LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-10 04:19:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #787 from sailpoint-oss/feature/v2025

Browse Source 
Feature/v2025
This commit is contained in:
Tyler Mairose
2025-04-01 12:47:58 -04:00
committed by GitHub
parent 732d59b82d 14bd0cc9d6
commit a4dd16130b
2438 changed files with 389080 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.gitignore vendored
View File

@@ -42,6 +42,7 @@ yarn.lock
/docs/api/iiq
/docs/api/nerm/*
/docs/api/v2024/*
/docs/api/v2025/*
!/docs/api/nerm/authentication.md
!/docs/api/nerm/pagination-metadata-filtering.md
!/docs/api/nerm/getting-started.md
@@ -74,6 +75,15 @@ yarn.lock
!/docs/api/v2024/postman-collections.md
!/docs/api/v2024/patch-requests.md
!/docs/api/v2025/getting-started.md
!/docs/api/v2025/authentication.md
!/docs/api/v2025/authorization.md
!/docs/api/v2025/api-versioning-strategy.md
!/docs/api/v2025/standard-collection-parameters.md
!/docs/api/v2025/rate-limit.md
!/docs/api/v2025/postman-collections.md
!/docs/api/v2025/patch-requests.md
#Alogolia env file
/algolia/.env

1
docs/api/beta/postman-collections.md
View File

@@ -21,6 +21,7 @@ Each ISC API version is broken out into a separate collection within the workspa
| API | Postman Collection |
| --- | --- |
| V2025 API | <CMSLinkComponent source="v2025CollectionUrl"></CMSLinkComponent> |
| V2024 API | <CMSLinkComponent source="v2024CollectionUrl"></CMSLinkComponent> |
| V3 API | <CMSLinkComponent source="v3CollectionUrl"></CMSLinkComponent> |
| Beta API | <CMSLinkComponent source="betaCollectionUrl"></CMSLinkComponent> |

1
docs/api/postman-collections.md
View File

@@ -20,6 +20,7 @@ Each ISC API version is broken out into a separate collection within the workspa
| API | Postman Collection |
| --- | --- |
| V2025 API | <CMSLinkComponent source="v2025CollectionUrl"></CMSLinkComponent> |
| V2024 API | <CMSLinkComponent source="v2024CollectionUrl"></CMSLinkComponent> |
| V3 API | <CMSLinkComponent source="v3CollectionUrl"></CMSLinkComponent> |
| Beta API | <CMSLinkComponent source="betaCollectionUrl"></CMSLinkComponent> |

1
docs/api/v2024/postman-collections.md
View File

@@ -21,6 +21,7 @@ Each ISC API version is broken out into a separate collection within the workspa
| API | Postman Collection |
| --- | --- |
| V2025 API | <CMSLinkComponent source="v2025CollectionUrl"></CMSLinkComponent> |
| V2024 API | <CMSLinkComponent source="v2024CollectionUrl"></CMSLinkComponent> |
| V3 API | <CMSLinkComponent source="v3CollectionUrl"></CMSLinkComponent> |
| Beta API | <CMSLinkComponent source="betaCollectionUrl"></CMSLinkComponent> |

139
docs/api/v2025/api-versioning-strategy.md Normal file
View File

@@ -0,0 +1,139 @@
---
id: api-versioning-strategy
title: API Versioning Strategy
pagination_label: API Versioning Strategy
sidebar_label: API Versioning Strategy
sidebar_position: 7
sidebar_class_name: apiVersioning
keywords: ['api', 'versioning']
description: Identity Security Cloud API Versioning Strategy.
slug: /api/v2025/api-versioning-strategy
tags: ['API Versioning Strategy']
---
With the introduction of this API versioning strategy SailPoints Identity Security Cloud APIs will now follow a annual release schedule to facilitate the introduction of new APIs and the deprecation of unsupported APIs. This annual release schedule enables SailPoint to continually evolve its APIs to meet the needs of users while allowing outdated functionality to be gracefully retired. This document describes the yearly release process and how you, the user, should operate within SailPoints API ecosystem to ensure your integrations are always up-to-date and are not impacted by deprecations.
:::info
SailPoints API versioning process is subject to change at any time. SailPoint will use reasonable efforts, when possible, to communicate changes that affect users of the API in the appropriate channels in advance of such changes.
:::
## Public vs Experimental
### Public
Public APIs are production ready APIs that are meant to be used by customers, partners, and other external users. Public APIs will generally not receive any breaking changes, but additional features that dont break compatibility may be introduced. When possible, it is preferred to use the latest public API version in your custom integrations to avoid any short notice deprecations or other complications. Examples of non-breaking changes include, but are not limited to:
* Adding a new endpoint.
* Adding an optional parameter.
* Adding an optional request header.
* Adding a response property.
* Adding a response header.
* Adding enum values.
* Changing a required parameter to an optional parameter.
* Changing response properties or status code for requests using new enums, new optional parameters, or new request headers.
* Expanding authentication or authorization requirements.
### Experimental
Experimental APIs are APIs that are still under development, but may be used by customers, partners, and other external users for evaluation purposes. We offer these APIs to the public in order to get feedback from users on how we can improve them before they are released into production. These APIs may introduce breaking changes with little to no notice, and are not suitable for production use cases. Examples of breaking changes include, but are not limited to:
* Removing an entire endpoint.
* Removing or renaming a parameter.
* Removing or renaming a response property.
* Removing enum values.
* Adding a new required parameter.
* Adding a new validation rule to an existing parameter.
* Changing the type of a request parameter or response property.
* Changing the response status code.
* Changing synchronous effects to asynchronous effects.
* Restricting authentication or authorization requirements.
* Changing the definition of request parameter or response property
Experimental APIs will be marked as "Experimental" in the API specification.
![experimental](../img/experimental-warning.png)
Access to experimental APIs requires an opt-in header flag. When an endpoint transitions from the experimental to public, the header is no longer necessary, but its presence wont cause any issues.
To enable preview for a request, add the `X-SailPoint-Experimental` header with a value of true to each API request that invokes a experimental endpoint. For example:
```bash
curl --header "X-SailPoint-Experimental: true" https://acme.api.identitynow.com/v2026/endpoint
```
:::warning
If you attempt to invoke an experimental API without specifying the `X-SailPoint-Experimental` header, you will receive an error message indicating that the endpoint is in preview status and requires the `X-SailPoint-Experimental` header.
:::
## Release schedule
SailPoint will introduce an annual release which includes both public and experimental APIs. Each yearly version will be named according to its release year. For instance, if the release occurs in 2025, the version will be designated as v2025.
Each annual release will be accompanied by an experimental release if there is at least one breaking change introduced in the current annual release. This experimental release will be named after the next year. For example, if the current year is 2025, the experimental version will be named v2026. Any breaking changes to public endpoints in a public version throughout the year will be introduced in the experimental version.
When a new annual release is introduced, non-deprecated endpoints will generally be transferred to the new release without modifications. As a result, the same endpoint will usually be able to be accessed via both the old and new versions. Only the latest public release will receive new functionality. If at anytime throughout the year a experimental API is deemed ready for production, it will be released into the current years public version, but not previous years.
Annual release versions will typically be supported for 3 years and then remain operational for an additional 2-year transition period, unless otherwise noted or an exception applies. Customers will be expected to move to the latest public release during those two years. Customers seeking support for an annual release that is over 3 years old will be asked to transition to a newer version.
The following image demonstrates the support model for public and experimental releases. The green bars represent how long an annual release version will be supported by our support team. When a annual release is older than three years, it may still remain operational, but it is no longer supported. The blue bars represent experimental releases which are available for one year in the preview state before being changed to a production release.
![Versioning Timeline](../img/api-versioning-timeline.jpg)
## Deprecations
Individual APIs may be deprecated at anytime. The term “deprecation” means that we intend to turn off an API or change the functionality of an API in a way that breaks backwards compatibility. Deprecated APIs will be functional for two years before they are turned off or the old functionality is removed. Deprecations will be announced in one of the following three ways.
### Announcements
Communications will be sent out to notify impacted users of any deprecations. These communications may appear in the Admin page of the Identity Security Cloud UI, in the [Announcements](https://developer.sailpoint.com/discuss/c/announcements/14) category, in Compass, or in newsletters or emails.
### API specification
Deprecated APIs will be marked as “Deprecated” in the API specification. Additional information on why it is being deprecated and what, if any, replacements are available may be provided in the deprecation notice.
![deprecation](../img/deprecation-warning.png)
### Deprecation header
Deprecated APIs will use a response header to inform users when a particular endpoint is deprecated. If you receive a response header in the form of `X-Deprecated: true`, it means that the endpoint has been deprecated and you should check the API specification for more information.
## Exceptions to the versioning process
SailPoint may occasionally decide to make exceptions to the versioning process. These exceptions may be due to a variety of factors, including security, performance, or delivery.
### Security
SailPoints Product Security team may approve breaking changes to our APIs to resolve security issues. In these cases, no prior notice about the breaking change will be provided, in order to ensure the security issue is fixed in a timely manner and to limit knowledge of the security issue to third parties.
### Performance
SailPoint may approve breaking changes to our API to address performance issues. The impact to customers will be weighed against the performance improvements in order to determine if an exception to the versioning process will be made or not.
### Delivery
SailPoint may make breaking changes to our APIs in order to decrease the time to deliver new features, as long as there is minimal impact to users of the API.
## V3 and Beta APIs
The V3 and Beta APIs will remain operational for as long as they contain non-deprecated endpoints. V3 and Beta will be supported until Q1 of 2027, meaning that users can submit support tickets for these versions. After Q1 of 2027, users may no longer submit support tickets for these versions, and they will be asked to use a supported version instead.

