```powershell
$SpDetails = Initialize-PSSailpoint.V3SpDetails -Role SAML_SP `
$SpDetails = Initialize-PSSailpoint.V3SpDetails -Role SAML_IDP `
-EntityId http://www.okta.com/exkdaruy8Ln5Ry7C54x6 `
-Alias acme-sp `
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp
-CallbackUrl https://stradbroke-sso.identitysoon.com/sso/Consumer/metaAlias/cdov-saml/sp `
-LegacyAcsUrl https://megapod-useast1-sso.identitysoon.com/sso/Consumer/metaAlias/acme/sp
```
- Convert the resource to JSON