599
docs/api/v2025/authentication.md Normal file
View File

@@ -0,0 +1,599 @@
---
id: authentication
title: Authentication
pagination_label: Authentication
sidebar_label: Authentication
sidebar_position: 2
sidebar_class_name: authentication
keywords: ['authentication']
description: Authenticate to the ISC APIs.
slug: /api/v2025/authentication
tags: ['Authentication']
---
import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
## Overview
With SailPoint's Identity Security Cloud (ISC) APIs, you can extend your ISC platform far beyond its current capabilities. To be able to do so, you must first authenticate to the ISC APIs. Authentication is the act of validating a user's identity, generally by passing some kind of credentials. A fast, simple way to authenticate to the APIs is to generate a [personal access token](#generate-a-personal-access-token) and pass that token.
If the PAT is valid, the API responds with a JSON Web Token (JWT) `access_token` that you can provide to authorize your API requests. Authorization is the act of validating the user's permission to access a given resource. A successful API request must include the `access_token` in the `Authorization` request header.
This JWT `access_token` grants access matching that of the user who generated the PAT. For example, if the user who generated the PAT is an admin, the returned JWT `access_token` would grant admin access to the APIs.
This diagram shows the flow of this authentication/authorization process:
<div align="center">
```mermaid
sequenceDiagram
autonumber
participant H as HTTP Client
participant I as Identity Security Cloud
H->>I: Access Token Request
I->>H: Access Token Response
loop Until token expires
H->>I: API Request + Access Token
I->>H: Identity Security Cloud API Response
end
```
</div>
The flow involves these four key steps:
1. **Access Token Request**: The HTTP client (a script, application, Postman, cURL, etc.) makes a request to ISC to get a JWT `access_token`.
2. **Access Token Response**: If the request is valid, ISC responds to the HTTP client with a JWT `access_token`.
3. **API Request**: The HTTP client makes a request to an ISC endpoint with the header, `Authorization: Bearer {access_token}`.
4. **API Response**: If both the request itself and the JWT `access_token` in its header are valid, ISC responds to the client. If you encounter unexpected errors, refer to the [Troubleshooting](#troubleshooting) section of this document.
The idea is that once you have authenticated to the ISC APIs and you have received an `access_token`, you can use that `access_token` to provide authorization for your API requests.
This document includes all the information you need to know to engage in this authentication/authorization process, as well as a guide on how to get started.
## Get started
Read this guide to learn how to authenticate to SailPoint's ISC APIs.
To authenticate to the ISC APIs, you must be able to connect to your tenant to send the access token request. To do so, you need to do the following:
1. [Find your tenant's OAuth details](#find-your-tenants-oauth-details)
2. [Generate personal access token](#generate-a-personal-access-token)
3. [Choose authorization grant flow](#choose-authorization-grant-flow)
4. [Request access token](#request-access-token-with-client-credentials-grant-flow)
### Find your tenant's OAuth details
Your tenant's OAuth details refer to the details you need to know to connect it to the APIs. You need to know your tenant's name, its `authorizeEndpoint` URL, and its `tokenEndpoint` URL.
Your ISC instance is likely using the domain name supplied by SailPoint (`[tenant].api.identitynow.com`), in which case, the tenant name is in the URL. This is assumed to be the case in this guide.
However, if your ISC instance is using a vanity URL, you must enter this URL into your browser to get your OAuth info: `https://[tenant].api.identitynow.com/oauth/info`
If you have admin access but don't know your tenant name, you can learn it by following these steps:
1. Log into your ISC instance.
2. Select the 'Dashboard' dropdown.
3. Select 'Overview'.
4. Find the tenant name ('Org Name') in the dashboard's `Org Details` section.
This is an example of the OAuth details of the tenant, `iga-acme-sb`, that does not use a vanity URL:
```json
{
"tenantId": "6d9b2709-915f-47f0-879e-cee65d6bc9af",
"tenantName": "iga-acme-sb",
"authorizeEndpoint": "https://iga-acme-sb.login.sailpoint.com/oauth/authorize",
"tokenEndpoint": "https://iga-acme-sb.api.identitynow.com/oauth/token",
"cloudDomainUrl": "https://iga-acme-sb.identitynow.com",
"logoutUrl": "https://iga-acme-sb.identitynow.com/logout",
"pod": "stg01-useast1"
}
```
This is an example of the OAuth details of the tenant, `iga-acme`, that uses a vanity URL, "iga.acme.com":
```json
{
"tenantId": "cc31a307-8a8d-49e8-93b9-c7cbe20e2e6b",
"tenantName": "iga-acme",
"authorizeEndpoint": "https://iga-acme.login.sailpoint.com/oauth/authorize",
"tokenEndpoint": "https://iga-acme.api.identitynow.com/oauth/token",
"cloudDomainUrl": "https://iga.acme.com",
"logoutUrl": "https://iga.acme.com/logout",
"pod": "prd01-useast1"
}
```
You can use the `authorizeEndpoint` and `tokenEndpoint` URLs from your tenant to test out the different authentication methods listed in this guide.
### Generate a personal access token
A personal access token (PAT) is a method of authenticating to an API as a user without providing a username and password. PATs are primarily used in scripts or programs that lack an easy way to implement an OAuth2 flow but need to call API endpoints that require user context. PATs are also convenient for use in tools like [Postman](https://www.postman.com/) when you are exploring and testing the APIs.
Any ISC user can generate a PAT. To do so, follow these steps:
1. Select **Preferences** from the drop-down menu under your username, then **Personal Access Tokens** on the left. You can also go directly to the page by using this URL (replace `[tenant]` with your Identity Security Cloud tenant): `https://[tenant].identitynow.com/ui/d/user-preferences/personal-access-tokens`
2. Click **New Token** and enter a meaningful description to help differentiate the token from others.
:::caution
The **New Token** button will be disabled when you reach the limit of 10 personal access tokens per user. To avoid reaching this limit, it is recommended that you delete any tokens that are no longer necessary.
:::
3. Click **Create Token** to generate and view the two components that comprise the token: the `Client ID` and the `Client Secret`.
:::danger Important
After you create the token, the value of the `Client ID` will be visible in the Personal Access Tokens list, but the corresponding `Secret` will not be visible after you close the window. Store the `Secret` somewhere secure.
:::
4. Copy both values somewhere that will be secure and accessible to you when you need to use the the token.
To generate a personal access token from the API, use the [create personal access token endpoint](/docs/api/beta/create-personal-access-token).
Once you have created the PAT and you know its `Client ID` and `Client Secret`, you have everything you need to follow the [Client Credentials Grant Flow](#request-access-token-with-client-credentials-grant-flow) and use the PAT to generate an `access_token`. You will need this `access_token` to authenticate your requests to the APIs.
### Choose authorization grant flow
There are several different authorization flows that OAuth 2.0 supports, and each has a grant-type defining its different use cases. You must choose the one that best serves your purposes. This document covers these three common flows:
1. [**Client Credentials**](https://oauth.net/2/grant-types/client-credentials/) - Clients use this grant type to obtain a JWT `access_token` without user involvement such as scripts, programs or system to system integration.
2. [**Authorization Code**](https://oauth.net/2/grant-types/authorization-code/) - Clients use this grant type to exchange an authorization code for an `access_token`. Authorization codes are mainly used by web applications because there is a login into ISC with a subsequent redirect back to the web application/client.
3. [**Refresh Token**](https://oauth.net/2/grant-types/refresh-token/) - Clients use this grant type to exchange a refresh token for a new `access_token` when the existing `access_token` has expired. This allows clients to continue using the APIs without having to re-authenticate as frequently. This grant type can only be used together with `Authorization Code` to prevent a user from having to log in several times per day.
One way to determine which authorization flow you need to use is to look at the specification for the endpoint you want to use. The endpoint will have the supported OAuth flows listed under the 'Authorization' dropdown, like the [List Access Profiles endpoint](https://developer.sailpoint.com/docs/api/beta/list-access-profiles):
![Authorization Dropdown](../img/authorization/authorization-dropdown.png)
For more information about how to choose the best grant flow for your use case, refer to [Grant Flow Use Cases](#grant-flow-use-cases)
The guide will detail the three different authorization grant flows you can use to request the access token you need to authenticate your requests.
### Request access token with client credentials grant flow
Clients use the 'Client Credentials' grant type to obtain access tokens without user involvement. This is the simplest authentication flow.
API endpoints that require [user level permissions](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html) require the use of Personal access tokens (PATs). Correspondingly, the endpoints a personal access token (PAT) can call depends on the permissions of the user who generated it and the configuration of ISC.
Note: If an API Key is used then ISC API calls are made outside of the context of a user and some API calls will not work.
An OAuth 2.0 client using the client credentials grant flow must have `CLIENT_CREDENTIALS` as one of its grantTypes (PATs are implicitly granted the `CLIENT_CREDENTIALS` grant type):
```json
{
"enabled": true,
"created": "2019-05-23T02:06:20.685Z",
"name": "My Application",
"description": "My Application",
"id": "b61429f5-203d-494c-94c3-04f54e17bc5c",
"secret": null,
"grantTypes": [
"CLIENT_CREDENTIALS"
],
...
}
```
This is the overall authorization flow:
1. The client first submits an OAuth 2.0 token request to ISC in this form:
```text
POST https://[tenant].api.identitynow.com/oauth/token
```
The request includes the client credential information passed in the request body, as shown in this example using [Postman](https://www.getpostman.com):
![OAuth Client Credentials Form Data](../img/authentication/oauth-client-credentials-form-data.png)
This example shows how to pass the information with form-data in the request body. You can also use these options to pass in the information:
- Use x-www-form-urlencoded data to pass in the client credential information in the request body.
- Use query parameters to pass the information in the request URL. The request URL will look like this:
```text
https://[tenant].api.identitynow.com/oauth/token?grant_type=client_credentials&client_id={{clientId}}&client_secret={{clientSecret}}
```
- If you are using Postman, you can use the 'Authorization' tab to pass in the client credentials. If you use this option, you must also specify the access token URL: https://[tenant].api.identitynow.com/oauth/token
The OAuth 2.0 token request must include this information:
| Key | Description |
| --- | --- |
| `grant_type` | This is set to `CLIENT_CREDENTIALS` for the authorization code grant type. |
| `client_id` | This is the API client's ID (e.g. `b61429f5-203d-494c-94c3-04f54e17bc5c`). You can generate this ID at `https://[tenant].identitynow.com/ui/admin/#admin:global:security:apimanagementpanel`, or you can generate it when you create a PAT. |
| `client_secret` | This is the API client's secret describing (e.g. `c924417c85b19eda40e171935503d8e9747ca60ddb9b48ba4c6bb5a7145fb6c5`). You can generate this secret at `https://[tenant].identitynow.com/ui/admin/#admin:global:security:apimanagementpanel`, or you can generate it when you create a PAT. |
This example cURL command passes client credentials in the body as form-data to generate an access token:
```bash
curl --location 'https://[tenant].api.identitynow.com/oauth/token' \
--header 'scope: sp:scope:all' \
--form 'grant_type="client_credentials"' \
--form 'client_id="{clientId}"' \
--form 'client_secret="{clientSecret}"'
```
2. ISC validates the token request and responds. If the request is successful, the response contains a JWT access token. For more information about the JWT access token in the response, refer to [#OAuth-token-response](#oauth-token-response).
Once you have the JWT access token, you can pass the token as a basic "Authorization" header in your requests using the OAuth endpoints.
To learn more about the OAuth client credentials grant flow, refer [here](https://oauth.net/2/grant-types/client-credentials/).
### Request access token with authorization code grant flow
Further Reading: [https://oauth.net/2/grant-types/authorization-code/](https://oauth.net/2/grant-types/authorization-code/)
Clients use this grant type to exchange an authorization code for an `access_token`. This is mainly used for web apps because there is a login into ISC with a subsequent redirect back to the web app/client.
The OAuth 2.0 client you are using must have `AUTHORIZATION_CODE` as one of its grant types. The redirect URLs must also match the list in the client as well:
```json
{
"enabled": true,
"created": "2019-05-23T02:06:20.685Z",
"name": "My Application",
"description": "My Application",
"id": "b61429f5-203d-494c-94c3-04f54e17bc5c",
"grantTypes": [
"AUTHORIZATION_CODE"
],
"redirectUris": [
"http://localhost:8080/myApp/code"
],
...
}
```
<br></br>
The authorization code grant flow looks a little different because it involves the exchange of the access token and authorization code.
This diagram shows the authorization code grant flow:
<div align="center">
```mermaid
sequenceDiagram
autonumber
participant U as User
participant W as Web App
participant I as Identity Security Cloud
U->>W: Click login link
W->>I: Authorization request to https://[tenant].login.sailpoint.com/oauth/authorize
I->>U: Redirect to login prompt
U->>I: Authentication
I->>W: Authorization code granted
W->>I: Authorization code to https://[tenant].api.identitynow.com/oauth/token
I->>W: JWT access token granted
```
</div>
This is the overall authorization flow:
1. The user clicks the login link on a web app.
2. The web app sends an authorization request to ISC in this form:
```Text
GET https://[tenant].login.sailpoint.com/oauth/authorize?client_id={client-id}&response_type=code&redirect_uri={redirect-url}
```
3. ISC redirects the user to a login prompt to authenticate to Identity Security Cloud.
4. The user authenticates to ISC.
5. Once authentication is successful, ISC issues an authorization code back to the web app.
6. The web app submits an OAuth 2.0 token request to ISC in this form:
```text
POST https://[tenant].api.identitynow.com/oauth/token?grant_type=authorization_code&client_id={client-id}&code={code}&redirect_uri={redirect-url}
```
:::info
The token endpoint URL is `[tenant].api.identitynow.com`, and the authorize URL is `[tenant].login.sailpoint.com`. Please be sure to use the correct URL when you're setting up your webapp to use this flow. You can read more about [finding your tenant OAuth details here](https://developer.sailpoint.com/docs/api/authentication/#find-your-tenants-oauth-details).
:::
7. ISC validates the token request and submits a response. If the request is successful, the response contains a JWT `access_token`. For more information about the JWT access token in the response, refer to [#OAuth-token-response](#oauth-token-response).
These are the query parameters in the OAuth 2.0 token request for the authorization code grant:
| Key | Description |
| --- | --- |
| `grant_type` | Set this to `authorization_code` for the authorization code grant type. |
| `client_id` | This is the client ID for the API client (e.g. `b61429f5-203d-494c-94c3-04f54e17bc5c`). This can be generated at `https://[tenant].identitynow.com/ui/admin/#admin:global:security:apimanagementpanel` |
| `code` | This is a code returned by `/oauth/authorize`. |
| `redirect_uri` | This is the application URL to redirect to once the token has been granted. |
Here is an example OAuth 2.0 token request for the authorization code grant type.
```bash
curl -X POST \
'https://example.api.identitynow.com/oauth/token?grant_type=authorization_code&client_id=b61429f5-203d-494c-94c3-04f54e17bc5c&code=6688LQJB0y652z6ZjFmkCKuBUjv2sTIqKS2JthWrZ7qlPgI9TClJ6FnpweEhO6w7&redirect_uri=https://myappdomain.com/oauth/redirect' \
-H 'cache-control: no-cache'
```
Once you have the JWT access token, you can pass the token as a basic "Authorization" header in your requests using the OAuth endpoints.
For more information about the OAuth authorization code grant flow, refer [here](https://oauth.net/2/grant-types/authorization-code/).
### Request access token with refresh token grant flow
Clients use this grant type in order to exchange a refresh token for a new `access_token` once the existing `access_token` has expired. This allows clients to continue to have a valid `access_token` without the need for the user to login as frequently.
The OAuth 2.0 client you are using must have `REFRESH_TOKEN` and `AUTHORIZATION_CODE` as its grant types:
```json
{
"enabled": true,
"created": "2019-05-23T02:06:20.685Z",
"name": "My Application",
"description": "My Application",
"id": "b61429f5-203d-494c-94c3-04f54e17bc5c",
"secret": null,
"grantTypes": [
"REFRESH_TOKEN",
"AUTHORIZATION_CODE"
],
...
}
```
This is the overall authorization flow:
1. The client application receives an `access_token` and a `refresh_token` when using the `AUTHORIZATION_CODE` grant flow.
2. The client application detects that the `access_token` is about to expire, based on the `expires_in` attribute contained within the JWT token.
3. The client submits an OAuth 2.0 token request to ISC in this form:
```text
POST https://[tenant].api.identitynow.com/oauth/token?grant_type=refresh_token&client_id={client_id}&client_secret={client_secret}&refresh_token={refresh_token}
```
4. ISC validates the token request and submits a response. If the request is successful, the response contains a new `access_token` and `refresh_token`.
These are the query parameters in the OAuth 2.0 token request for the refresh token grant flow:
| Key | Description |
| --- | --- |
| `grant_type` | Set to `refresh_token` for the authorization code grant type. |
| `client_id` | This is the client ID for the API client (e.g. `b61429f5-203d-494c-94c3-04f54e17bc5c`). This can be generated at `https://[tenant].identitynow.com/ui/admin/#admin:global:security:apimanagementpanel`. |
| `client_secret` | This is the client secret for the API client (e.g. `c924417c85b19eda40e171935503d8e9747ca60ddb9b48ba4c6bb5a7145fb6c5`). This can be generated at `https://[tenant].identitynow.com/ui/admin/#admin:global:security:apimanagementpanel`. |
| `refresh_token` | This is the `refresh_token` that was provided along with the now expired `access_token`. |
Here is an example call OAuth 2.0 Token Request for the Refresh Token grant.
```bash
curl -X POST \
'https://example.api.identitynow.com/oauth/token?grant_type=refresh_token&client_id=b61429f5-203d-494c-94c3-04f54e17bc5c&client_secret=c924417c85b19eda40e171935503d8e9747ca60ddb9b48ba4c6bb5a7145fb6c5&refresh_token=ey...4M' \
-H 'cache-control: no-cache'
```
Once you have the `refresh_token`, you can pass the `refresh_token` as a basic "Authorization" header in your requests using the OAuth endpoints, allowing your requests to continue to succeed without being affected by the expired `access_token`.
For more information about the OAuth refresh token grant flow, refer [here](https://oauth.net/2/grant-types/refresh-token/).
### OAuth token response
A successful request using any of the grant flows to `https://[tenant].api.identitynow.com/oauth/token` will contain a response body like this:
```json
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZW5hbnRfaWQiOiI1OGViMDZhNC1kY2Q3LTRlOTYtOGZhYy1jY2EyYWZjMDNlNjEiLCJpbnRlcm5hbCI6ZmFsc2UsInBvZCI6ImNvb2siLCJvcmciOiJuZWlsLXRlc3QiLCJpZGVudGl0eV9pZCI6ImZmODA4MTgxNTVmZThjMDgwMTU1ZmU4ZDkyNWIwMzE2IiwidXNlcl9uYW1lIjoic2xwdC5zZXJ2aWNlcyIsInN0cm9uZ19hdXRoIjp0cnVlLCJhdXRob3JpdGllcyI6WyJPUkdfQURNSU4iXSwiZW5hYmxlZCI6dHJ1ZSwiY2xpZW50X2lkIjoiZmNjMGRkYmItMTA1Yy00Y2Q3LWI5NWUtMDI3NmNiZTQ1YjkwIiwiYWNjZXNzVHlwZSI6Ik9GRkxJTkUiLCJzdHJvbmdfYXV0aF9zdXBwb3J0ZWQiOmZhbHNlLCJ1c2VyX2lkIjoiNTk1ODI2Iiwic2NvcGUiOlsicmVhZCIsIndyaXRlIl0sImV4cCI6MTU2NTg5MTA2MywianRpIjoiOTQ5OWIyOTktOTVmYS00N2ZiLTgxNWMtODVkNWY2YjQzZTg2In0.zJYfjIladuGHoLXr92EOJ3A9qGNkiG5UJ9eqrtSYXAQ",
"token_type": "bearer",
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZW5hbnRfaWQiOiI1OGViMDZhNC1kY2Q3LTRlOTYtOGZhYy1jY2EyYWZjMDNlNjEiLCJpbnRlcm5hbCI6ZmFsc2UsInBvZCI6ImNvb2siLCJvcmciOiJuZWlsLXRlc3QiLCJpZGVudGl0eV9pZCI6ImZmODA4MTgxNTVmZThjMDgwMTU1ZmU4ZDkyNWIwMzE2IiwidXNlcl9uYW1lIjoic2xwdC5zZXJ2aWNlcyIsInN0cm9uZ19hdXRoIjp0cnVlLCJhdXRob3JpdGllcyI6WyJPUkdfQURNSU4iXSwiZW5hYmxlZCI6dHJ1ZSwiY2xpZW50X2lkIjoiZmNjMGRkYmItMTA1Yy00Y2Q3LWI5NWUtMDI3NmNiZTQ1YjkwIiwiWYNjZXNzVHlwZSI6Ik9GRkxJTkUiLCJzdHJvbmdfYXV0aF9zdXBwb3J0ZWQiOmZhbHNlLCJ1c2VyX2lkIjoiNTk1ODI2Iiwic2NvcGUiOlsicmVhZCIsIndyaXRlIl0sImF0aSI6Ijk0OTliMjk5LTk1ZmEtNDdmYi04MTVjLTg1ZDVmNmI0M2U4NiIsImV4cCI6MTU2NTk3NjcxMywianRpIjoiODliODk1ZDMtNTdlNC00ZDAwLWI5ZjctOTFlYWVjNDcxMGQ3In0.pfDcB0sGChdHk-oDNmiIxsKFLxq9CcPQV5-eXWgIcp4",
"expires_in": 749,
"scope": "read write",
"accessType": "OFFLINE",
"tenant_id": "58eb06a4-dcd7-4e96-8fac-cca2afc03e61",
"internal": false,
"pod": "cook",
"strong_auth_supported": false,
"org": "example",
"user_id": "595826",
"identity_id": "ff80818155fe8c080155fe8d925b0316",
"strong_auth": true,
"enabled": true,
"jti": "9499b299-95fa-47fb-815c-85d5f6b43e86"
}
```
You can use the JWT `access_token` to authorize REST API calls through the ISC API gateway. To use the `access_token`, simply include it in the `Authorization` header as a `Bearer` token. This is an example V3 API request that has the access token in the header:
```bash
curl -X GET \
'https://[tenant].api.identitynow.com/v3/account-activities' \
-H 'Authorization: Bearer {access_token}' \
-H 'cache-control: no-cache'
```
Some of the other values can also be useful to know:
- The `expires_in` value describes the lifetime, in seconds, of the `access_token`. For example, the value 749 means that the `access_token` will expire 12.5 minutes from the time the response was generated. The exact expiration date is also contained within the `access_token`. You can view this expiration time by decoding the JWT `access_token` using a tool like [jwt.io](https://jwt.io/).
- The `refresh token` exists for use in the refresh token grant flow to replace the `access_token` when it expires. However, the `refresh_token` will only be present if the API client has the `REFRESH_TOKEN` grant flow.
- The `user_id` and `identity_id` define the identity context of the person who authenticated. However, these values aren't set for the client credentials grant type because it doesn't have a user context.
With the JWT `access_token`, you can now successfully send authenticated ISC API requests. To learn more about authorization and the scopes you can apply to further control access to the APIs, refer to [Authorization](/docs/api/authorization).
## More Information
This section of the document includes additional information about the authentication/authorization process, including some different use cases for the different authorization grant flows.
### OAuth 2.0
The SailPoint authentication/authorization model is fully [OAuth 2.0](https://oauth.net/2/) compliant. [OAuth 2.0](https://oauth.net/2/) is an industry-standard protocol for authorization. It provides a variety of authorization flows for web applications, desktop applications, mobile phones, and devices. This specification and its extensions are developed within the [IETF OAuth Working Group](https://www.ietf.org/mailman/listinfo/oauth).
### JSON Web Token
The issued JWT `access_token` leverages the [JSON Web Token (JWT)](https://jwt.io/) standard. JWT is an industry-standard protocol for creating access tokens which assert various claims about the resource who has authenticated. The tokens have a specific structure consisting of a header, payload, and signature.
A raw JWT might look like this:
```text
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZW5hbnRfaWQiOiI1OGViMDZhNC1kY2Q3LTRlOTYtOGZhYy1jY2EyYWZjMDNlNjEiLCJpbnRlcm5hbCI6dHJ1ZSwicG9kIjoiY29vayIsIm9yZyI6ImV4YW1wbGUiLCJpZGVudGl0eV9pZCI6ImZmODA4MTgxNTVmZThjMDgwMTU1ZmU4ZDkyNWIwMzE2IiwidXNlcl9uYW1lIjoic2xwdC5zZXJ2aWNlcyIsInN0cm9uZ19hdXRoIjp0cnVlLCJhdXRob3JpdGllcyI6WyJPUkdfQURNSU4iXSwiY2xpZW50X2lkIjoibktCUE93akpIOExYU2pJbCIsInN0cm9uZ19hdXRoX3N1cHBvcnRlZCI6dHJ1ZSwidXNlcl9pZCI6IjU5NTgyNiIsInNjb3BlIjpbInJlYWQiLCJ3cml0ZSJdLCJleHAiOjE1NjU4ODgzMTksImp0aSI6ImM5OGQxMjM2LTQ1MTMtNGM4OS1hMGQwLTBjYjlmMzI3NmI1NiJ9.SAY4ZQkXGi2cY_qz57Ah9_zDq4-bnF-oDJKotXa-LCY
```
If you were to decode the access token data, it might look something like this:
<Tabs>
<TabItem value="header" label="Header" default>
```json
{
"alg": "HS256",
"typ": "JWT"
}
```
</TabItem>
<TabItem value="payload" label="Payload">
```json
{
"tenant_id": "58eb06a4-dcd7-4e96-8fac-cca2afc03e61",
"internal": true,
"pod": "cook",
"org": "example",
"identity_id": "ff80818155fe8c080155fe8d925b0316",
"user_name": "slpt.services",
"strong_auth": true,
"authorities": ["ORG_ADMIN"],
"client_id": "nKBPOwjJH8LXSjIl",
"strong_auth_supported": true,
"user_id": "595826",
"scope": ["read", "write"],
"exp": 1565888319,
"jti": "c98d1236-4513-4c89-a0d0-0cb9f3276b56"
}
```
</TabItem>
<TabItem value="signature" label="Signature">
```text
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
{secret}
)
```
</TabItem>
</Tabs>
You can check the JWT access token data online at [jwt.io](https://jwt.io).
### Grant flow use cases
This section describes some different use cases and which grant flow you would want to use for the different cases.
#### Daily work or quick actions
For daily work or short, quick administrative actions, you can just use a PAT. This makes the process easier because you don't really need to worry about grant types - you can easily generate a PAT in the user interface (UI).
Follow these steps to do so:
1. Log in to ISC.
2. Go to 'Preferences', then 'Personal Access Tokens', and [generate a PAT](#generate-a-personal-access-token).
3. The PAT's `client_id` and `client_secret` provide the necessary authentication to send API requests, without any grant flow.
#### Postman
[Postman](https://www.postman.com/) is a popular HTTP client you can use to design, build, test, and iterate your APIs. Postman users and teams can create public workspaces they can use to make it easy to access their API collections and environments and get started. SailPoint maintains a [public workspace for the Identity Security Cloud API collections](https://www.postman.com/sailpoint/workspace/identitynow). You can use this workspace to access all the ISC API collections and stay up to date.
If you're using Postman, you have some different ways to set up your authorization. You can just leverage the accessToken as mentioned above, or you can configure Postman to use OAuth 2.0 directly. For more information about how to do so, refer [here](https://learning.postman.com/docs/sending-requests/authorization/).
#### Web applications
If you are making a web application, the best grant flow to use is the [Authorization Code grant flow](#request-access-token-with-authorization-code-grant-flow). This will allow users to be directed to ISC to login and then redirected back to the web application through a URL redirect. This also works well with Single Sign-on (SSO), strong authentication, and pass-through authentication mechanisms.
SailPoint doesn't recommend using a password grant flow for web applications because doing so would involve entering ISC credentials in the web application. This flow also doesn't allow you to work with SSO, strong authentication, or pass-through authentication.
#### Scripts, programs or system to system integration
If you are writing scripts, programs or system integrations that leverage the ISC APIs, the OAuth 2.0 grant you should use typically depends on what you're doing and the user context you need to operate under.
Because scripts, code, and programs lack an interactive web-interface, it is difficult, but not impossible, to implement a working authorization code grant flow. System to system integrations may require an elevated level of access and utilize a service account to make API calls beyond the privileges of the authenticated user.
Most scripts, programs, and many integrations use the [Client Credentials grant flow](#request-access-token-with-client-credentials-grant-flow). Using a PAT allows your API calls to work within a user context making client credentials ideal.
## Troubleshooting
Having issues? Follow these steps:
### Verify API endpoint calls
1. Verify the structure of the API call:
2. Verify that the API calls are going through the API gateway: `https://[tenant].api.identitynow.com`
3. Verify you are calling their version correctly:
- Private APIs: `https://[tenant].api.identitynow.com/cc/api/{endpoint}`
- V2 APIs: `https://[tenant].api.identitynow.com/v2/{endpoint}`
- V3 APIs: `https://[tenant].api.identitynow.com/v3/{endpoint}`
- Beta APIs: `https://[tenant].api.identitynow.com/beta/{endpoint}`
4. Verify that the API calls have the correct headers (e.g., `content-type`), query parameters, and body data.
5. If the HTTP response is **401 Unauthorized** , this is an indication either that there is no `Authorization` header or that the `access_token` is invalid. Verify that the API calls are providing the `access_token` in the `Authorization` header correctly (ex. `Authorization: Bearer {access_token}`) and that the `access_token` has not expired.
6. If the HTTP response is **403 Forbidden**, this is an indication that the `access_token` is valid, but the user you're running as doesn't have access to this endpoint. Check the user's associated access rights.
:::info
You can also get a **403 Forbidden** response error when you call an API that expects a user, but your authorization grant type lacks a user context. Calling most admin APIs with a `CLIENT_CREDENTIAL` grant often produces this result.
:::
### Verify OAuth client
1. Verify that the OAuth 2.0 client is not a legacy OAuth client. Legacy OAuth clients will not work. This can become very apparent when you look at the client ID - OAuth 2.0 client IDs have dashes. Here are two examples that illustrate the difference:
Legacy Client ID: `G6xLlBBOKIcOAQuK`
OAuth 2.0 Client ID: `b61429f5-203d-494c-94c3-04f54e17bc5c`
1. Verify that the OAuth 2.0 client ID exists. You can verify this by calling this endpoint:
```text
GET /beta/oauth-clients/{client-id}
```
or
```text
GET /beta/oauth-clients/
```
You can also view all of the active clients in the UI by going to `https://[tenant].identitynow.com/ui/admin/#admin:global:security:apimanagementpanel`.
3. Verify that the OAuth 2.0 client grant types match the OAuth 2.0 grant type flow you're trying to use. For example, this client will work with [Authorization Code](#request-access-token-with-authorization-code-grant-flow) and [Client Credentials](#request-access-token-with-client-credentials-grant-flow) grant flows, but not [Refresh Token](#request-access-token-with-refresh-token-grant-flow) flows:
```json
{
"enabled": true,
"created": "2019-05-23T02:06:20.685Z",
"name": "My Application",
"description": "My Application",
"id": "b61429f5-203d-494c-94c3-04f54e17bc5c",
"secret": null,
"grantTypes": [
"AUTHORIZATION_CODE",
"CLIENT_CREDENTIALS"
],
...
}
```
4. If you're using an [Authorization Code](#request-access-token-with-authorization-code-grant-flow) grant flow, verify that the redirect URL(s) for your application match the `redirectUris` value in the client. You can check this by calling the [List OAuth Clients endpoint](/docs/api/beta/list-oauth-clients).
### Verify OAuth calls
Verify that the OAuth call flow is going to the right URLs, with the correct query parameters and data values. A common source of errors is using the wrong host for authorization and token API calls. The token endpoint URL is `[tenant].api.identitynow.com`, while the authorize URL is `[tenant].identitynow.com`.

131
docs/api/v2025/authorization.md Normal file
View File

@@ -0,0 +1,131 @@
---
id: authorization
title: Authorization
pagination_label: Authorization
sidebar_label: Authorization
sidebar_position: 3
sidebar_class_name: authorization
keywords: ['authorization', 'scope', 'permission']
description: Authorize your ISC API requests.
slug: /api/v2025/authorization
tags: ['Authorization', 'Scopes', 'Permissions']
---
import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
## Overview
Authorization and authentication are two related concepts that help secure APIs. Authentication is the act of verifying a user's identity. Authorization is the act of validating the user's permission to access a given resource. When a user sends an API request, the server authenticates the user by checking the validity of the access token sent with the request. If the token is valid, the server checks whether the user is authorized to perform the desired operation on the resource. If the user is both authenticated and authorized, the server fulfills the request.
<div align="center">
```mermaid
sequenceDiagram
autonumber
participant H as HTTP Client
participant I as Identity Security Cloud
H->>I: Request to delete a source
I->>I: Authenticate access token
opt token fails authentication
I->>H: Return a 401 response code
end
I->>I: Authorize user to delete source
opt user fails authorization
I->>H: Return a 403 response code
end
I->>H: Delete source and return success
```
</div>
## User Level Permissions
When managing a user's access to the API, you must first assign the target user an appropriate [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html). It is important to choose the correct user level as it will place a boundary on which APIs a user can call, which also affects the areas and functions of the UI they have access to. For example, if a user is in charge of creating reports for auditing requirements, consider granting them the "Report Admin" user level.
User levels are typically granted through the UI, [following the procedures from this document](https://documentation.sailpoint.com/saas/help/accounts/identities.html#setting-user-level-permissions). You can also set user levels via API using the [auth user update](https://developer.sailpoint.com/docs/api/v3/patch-auth-user) endpoint.
User levels act as the first line of defense by applying a rigid boundary around the APIs that a user can call. The next section introduces scopes, which allow users to apply granular controls on the APIs an access token can call.
## Scopes
Scopes are granular permissions you can add to personal access tokens (PATs) to create tokens with the least privilege necessary to fulfill their functions. User levels place a broad border around the APIs a token has access to, while scopes can further limit the set of endpoints a token can call. Scopes allow an API user to have multiple tokens with different privileges that support unique use cases and software applications. Using scopes is beneficial to security - if a bad actor compromises any one of the tokens, the bad actor can only perform the limited set of operations defined by the token's scopes, significantly reducing the potential damage that can be done. Therefore, it is recommended that all users apply scopes to each PAT they create in order to reduce the impact of stolen credentials.
Scopes contain one or more rights, which are low level permissions that grant access to individual endpoints. This means that a single scope, like `idn:access-request:manage`, can grant access to multiple API endpoints. To determine which scopes a PAT needs, you must first identify which endpoints the PAT needs to invoke. Each endpoint's API specification indicates which scope is necessary to call the endpoint. You can use this approach to curate a list of scopes that must be applied to the credential to call the necessary endpoints. [Learn more about how to find an API's required scopes here](#identifying-necessary-authorization-for-an-endpoint).
By default, each PAT has the scope `sp:scopes:default`, which is the least privileged scope. It only grants access to endpoints that require no authorization at all, such as [List Public Identities](https://developer.sailpoint.com/idn/api/v3/get-public-identities). Access to the endpoint may still be determined by the user's [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html).
Alternatively, `sp:scopes:all` grants access to all the rights appropriate for the [user level](https://documentation.sailpoint.com/saas/help/common/users/user_level_matrix.html). For example, a user with the **Admin** user level has access to all APIs, so `sp:scopes:all` grants **Admin** users access to all APIs. A user with the **Cert Admin** user level, however, has access to only a subset of APIs necessary to perform their role, most notably the certification APIs, so `sp:scopes:all` grants **Cert Admin** users access to only that subset of APIs.
Scopes are additive, which means the final right set is the intersection of all the rights granted by the scopes assigned to a PAT, excluding any rights that fall outside of the user level. Each scope added to an PAT builds up the credential's permission set, incrementally increasing access to the API. If a PAT has `sp:scopes:all` granted, then any additional scope is ignored because `sp:scopes:all` already contains the complete set of rights available to the user level.
:::tip
If the API requirements for the personal access token exceed the scopes allowed by the user's assigned user level, then the following options may be considered.
- Re-evaluate the user's responsibilities compared to their user level. It is possible that their user level is no longer appropriate for the functions they need to perform, and a more permissive user level may be necessary.
- If the required access is a one-off need for a specific use case, then consider generating a PAT with the required scopes from a different user and sharing the credentials. This could be a dedicated service account designated for one-off applications. The downside of this approach is that it becomes more difficult to attribute an API call to a specific user, as the user now has a PAT that is not tied to their user account.
:::
## Identifying Necessary Authorization for an Endpoint
Each endpoint document specifies how to authorize with the endpoint in the **Authorization** dropdown, which is located on the right side column below the endpoint path. Selecting **Authorization** expands the dropdown menu showing the details of how to authorize with the endpoint. The following image shows the authorization details of the [List Access Profiles](https://developer.sailpoint.com/docs/api/beta/list-access-profiles) endpoint.
![Authorization Dropdown](../img/authorization/authorization-dropdown.png)
- **type**: The type of authorization method supported for this endpoint. SailPoint uses the [OAuth2 standard](./authentication.md#oauth-20) for all the V3/Beta APIs.
- **flow**: One or more OAuth flows supported by the endpoint. A token only needs to be generated by one flow to be valid. Refer to [Authentication Details](./authentication.md#choose-authorization-grant-flow) for more information about the available flows.
- **scopes**: A list of scopes necessary to access the endpoint. A token only needs one of the scopes to authorize with the endpoint. When possible, choose the least privileged scope. Scopes ending in `read` can only retrieve data. Scopes ending in `manage` can retrieve, modify, and delete data.
You may also notice that many API descriptions will indicate the user level(s) required to call the API endpoint. In the screenshot above, the list access profiles endpoint requires the user to have one of the following user levels: ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN. This means the PAT must have one of those user level **in addition to** the `sp:scopes:all` or `idn:access-profile:read` scope in order to call the endpoint.
:::info
SailPoint is working to define scopes for every endpoint, but you may encounter a scenario where you need access to an endpoint that does not yet have a scope defined. Until a scope is defined for the endpoint, you can assign `sp:scopes:all` to ensure that your credentials can access the necessary endpoints. Once all of the endpoints necessary for your use case have scopes defined, you can update or create a new PAT with the appropriate scopes in place.
:::
## Assigning Scopes with the UI
When you create a PAT in the UI, you can apply scopes to the token. More information on how to do this will be added in the near future.
## Assigning Scopes with the API
You can [create PATs](https://developer.sailpoint.com/docs/api/v3/create-personal-access-token) programmatically with the API. The request body for the endpoint allows the caller to specify a list of scopes to be applied to the PAT. If the `scope` property is omitted from the request body, then `sp:scopes:all` is granted to the credentials. The following example shows how to generate a PAT with the `idn:access-request:manage` and `idn:nelm:manage` scopes.
POST `https://{tenant}.api.identitynow.com/v3/personal-access-tokens`
Request Body
```json
{
"name": "Access Request and NELM Management",
"scope": ["idn:access-request:manage", "idn:nelm:manage"]
}
```
This request produces the following response, indicating that the scopes were successfully applied to the PAT.
```json
{
"id": "86286c0c456e4b03a8ccb1f892dd456d",
"name": "Access Request and NELM Management",
"secret": "********",
"scope": ["idn:access-request:manage", "idn:nelm:manage"],
"created": "2023-01-04T18:58:17.486584Z",
"owner": {
"name": "jane.doe",
"id": "2c9180ab7624cbd7017642d8c8c81a73",
"type": "IDENTITY"
}
}
```
:::caution
If you attempt to add a scope that is outside the permissions of the [target user's level](#user-level-permissions), the request will still succeed and include the invalid scope in the credentials. However, any token generated with these credentials will **not** include the rights of the invalid scope. This is not an issue when you apply scopes with the UI - the UI only shows scopes available to the current user.
:::

76
docs/api/v2025/getting-started.md Normal file
View File

@@ -0,0 +1,76 @@
---
id: getting-started
title: Getting Started
pagination_label: Getting Started
sidebar_label: Getting Started
sidebar_position: 1
sidebar_class_name: gettingStarted
keywords: ['getting started']
description: Start using the ISC APIs.
slug: /api/v2025/getting-started
tags: ['Getting Started']
---
## Overview
This guide is intended to help you quickly make your first API call to SailPoint Identity Security Cloud and assumes an intermediate level of understanding of APIs. For beginners to APIs, we recommend you watch this presentation that covers the fundamentals of APIs with visual demonstrations of how to make an API call in SailPoint.
<div className="text--center">
<iframe width="560" height="315" src="https://www.youtube.com/embed/HOzkXRLx-T4?si=i9SvAS42kJaOirk1" title="YouTube video player" frameBorder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowFullScreen></iframe>
</div>
## Find Your Tenant Name
To form the proper URL for an API request, you must know your tenant name. To find your tenant name, log into Identity Security Cloud, navigate to Admin, select the Dashboard dropdown, and select Overview. The org name is displayed within the Org Details section of the dashboard. If you do not have admin access, you can still find your tenant name and the API base URL you will use for API calls. To do so, view your session details when you are logged into your Identity Security Cloud instance. Change your URL to the following: `https://{your-Identity Security Cloud-hostname}.com/ui/session`, where `{your-Identity Security Cloud-hostname}` is your company's domain name for accessing Identity Security Cloud. The session detail you want is the `baseUrl`, which has the form of `https://{tenant}.api.identitynow.com`.
## Make Your First API Call
To get started, create a [personal access token](./authentication.md#generate-a-personal-access-token), which can then be used to generate access tokens to authenticate your API calls. To generate a personal access token from Identity Security Cloud, after logging into your Identity Security Cloud instance, do the following:
1. Select **Preferences** from the drop-down menu under your username. Then select **Personal Access Tokens** on the left. You can also go straight to the page using this URL, replacing `{tenant}` with your Identity Security Cloud tenant: `https://{tenant}.identitynow.com/ui/d/user-preferences/personal-access-tokens`.
2. Select **New Token** and enter a meaningful description to differentiate the token from others.
:::caution
The **New Token** button will be disabled when you reach the limit of 10 personal access tokens per user. To avoid reaching this limit, delete any tokens that are no longer needed.
:::
3. Select **Create Token** to generate and view two components the token comprises: the `Secret` and the `Client ID`.
:::danger Important
After you create the token, the value of the `Client ID` will be visible in the Personal Access Tokens list, but the corresponding `Secret` will not be visible after you close the window. Store the `Secret` somewhere secure.
:::
4. Copy both values somewhere that will be secure and accessible to you when you need to use the the token.
5. To create an `access_token` that can be used to authenticate API requests, use the following cURL command, replacing `{tenant}` with your Identity Security Cloud tenant. The response body will contain an `access_token`, which will look like a long string of random characters.
```bash
curl --location --request POST 'https://{tenant}.api.identitynow.com/oauth/token?grant_type=client_credentials&client_id={client_id}&client_secret={secret}'
```
6. To test your `access_token`, execute the following cURL command, replacing `{tenant}` with your Identity Security Cloud tenant and `access_token` with the token you generated in the previous step. If this is successful, you should get a JSON representation of an identity in your tenant.
```bash
curl --request GET --url 'https://{tenant}.api.identitynow.com/v3/public-identities?limit=1' --header 'authorization: Bearer {access_token}'
```
For more information about SailPoint Platform authentication, see [API Authentication](./authentication.md)
## Rate Limits
There is a rate limit of 100 requests per `access_token` per 10 seconds for V3 API calls through the API gateway. If you exceed the rate limit, expect the following response from the API:
**HTTP Status Code**: 429 Too Many Requests
**Headers**:
- **Retry-After**: [seconds to wait before rate limit resets]
## API Tools
There are several API tools that make exploring and testing APIs easier than using the command line or a programming language. One tool is [Postman](https://www.postman.com/downloads/). SailPoint provides an official Postman workspace where our collections are always up to date with the latest API changes. [Click here](https://developer.sailpoint.com/discuss/t/official-identitynow-postman-workspace/6153) to get started with our Postman workspace.

629
docs/api/v2025/patch-requests.md Normal file
View File

@@ -0,0 +1,629 @@
---
id: patch-requests
title: Patch Requests
pagination_label: Patch Requests
sidebar_label: Patch Requests
sidebar_position: 8
sidebar_class_name: patchRequests
keywords: ['patch']
description: Send PATCH ISC API requests.
slug: api/v2025/patch-requests
tags: ['patch', 'guide']
---
## PATCH requests
You can use the Identity Security Cloud APIs to update existing resources. Many of the APIs offer multiple ways to do so:
- You can send a **PUT** request to replace the existing resource with a new one. For example, if you wanted to update one of John Doe's source accounts, you could use the [Put Account](https://developer.sailpoint.com/docs/api/v3/put-account) endpoint to replace John Doe's existing source account with a new one. This is a viable way to update a resource, but it requires you to update the entire resource each time.
- You can send a **PATCH** request to make a specific change to the resource. For example, if you wanted to update John Doe's account's associated `identityId` attribute, you could use the [Patch Account](https://developer.sailpoint.com/docs/api/v3/update-account) endpoint to replace his existing `identityId` with a new one, all without affecting any of the other source account details. This can be very helpful when you want to make specific updates to resources, but it requires some knowledge of the types of changes, or "operations", that are possible, the specific paths of the fields you want to update, and some understanding of the basic data types.
This guide will focus on the partial update method, PATCH requests. Read this guide to learn how to start sending PATCH requests.
## Get the resource ID
To use PATCH to update a resource, you first need to know the resource ID.
Not all resource IDs are available in the Identity Security Cloud UI, so you may need to use the API to find the ID for the resource you want to update.
For example, account IDs aren't avilable in the Identity Security Cloud UI. If you want to use the [Patch Account](https://developer.sailpoint.com/docs/api/v3/update-account) endpoint to make a change to a specific account, you first need to find out the account's ID.
You can use the [List Accounts](https://developer.sailpoint.com/docs/api/v3/list-accounts) endpoint to view all the accounts in your tenant, along with their details, such as their identities. You can find your account and its ID in this list.
## Get the resource details
Once you know the resource ID, you can use a GET request to get that resource's details. To successfully use a PATCH request to make changes to a resource, you need to know which paths you can update, what values they have, and the structure of those paths.
For example, once you know the ID for the source you want to update with a PATCH request, you can use the [Get Source by ID](https://developer.sailpoint.com/docs/api/v3/get-source) endpoint to view only that source and its details.
In this example, the API returns a source, "ubuntu", along with all its details. This JSON response shows the resource's structure and its different paths:
<details>
<summary>Example Source Details</summary>
```json
{
"description": "ubuntu",
"owner": {
"type": "IDENTITY",
"id": "2c91808475b4334b0175e1e005006401",
"name": "SailPoint Services"
},
"cluster": null,
"accountCorrelationConfig": null,
"accountCorrelationRule": null,
"managerCorrelationMapping": null,
"managerCorrelationRule": null,
"beforeProvisioningRule": null,
"schemas": [
{
"type": "CONNECTOR_SCHEMA",
"id": "2c91808c771b686101772a91dbd877ab",
"name": "account"
},
{
"type": "CONNECTOR_SCHEMA",
"id": "2c91808c771b686101772a91dbd877ac",
"name": "group"
}
],
"passwordPolicies": null,
"features": ["NO_RANDOM_ACCESS", "DISCOVER_SCHEMA", "DIRECT_PERMISSIONS"],
"type": "DelimitedFile",
"connector": "delimited-file-angularsc",
"connectorClass": "sailpoint.connector.DelimitedFileConnector",
"connectorAttributes": {
"mergeColumns": ["groups"],
"group.mergeRows": true,
"group.delimiter": ",",
"mergeRows": true,
"group.filetransport": "local",
"partitionMode": "disabled",
"connectionType": "file",
"group.host": "local",
"group.indexColumn": "id",
"file": "/tmp/source-account-2c91808c771b686101772a91dbd877aa3299228430527475607.csv",
"delimiter": ",",
"deltaAggregation": null,
"host": "local",
"cloudExternalId": "23012",
"group.indexColumns": ["id"],
"cloudIdentityProfileName": null,
"group.mergeColumns": ["entitlements", "groups", "permissions"],
"hasHeader": true,
"filterEmptyRecords": true,
"oauth_body_attrs_to_exclude": "client_secret,client_id",
"filetransport": "local",
"idnPreviousCorrelationConfig": null,
"deleteThresholdPercentage": 10,
"group.filterEmptyRecords": true,
"group.hasHeader": true,
"group.partitionMode": "disabled",
"cloudAuthoritativeSourcePrecedence": null,
"formPath": null,
"group.columnNames": [
"id",
"name",
"displayName",
"created",
"description",
"modified",
"entitlements",
"groups",
"permissions"
],
"templateApplication": "DelimitedFile Template",
"group.file": "/var/lib/identityiq_workspace/27c92c24-8681-4574-9453-5c56370b3fc9-groups.csv",
"indexColumn": "id",
"healthy": false,
"cloudDisplayName": "Ubuntu",
"connectorName": "Delimited File",
"beforeProvisioningRule": null,
"cloudOriginalApplicationType": "Delimited File",
"since": "2021-01-22T14:48:58.072Z",
"status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT"
},
"deleteThreshold": 10,
"authoritative": false,
"healthy": false,
"status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT",
"since": "2021-01-22T14:48:58.072Z",
"connectorId": "delimited-file",
"connectorName": "Delimited File",
"connectionType": "file",
"connectorImplementationId": "delimited-file",
"managementWorkgroup": null,
"id": "2c91808c771b686101772a91dbd877aa",
"name": "Ubuntu",
"created": "2021-01-22T14:48:58.072Z",
"modified": "2023-06-30T13:39:07.456Z"
}
```
</details>
## PATCH request structure
A PATCH request involves sending a JSON PATCH document that represents an array of objects. Each object represents a single operation to be applied to the target resource.
PATCH requests all share the same essential structure. A PATCH request must include an object that specifies exactly one operation to apply to update the resource, as well as exactly one path that represents the target location where the operation is applied.
This example request has the basic PATCH structure:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
[
{
"op": "replace",
"path": "/description",
"value": "new description"
}
]
```
This example request uses a "replace" operation to replace the source's existing description with a new value, "new description". This example shows the parts involved in sending a PATCH request. You must specify an operation to apply to the target resource, a path to apply the operation to, and the change you want to make, often in the form of a value or a "from" location for "copy" and "move" operations.
You can find this example in the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) specification. The API specifications have examples on the right side of the page that you can copy and use to get started. You can tab between the different examples to see a variety of pre-built requests you can use.
A PATCH request can be more complex as well - the values can be simple or vast and detailed. You can use a PATCH request to apply multiple operations, with a path for each, or you can apply the same type of operation to multiple paths. The PATCH request will always have the same essential structure though.
:::note
The ordering of members in JSON objects doesn't affect the response. These examples all specify the operation first, but you would get the same response if you specified the members in any other order.
:::
You can specify a single operation, or you can specify multiple. If you are using multiple operations in one PATCH request, each operation must include its own path.
This example request applies "replace" and "add" ops to different paths:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
[
{
"op": "replace",
"path": "/description",
"value": "new description"
},
{
"op": "add",
"path": "/connectorAttributes/filterString",
"value": "!( id.contains( \"m\" ) ) || !( id.contains( \"d\" ) )"
}
]
```
This example request uses a "replace" to update the source's description and an "add" to add a filter string to the source's connector.
## Specify an operation
Once you know the ID of the resource you want to update and you have the resource's details, you can start writing your PATCH request.
The first step is to specify an operation to apply to the target resource.
Operation objects must have exactly one "op" member, whose value indicates the operation to perform.
These are the available PATCH operations:
- [Add](#add)
- [Remove](#remove)
- [Replace](#replace)
- [Move](#move)
- [Copy](#copy)
- [Test](#test)
### Add
The "add" operation adds a value to the target location. For more information about the "add" operation and how it behaves in different scenarios, refer to the [JSON PATCH documentation](https://datatracker.ietf.org/doc/html/rfc6902).
This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to add a new "office" attribute to the end of a source schema's array of attributes:
```json
[
{
"op": "add",
"path": "/attributes/-",
"value": {
"name": "office",
"type": "STRING",
"schema": null,
"description": "Office Location",
"isMulti": false,
"isEntitlement": false,
"isGroup": false
}
}
]
```
If you are adding a new value to an array of values, you can specify the position within the array where you want to add the new value. In this example, using the "-" expression at the end of the path specifies that the new attribute will be added to the end of the array of attributes.
You can use "0" to add a value to the beginning of the array. You can use "1" to add a value to the second positon, and so on. Using "-" adds the value to the end of the array.
### Remove
The "remove" operation removes a value from the target location. The target location must exist for the operation to be successful.
This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to remove an existing filter string from a source's connector:
```json
[
{
"op": "remove",
"path": "/connectorAttributes/filterString"
}
]
```
In this example, the PATCH request is removing a connector's string filter. If there is no string filter to remove, the request will fail and you will receive an error.
Because there is only one value for the path, the request removes that value.
If there is an array of values, you must specify the position within the array to remove that value.
This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to remove the first feature from a source's list of features.
The source has three features, "ENABLE", "PROVISIONING", AND "UNLOCK".
This request will remove the the first value from the list, "ENABLE".
```json
[
{
"op": "remove",
"path": "/features/0"
}
]
```
### Replace
The "replace" operation replaces the value at the target location with a new value. The operation object must contain a "value" member whose content specifies the replacement value, and the target location must exist for the operation to be successful. This operation is the equivalent of a "remove" followed by an "add".
This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to replace a source's existing features with new ones:
```json
[
{
"op": "replace",
"path": "/features",
"value": ["PASSWORD", "PROVISIONING", "ENABLE", "AUTHENTICATE"]
}
]
```
You can also replace a value within an array. This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to replace the first value in the array with the specified value:
```json
[
{
"op": "replace",
"path": "/features/0",
"value": "CURRENT_PASSWORD"
}
]
```
This request removes the first feature ("PASSWORD") in the list and adds the "CURRENT_PASSWORD" value in its place.
### Move
The "move" operation removes the operation from a specified location and adds it to the target location. This operation object must contain a "from" member whose content specifies the location to remove the value from, and the "from" location must exist for the operation to be successful.
This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to move an attribute from the beginning to the end of the schema's array of attributes:
```json
[
{
"op": "move",
"from": "/attributes/0",
"path": "/attributes/-"
}
]
```
### Copy
The "copy" operation copies the value from a specified location to the target location. The operation object must contain a "from" member whose content specifies the location to copy the value from, and the "from" location must exist for the operation to be successful.
This example uses the [Patch Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to copies an attribute from the beginning and duplicates it at the end of the schema's array of attributes:
```json
[
{
"op": "copy",
"from": "/attributes/0",
"path": "/attributes/-"
}
]
```
### Test
The "test" operation is unique in that it does not apply changes to the resource. The "test" operation tests that a value at the target location is equal to a specified value. The operation object must contain a "value" member whose content specifies the value to be compared to the target location's value, and the values must be equal for the operation to be successful. For more information about what "equal" means for different JSON types, refer [here](https://datatracker.ietf.org/doc/html/rfc6902#section-4.6).
The "test" operation allows you to check that a resource has the values you expect it to have, and then you can make changes to those values from there with another PATCH request.
This example uses the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) endpoint to test a source's existing features to make sure they match the specified values.:
```json
[
{
"op": "test",
"path": "/features",
"value": ["PASSWORD", "PROVISIONING", "ENABLE", "AUTHENTICATE"]
}
]
```
## Specify a path
Once you have specified the operation you want to apply to the target resource, you must specify the path, the JSON Pointer for the target location that you want to apply the operation to.
To send a PATCH request, you must know the path where you want to make the change. This is why it's important to get the resource's details so that you can see all the resource's available paths where you can make changes.
For example, this snippet from the beginning of the earlier source details example lists many of the source's top-level paths:
<details>
<summary>Example Source Paths</summary>
```json
{
"description": "ubuntu",
"owner": {
"type": "IDENTITY",
"id": "2c91808475b4334b0175e1e005006401",
"name": "SailPoint Services"
},
"cluster": null,
"accountCorrelationConfig": null,
"accountCorrelationRule": null,
"managerCorrelationMapping": null,
"managerCorrelationRule": null,
"beforeProvisioningRule": null,
"schemas": [
{
"type": "CONNECTOR_SCHEMA",
"id": "2c91808c771b686101772a91dbd877ab",
"name": "account"
},
{
"type": "CONNECTOR_SCHEMA",
"id": "2c91808c771b686101772a91dbd877ac",
"name": "group"
}
],
"passwordPolicies": null,
"features": [
"NO_RANDOM_ACCESS",
"DISCOVER_SCHEMA",
"DIRECT_PERMISSIONS"
],
```
</details>
You can send PATCH requests to make changes to some of these paths, like editing the source's description with this PATCH request from earlier:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
[
{
"op": "replace",
"path": "/description",
"value": "new description"
}
]
```
However, you cannot make changes to all paths. Use the API specifications for the PATCH endpoint you want to use to find out which paths you can make changes to. The API specifications will list the paths, or fields, that are immutable, if there are any. For example, the [Patch Source](https://developer.sailpoint.com/docs/api/v3/update-source) specification lists paths like `id` and `type` as being immutable. Trying to use modify these paths results in a 400 error.
The paths are often nested within other paths, like within the "connectorAttributes" path from the earlier example source's details:
<details>
<summary>Example Source Connector Attributes</summary>
```json
"connectorAttributes": {
"mergeColumns": [
"groups"
],
"filterString": "!( id.contains( \"m\" ) ) || !( id.contains( \"d\" ) )",
"group.mergeRows": true,
"group.delimiter": ",",
"mergeRows": true,
"group.filetransport": "local",
"partitionMode": "disabled",
"connectionType": "file",
"group.host": "local",
"group.indexColumn": "id",
"file": "/tmp/source-account-2c91808c771b686101772a91dbd877aa3299228430527475607.csv",
"delimiter": ",",
"deltaAggregation": null,
"host": "local",
"cloudExternalId": "23012",
"group.indexColumns": [
"id"
],
"cloudIdentityProfileName": null,
"group.mergeColumns": [
"entitlements",
"groups",
"permissions"
],
"hasHeader": true,
"filterEmptyRecords": true,
"oauth_body_attrs_to_exclude": "client_secret,client_id",
"filetransport": "local",
"idnPreviousCorrelationConfig": null,
"deleteThresholdPercentage": 10,
"group.filterEmptyRecords": true,
"group.hasHeader": true,
"group.partitionMode": "disabled",
"cloudAuthoritativeSourcePrecedence": null,
"formPath": null,
"group.columnNames": [
"id",
"name",
"displayName",
"created",
"description",
"modified",
"entitlements",
"groups",
"permissions"
],
"templateApplication": "DelimitedFile Template",
"group.file": "/var/lib/identityiq_workspace/27c92c24-8681-4574-9453-5c56370b3fc9-groups.csv",
"indexColumn": "id",
"healthy": false,
"cloudDisplayName": "Ubuntu",
"connectorName": "Delimited File",
"beforeProvisioningRule": null,
"cloudOriginalApplicationType": "Delimited File",
"since": "2021-01-22T14:48:58.072Z",
"status": "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT"
},
```
</details>
You can send a PATCH request to make changes to paths within the "connectorAttributes" path itself. This example request removes the "filterString" path and its value.
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
[
{
"op": "remove",
"path": "/connectorAttributes/filterString",
"value": "!( id.contains( \"m\" ) ) || !( id.contains( \"d\" ) )"
}
]
```
This request specifies the top-level path, "connectorAttributes", following it with the path where the value is going to be removed from, "filterString".
The request will only remove a filter string matching the one specified, so any other filter strings or connector attributes will be unaffected.
If there is no value matching the filter string specified by the PATCH request, the request will fail and you will receive an error.
## Specify a value
For many of the operations, once you have specified the operation you want to apply and the path you want to apply it to, you need to specify the value you want to send with the request. The value you specify must fit the path's data type.
The operations that don't require a value are the "copy" and "move" operations. Those operations instead use a "from" to represent the location they are copying or moving the data from. Refer to the [Specify a From](#specify-a-from) section for more information about how to use "from" with your "copy" and "move" operations.
You can specify a single simple value for an operation. In this example from earlier, the PATCH request replaces the source's description:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
[
{
"op": "replace",
"path": "/description",
"value": "new description"
}
]
```
You can also specify multiple values for an operation to be applied to, as long as they all affect the same path. For example, this PATCH request replaces the source's current features with a number of new ones:
```text
PATCH https://{tenant}.api.identitynow.com/v3/sources/:id
```
```json
[
{
"op": "replace",
"path": "/features",
"value": ["PASSWORD", "PROVISIONING", "ENABLE", "AUTHENTICATE"]
}
]
```
A value can also be an object that contains other values within it. For example, this PATCH request adds a new "location" attribute to the end of the source schema's array of attributes:
```text
PATCH https://{tenant}.api.identitynow.com//v3/sources/:sourceId/schemas/:schemaId
```
```json
[
{
"op": "add",
"path": "/attributes/-",
"value": {
"name": "location",
"type": "STRING",
"schema": null,
"description": "Employee location",
"isMulti": false,
"isEntitlement": false,
"isGroup": false
}
}
]
```
This request uses the [PATCH Source Schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to add a new attribute, along with its details, to the end of the array of a source's schema's attributes.
This example uses the "-" after the path to indicate that the value will be added to the end of the array. When you are adding a new value to an array of values, you can specify the position within the array where you want to add the new value. In this example, using the "-" expression at the end of the path specifies that the new attribute will be added to the end of the array of attributes.
You can use "0" to add a value to the beginning of the array. You can use "1" to add a value to the second positon, and so on. Using "-" adds the value to the end of the array.
## Specify a from
The "move" and "copy" operations allow you to remove or copy information from one path and add it to another path without your needing to specify the value, which could be an extensive array of information. To use the "move" and "copy" operations, you must specify a "from", a JSON Pointer representing the location you are moving or copying the value from.
This example request uses the [PATCH Source schema](https://developer.sailpoint.com/docs/api/v3/update-source-schema) endpoint to move an attribute, along with its details, from the beginning to the end of a source schema's array of attributes:
```text
PATCH https://{tenant}.api.identitynow.com//v3/sources/:sourceId/schemas/:schemaId
```
```json
[
{
"op": "move",
"from": "/attributes/0",
"path": "/attributes/-"
}
]
```
Instead of having to specify the value yourself, which could be an extensive array of information, you can use the "move" operation to move everything from one path to another.
## Apply the PATCH request header
With an operation, a path, and a change to make, a PATCH request is almost ready.
To send the request as a PATCH, you must apply this special PATCH content type header: `Content-Type: application/json-patch+json`
## Send your PATCH request
Once you have specified the operation you want to apply, the path you want to change, the change you want to make, and you have applied the PATCH content type header, you can send your PATCH request.
When the request is successful, the API will return the updated resource.
## Get started
Now you can use PATCH requests partially update resources. For more information about PATCH requests, refer to this [documentation](https://datatracker.ietf.org/doc/html/rfc6902). For more information about the Identity Security Cloud PATCH endpoints and which paths can be changed for each one, refer to their API specifications.
Use this guide to get started, and if you have questions, don't hesitate to reach out on the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss!

65
docs/api/v2025/postman-collections.md Normal file
View File

@@ -0,0 +1,65 @@
---
id: postman-collections
title: Postman Collections
pagination_label: Postman Collections
sidebar_label: Postman Collections
sidebar_position: 7
sidebar_class_name: postmanCollections
keywords: ['postman']
description: Run ISC APIs in Postman.
slug: api/v2025/postman-collections
tags: ['postman']
---
import CMSLinkComponent from '@site/src/components/PostmanLink';
[Postman](https://www.postman.com/) is a platform you can use to design, build, test, and iterate your APIs. Postman users and teams can create public workspaces they can use to make it easy to access their API collections and environments and get started. SailPoint maintains a [public workspace for the Identity Security Cloud API collections](https://www.postman.com/sailpoint/workspace/identitynow). You can use this workspace to access all the ISC API collections and stay up to date.
## Run in Postman
Each ISC API version is broken out into a separate collection within the workspace. The following table lists the available ISC API collections. To import a collection into your workspace, select the 'Run in Postman' button for your desired version. Doing so forks the collection into your workspace.
| API | Postman Collection |
| --- | --- |
| V2025 API | <CMSLinkComponent source="v2025CollectionUrl"></CMSLinkComponent> |
| V2024 API | <CMSLinkComponent source="v2024CollectionUrl"></CMSLinkComponent> |
| V3 API | <CMSLinkComponent source="v3CollectionUrl"></CMSLinkComponent> |
| Beta API | <CMSLinkComponent source="betaCollectionUrl"></CMSLinkComponent> |
| NERM API | <CMSLinkComponent source="nermCollectionUrl"></CMSLinkComponent> |
| SaaS Connectivity | [![Run in Postman](../img/button.svg)](https://god.gw.postman.com/run-collection/23226990-a0b5c429-d8dd-4fe2-a4a2-eb7ff85322ef?action=collection%2Ffork&collection-url=entityId%3D23226990-a0b5c429-d8dd-4fe2-a4a2-eb7ff85322ef%26entityType%3Dcollection%26workspaceId%3D80af54be-a333-4712-af5e-41aa9eccbdd0) |
You can also fork a collection by selecting the ellipses to the right of the collection and selecting 'Create a fork.'
## Update your collections
SailPoint is often making improvements to the ISC API collections. To get the latest updates to the Postman collection, go to the [SailPoint workspace](https://www.postman.com/sailpoint/workspace/identitynow) or click the 'Run in Postman' button for your desired API version. This will create a new fork in your Postman workspace while leaving your previous forks unaffected.
## Configure your environment
The SailPoint workspace provides an environment, a set of variables you can use in your requests, that you can fork and pull changes from to stay up to date the same way you can with collections. To import the environment into your workspace, select 'Run in Postman'.
| Environment | [![Run in Postman](../img/button.svg)](https://www.postman.com/sailpoint/workspace/identitynow/environment/23226990-ed571d4f-37a3-4a2c-9105-5d8d8cce1d20/fork) |
| --- | --- |
To send API requests in Postman, you must authenticate to the APIs. To authenticate to the APIs, you must specify these variables in your Postman environment:
| Environment Variable | Required | Description |
| --- | --- | --- |
| tenant | Yes | Your ISC tenant, typically your company's name |
| clientId | Yes | The client ID for the API client or personal access token |
| clientSecret | Yes | The client secret for the API client or personal access token |
| domain | No | This optional field is only necessary for those who have a domain in their API URL that isn't "identitynow". |
:::caution
Don't specify your baseUrl in your environment variables. When you fork an API collection, the baseUrl is automatically set as `https://{{tenant}}.api.{{domain}}.com`. Setting your baseURl in your environment variables may interfere with this process.
:::
Once you have configured your environment, you can start using Postman with all the endpoints provided in the collections.
:::tip
Anything you want to change about the Postman collection? We love feedback! Discuss the Postman collection [here](https://developer.sailpoint.com/discuss/t/official-identitynow-postman-workspace/6153).
:::

22
docs/api/v2025/rate-limit.md Normal file
View File

@@ -0,0 +1,22 @@
---
id: rate-limit
title: Rate Limiting
pagination_label: Rate Limiting
sidebar_label: Rate Limiting
sidebar_position: 6
sidebar_class_name: rateLimit
keywords: ['rate limit']
description: ISC API rate limits.
slug: api/v2025/rate-limit
tags: ['Rate Limit']
---
## Rate Limits
There is a rate limit of 100 requests per `access_token` per 10 seconds for V3 API calls through the API gateway. If you exceed the rate limit, expect the following response from the API:
**HTTP Status Code**: 429 Too Many Requests
**Headers**:
- **Retry-After**: [seconds to wait before rate limit resets]

194
docs/api/v2025/standard-collection-parameters.md Normal file
View File

@@ -0,0 +1,194 @@
---
id: standard-collection-parameters
title: Standard Collection Parameters
pagination_label: Standard Collection Parameters
sidebar_label: Standard Collection Parameters
sidebar_position: 5
sidebar_class_name: standardCollectionParameters
keywords: ['standard collection parameters','filter','pagination','paginate','sort']
description: ISC API pagination, filtering, and sorting.
tags: ['Standard Collection Parameters','Filter','Sort','Pagination']
slug: api/v2025/standard-collection-parameters
---
Many endpoints in the Identity Security Cloud API support a generic syntax for paginating, filtering and sorting the results. A collection endpoint has the following characteristics:
- The HTTP verb is always GET.
- The last component in the URL is a plural noun (ex. `/v3/public-identities`).
- The return value from a successful request is always an array of JSON objects. This array may be empty if there are no results.
## Paginating Results
Use the following optional query parameters to achieve pagination:
| Name | Description | Default | Constraints |
| --- | --- | --- | --- |
| `limit` | Integer specifying the maximum number of records to return in a single API call. If it is not specified, a default limit is used. | `250` for list endpoints, `10000` for search endpoint | Maxiumum of 250 records per page for list endpoints, 10000 records per page for the [Search endpoint](https://developer.sailpoint.com/docs/api/v3/search) |
| `offset` | Integer specifying the offset of the first result from the beginning of the collection. The **offset** value is record-based, not page-based, and the index starts at 0. For example, **offset=0** and **limit=20** returns records 0-19, but **offset=1** and **limit=20** returns records 1-20. | `0` | Between 0 and the last record index. |
| `count` | Boolean indicating whether a total count is returned, factoring in any filter parameters, in the **X-Total-Count** response header. The value is the total size of the collection that would be returned if **limit** and **offset** were ignored. For example, if the total number of records is 1000, then count=true would return 1000 in the **X-Total-Count** header. Because requesting a total count can have performance impact, do not send **count=true** if that value is not being used. | `false` | Must be `true` or `false` |
Examples:
- GET `/v3/public-identities?limit=2`
- GET `/v3/public-identities?limit=20&offset=4`
- GET `/v3/public-identities?count=true`
## Paginating Search Queries
The [search API](https://developer.sailpoint.com/docs/api/v3/search) in Identity Security Cloud leverages [Elasticsearch](https://www.elastic.co/guide/en/elasticsearch/reference/current/elasticsearch-intro.html) functionality, which returns a maximum of 10,000 records by default. However, you can page more than 10,000 records by using the "searchAfter" property.
The `searchAfter` capability provides the ability to page on sorted field values, instead of offset paging. For example, if you sort by ID and page 100 records at a time, you can take the 1st page of 100 records, pass the last ID from that record set into your next search, and the next search will return the next 100 records after that ID. You continue that pattern of using the last value passed into `searchAfter` until the end of the result set. This allows you to page past the 10,000 record limit until you reach the final record.
**Required Properties for Paginating Search Results**
| **Property** | Description |
| --- | --- |
| **query** | The Query JSON object. Refer to the following Query JSON Object table for details. |
| **sort** | The array list of the fields to sort by. This is required if you are using the `searchAfter` approach. You can use `-fieldName` for descending searches (optional). |
| **searchAfter** | You can use this instead of offset to get past the 10,000 paging result record limit, passing the last value(s) of your sort fields from the previous result set into the next result set until you get the total number of results or the end of results (optional). |
### Example of Paginating Search Results
Here is an example of a search API call with `searchAfter` paging. The first query will get the first set of results. The default limit for search is 10,000, which is different from other collection endpoints. For this example, the query is set to page 100 records at a time. Paginating search queries also requires the `sort` property to be set to `id`.
**POST** `https://{tenant}.api.identitynow.com/v3/search?limit=100&count=true`
```json
{
"indices": ["identities"],
"query": {
"query": "*"
},
"sort": ["id"]
}
```
This query will return 100 records. To get the next 100 records, find the last record's `id` and use it in the next query's `searchAfter` property.
**POST** `https://{tenant}.api.identitynow.com/v3/search?limit=100&count=true`
```json
{
"indices": ["identities"],
"query": {
"query": "*"
},
"sort": ["id"],
"searchAfter": ["2c9180835d38ca0c015d606b50851b1e"]
}
```
This will get the next 100 records in the search query. Repeat this process until no more records return.
## Filtering Results
Any collection with a `filters` parameter supports filtering. This means that an item is only included in the returned array if the filters expression evaluates to true for that item. Check the available request parameters for the collection endpoint you are using to see if it supports filtering.
### Data Types
Filter expressions are applicable to fields of the following types:
- Numeric
- Boolean: either **true** or **false**
- Strings. Enumerated values are a special case of this.
- Date-time. In V3, all date time values are in ISO-8601 format, as specified in [RFC 3339 - Date and Time on the Internet: Timestamps](https://tools.ietf.org/html/rfc3339).
### Filter Syntax
The V3 filter syntax is similar to, but not exactly the same as, that specified by the SCIM standard. These are some key differences:
- A slightly different set of supported operators
- Case-sensitivity of operators. All V3 filter operators are in lowercase; specifying "EQ" instead of "eq" is not allowed.
### Primitive Operators
These filter operators apply directly to fields and their values:
| Operator | Description | Example |
| --- | --- | --- |
| `ca` | True if the collection-valued field contains all the listed values. | groups ca ("Venezia","Firenze") |
| `co` | True if the value of the field contains the specified value as a substring.(Applicable to string-valued fields only.) | name co "Rajesh" |
| `eq` | True if the value of the field indicated by the first operand is equal to the value specified by the second operand. | identitySummary.id eq "2c9180846e85e4b8016eafeba20c1314" |
| `ge` | True if the value of the field indicated by the first operand is greater or equal to the value specified by the second operand. | daysUntilEscalation ge 7<br></br><br></br>name ge "Genaro" |
| `gt` | True if the value of the field indicated by the first operand is greater than the value specified by the second operand. | daysUntilEscalation gt 7<br></br><br></br>name gt "Genaro"<br></br><br></br>created gt 2018-12-18T23:05:55Z |
| `in` | True if the field value is in the list of values. | accountActivityItemId in ("2c9180846b0a0583016b299f210c1314","2c9180846b0a0581016b299e82560c1314") |
| `le` | True if the value of the field indicated by the first operand is less or equal to the value specified by the second operand. | daysUntilEscalation le 7<br></br><br></br>name le "Genaro" |
| `lt` | True if the value of the field indicated by the first operand is less than the value specified by the second operand. | daysUntilEscalation lt 7<br></br><br></br>name lt "Genaro"<br></br><br></br>created lt 2018-12-18T23:05:55Z |
| `ne` | True if the value of the field indicated by the first operand is not equal to the value specified by the second operand. | type ne "ROLE" |
| `pr` | True if the field is present, that is, not null. | pr accountRequestInfo |
| `isnull` | True if the field is null. | lastUsed isnull |
| `sw` | True if the value of the field starts with the specified value.(Applicable to string-valued fields only.) | name sw "Rajesh" |
### Composite Operators
These operators are applied to other filter expressions:
| Operator | Description | Example |
| --- | --- | --- |
| `and` | True if both the filter-valued operands are true. | startDate gt 2018 and name sw "Genaro" |
| `not` | True if the filter-valued operand is false. | not groups ca ("Venezia","Firenze") |
| `or` | True if either of the filter-valued operands are true. | startDate gt 2018 or name sw "Genaro" |
### Escaping Special Characters in a Filter
Certain characters must be escaped before they can be used in a filter expression. For example, the following filter expression attempting to find all sources with the name `#Employees` will produce a 400 error:
`/v3/sources?filters=name eq "#Employees"`
To properly escape this filter, do the following:
`/v3/sources?filters=name eq "%23Employees"`
If you are searching for a string containing double quotes, use the following escape sequence:
`/v3/sources/?filters=name eq "\"Employees\""`
The following table lists the special characters that are incompatible with `filters` and how to escape them.
| Character | Escape Sequence |
| --------- | --------------- |
| # | %23 |
| % | %25 |
| & | %26 |
| \\ | \\\\ |
| " | \\" |
### Known Limitations
Although filter expressions are a very general mechanism, individual API endpoints will only support filtering on a specific set of fields that are relevant to that endpoint, and will frequently only support a subset of operations for each field. For example, an endpoint might allow filtering on the name field but not support use of the co operator on that field. Consult the documentation for each API endpoint to determine what fields and operators can be used. Attempts to use an unsupported filter expression will result in a 400 Bad Request response.
Examples:
- `/v3/public-identities?filters=email eq "john.doe@example.com"`
- `/v3/public-identities?filters=firstname sw "john" or email sw "joe"`
- `not prop1 eq val1 or prop2 eq val2 and prop3 eq val3` is equivalent to `(not (prop1 eq val1)) or ((prop2 eq val2) and (prop3 eq val3))`
- `not (prop1 eq val1 or prop2 eq val2) and prop3 eq val3` is equivalent to `(not ((prop1 eq val1) or (prop2 eq val2))) and (prop3 eq val3)`
:::info
- Spaces in URLs must be escaped with `%20`. Most programming languages, frameworks, libraries, and tools will do this for you, but some won't. In the event that your tool doesn't escape spaces, you will need to format your query as `/v3/public-identities?filters=email%20eq%20"john.doe@example.com"`
- Double quotes may need to be escaped with `%22`. Most programming languages, frameworks, libraries, and tools will do this for you, but some won't. In the event that your tool doesn't escape quotes, you will need to format your query as `/v3/public-identities?filters=email%20eq%20%22john.doe@example.com%22`
- You must escape spaces in URLs with `%20`. Most programming languages, frameworks, libraries, and tools do this for you, but some do not. In the event that your tool does not escape spaces, you must format your query as `/v3/public-identities?filters=email%20eq%20"john.doe@example.com"`
- Unless explicitly noted otherwise, strings are compared lexicographically. Most comparisons are not case sensitive. Any situations where the comparisons are case sensitive will be called out.
- Date-times are compared temporally; an earlier date-time is less than a later date-time.
- The usual precedence and associativity of the composite operators applies, with **not** having higher priority than **and**, which in turn has higher priority than **or**. You can use parentheses to override this precedence.
:::
## Sorting Results
Result sorting is supported with the standard `sorters` parameter. Its syntax is a set of comma-separated field names. You may optionally prefix each field name with a "-" character, indicating that the sort is descending based on the value of that field. Otherwise, the sort is ascending.
For example, to sort primarily by **type** in ascending order, and secondarily by **modified date** in descending order, use `sorters=type,-modified`
## Putting it all Together
Pagination, filters, and sorters can be mixed and match to achieve the desired output for a given collection endpoint. Here are some examples:
- `/v3/public-identities?limit=20&filters=firstname eq "john"&sorters=-name` returns the first 20 identities that have a first name of John and are sorted in descending order by full name.
- `/v3/account-activities?limit=10&offset=2&sorters=-created` sorts the results by descending created time, so the most recent activities appear first. The limit and offset returns the 3rd page of this sorted response with 10 records displayed.

1
docs/api/v3/postman-collections.md
View File

@@ -21,6 +21,7 @@ Each ISC API version is broken out into a separate collection within the workspa
| API | Postman Collection |
| --- | --- |
| V2025 API | <CMSLinkComponent source="v2025CollectionUrl"></CMSLinkComponent> |
| V2024 API | <CMSLinkComponent source="v2024CollectionUrl"></CMSLinkComponent> |
| V3 API | <CMSLinkComponent source="v3CollectionUrl"></CMSLinkComponent> |
| Beta API | <CMSLinkComponent source="betaCollectionUrl"></CMSLinkComponent> |

22
docs/tools/sdk/powershell/Reference/V2025/Index.md Normal file
View File

@@ -0,0 +1,22 @@
---
id: v2025
title: V2025
pagination_label: V2025
sidebar_label: V2025
sidebar_position: 2
sidebar_class_name: v2025
keywords: ['v2025', 'PowerShell']
description: PowerShell SDK reference V2025.
slug: /tools/powershell/reference/v2025
tags: ['v2025']
---
Welcome to the PowerShell SDK documentation for the Identity Security Cloud (ISC) V2025 API. This reference guide provides an overview of both methods and models, which will help you understand how to interact with the API effectively.
```mdx-code-block
import DocCardList from '@theme/DocCardList';
import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
<DocCardList items={useCurrentSidebarCategory().items}/>
```

29
docs/tools/sdk/powershell/Reference/V2025/Methods/Index.md Normal file
View File

@@ -0,0 +1,29 @@
---
id: methods
title: Methods
pagination_label: Methods
sidebar_label: Methods
sidebar_position: 3
sidebar_class_name: methods
keywords: ['powershell', 'PowerShell', 'sdk', 'methods']
slug: /tools/sdk/powershell/v2025/methods
tags: ['SDK', 'Software Development Kit', 'v2025', 'methods']
---
Method documents provide detailed information about each API operation (or method). They describe what the method does and details its input parameters, expected return values, and any considerations to be aware of when using it.
## Key Features
- Purpose & Overview: Explains the purpose of the method and its role in the API.
- Parameters: Describe the required input parameters, including their data types.
- Response Format: Details the expected return format or structure.
- Error Scenarios: Outline potential errors or issues that may arise during method execution.
- Example: Provides a sample of how the API uses the method.
## Available Methods
This is a list of the core methods available in the PowerShell SDK for **V2025** endpoints:
```mdx-code-block
import DocCardList from '@theme/DocCardList';
import {useCurrentSidebarCategory} from '@docusaurus/theme-common';
<DocCardList items={useCurrentSidebarCategory().items}/>
```

236
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessModelMetadataApi.md Normal file
View File

@@ -0,0 +1,236 @@
---
id: v2025-access-model-metadata
title: AccessModelMetadata
pagination_label: AccessModelMetadata
sidebar_label: AccessModelMetadata
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessModelMetadata', 'V2025AccessModelMetadata']
slug: /tools/sdk/powershell/v2025/methods/access-model-metadata
tags: ['SDK', 'Software Development Kit', 'AccessModelMetadata', 'V2025AccessModelMetadata']
---
# AccessModelMetadata
Use this API to create and manage metadata attributes for your Access Model.
Access Model Metadata allows you to add contextual information to your ISC Access Model items using pre-defined metadata for risk, regulations, privacy levels, etc., or by creating your own metadata attributes to reflect the unique needs of your organization. This release of the API includes support for entitlement metadata. Support for role and access profile metadata will be introduced in a subsequent release.
Common usages for Access Model metadata include:
- Organizing and categorizing access items to make it easier for your users to search for and find the access rights they want to request, certify, or manage.
- Providing richer information about access that is being acted on to allow stakeholders to make better decisions when approving, certifying, or managing access rights.
- Identifying access that may requires additional approval requirements or be subject to more frequent review.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025AccessModelMetadataAttribute**](#get-access-model-metadata-attribute) | **GET** `/access-model-metadata/attributes/{key}` | Get Access Model Metadata Attribute
[**Get-V2025AccessModelMetadataAttributeValue**](#get-access-model-metadata-attribute-value) | **GET** `/access-model-metadata/attributes/{key}/values/{value}` | Get Access Model Metadata Value
[**Get-V2025AccessModelMetadataAttribute**](#list-access-model-metadata-attribute) | **GET** `/access-model-metadata/attributes` | List Access Model Metadata Attributes
[**Get-V2025AccessModelMetadataAttributeValue**](#list-access-model-metadata-attribute-value) | **GET** `/access-model-metadata/attributes/{key}/values` | List Access Model Metadata Values
## get-access-model-metadata-attribute
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get single Access Model Metadata Attribute
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-model-metadata-attribute)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Key | **String** | True | Technical name of the Attribute.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**AttributeDTO**](../models/attribute-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK | AttributeDTO
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Key = "iscPrivacy" # String | Technical name of the Attribute.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Access Model Metadata Attribute
try {
Get-V2025AccessModelMetadataAttribute -Key $Key -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessModelMetadataAttribute -Key $Key -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessModelMetadataAttribute"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-model-metadata-attribute-value
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get single Access Model Metadata Attribute Value
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-model-metadata-attribute-value)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Key | **String** | True | Technical name of the Attribute.
Path | Value | **String** | True | Technical name of the Attribute value.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**AttributeValueDTO**](../models/attribute-value-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK | AttributeValueDTO
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Key = "iscPrivacy" # String | Technical name of the Attribute.
$Value = "public" # String | Technical name of the Attribute value.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Access Model Metadata Value
try {
Get-V2025AccessModelMetadataAttributeValue -Key $Key -Value $Value -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessModelMetadataAttributeValue -Key $Key -Value $Value -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessModelMetadataAttributeValue"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-model-metadata-attribute
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get a list of Access Model Metadata Attributes
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-access-model-metadata-attribute)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq* **type**: *eq* **status**: *eq* **objectTypes**: *eq* Supported composite operators: *and*
### Return type
[**AttributeDTO[]**](../models/attribute-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK | AttributeDTO[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'name eq "Privacy"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq* **type**: *eq* **status**: *eq* **objectTypes**: *eq* Supported composite operators: *and* (optional)
# List Access Model Metadata Attributes
try {
Get-V2025AccessModelMetadataAttribute -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessModelMetadataAttribute -XSailPointExperimental $XSailPointExperimental -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessModelMetadataAttribute"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-model-metadata-attribute-value
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get a list of Access Model Metadata Attribute Values
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-access-model-metadata-attribute-value)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Key | **String** | True | Technical name of the Attribute.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**AttributeValueDTO[]**](../models/attribute-value-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK | AttributeValueDTO[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Key = "iscPrivacy" # String | Technical name of the Attribute.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# List Access Model Metadata Values
try {
Get-V2025AccessModelMetadataAttributeValue -Key $Key -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessModelMetadataAttributeValue -Key $Key -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessModelMetadataAttributeValue"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

600
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessProfilesApi.md Normal file
View File

@@ -0,0 +1,600 @@
---
id: v2025-access-profiles
title: AccessProfiles
pagination_label: AccessProfiles
sidebar_label: AccessProfiles
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessProfiles', 'V2025AccessProfiles']
slug: /tools/sdk/powershell/v2025/methods/access-profiles
tags: ['SDK', 'Software Development Kit', 'AccessProfiles', 'V2025AccessProfiles']
---
# AccessProfiles
Use this API to implement and customize access profile functionality.
With this functionality in place, administrators can create access profiles and configure them for use throughout Identity Security Cloud, enabling users to get the access they need quickly and securely.
Access profiles group entitlements, which represent access rights on sources.
For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, &#39;Employees,&#39; may represent the access all employees have at the organization, and a second, &#39;Developers,&#39; may represent the access all developers have at the organization.
An administrator can then create a broader set of access in the form of an access profile, &#39;AD Developers&#39; grouping the &#39;Employees&#39; entitlement with the &#39;Developers&#39; entitlement.
When users only need Active Directory employee access, they can request access to the &#39;Employees&#39; entitlement.
When users need both Active Directory employee and developer access, they can request access to the &#39;AD Developers&#39; access profile.
Identity Security Cloud uses access profiles in many features, including the following:
- Provisioning: When you use the Provisioning Service, lifecycle states and roles both grant access to users in the form of access profiles.
- Certifications: You can approve or revoke access profiles in certification campaigns, just like entitlements.
- Access Requests: You can assign access profiles to applications, and when a user requests access to the app associated with an access profile and someone approves the request, access is granted to both the application and its associated access profile.
- Roles: You can group one or more access profiles into a role to quickly assign access items based on an identity&#39;s role.
In Identity Security Cloud, administrators can use the Access drop-down menu and select Access Profiles to view, configure, and delete existing access profiles, as well as create new ones.
Administrators can enable and disable an access profile, and they can also make the following configurations:
- Manage Entitlements: Manage the profile&#39;s access by adding and removing entitlements.
- Access Requests: Configure access profiles to be requestable and establish an approval process for any requests that the access profile be granted or revoked.
Do not configure an access profile to be requestable without first establishing a secure access request approval process for the access profile.
- Multiple Account Options: Define the logic Identity Security Cloud uses to provision access to an identity with multiple accounts on the source.
Refer to [Managing Access Profiles](https://documentation.sailpoint.com/saas/help/access/access-profiles.html) for more information about access profiles.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025AccessProfile**](#create-access-profile) | **POST** `/access-profiles` | Create Access Profile
[**Remove-V2025AccessProfile**](#delete-access-profile) | **DELETE** `/access-profiles/{id}` | Delete the specified Access Profile
[**Remove-V2025AccessProfilesInBulk**](#delete-access-profiles-in-bulk) | **POST** `/access-profiles/bulk-delete` | Delete Access Profile(s)
[**Get-V2025AccessProfile**](#get-access-profile) | **GET** `/access-profiles/{id}` | Get an Access Profile
[**Get-V2025AccessProfileEntitlements**](#get-access-profile-entitlements) | **GET** `/access-profiles/{id}/entitlements` | List Access Profile&#39;s Entitlements
[**Get-V2025AccessProfiles**](#list-access-profiles) | **GET** `/access-profiles` | List Access Profiles
[**Update-V2025AccessProfile**](#patch-access-profile) | **PATCH** `/access-profiles/{id}` | Patch a specified Access Profile
[**Update-V2025AccessProfilesInBulk**](#update-access-profiles-in-bulk) | **POST** `/access-profiles/bulk-update-requestable` | Update Access Profile(s) requestable field.
## create-access-profile
Create an access profile.
A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile's Source.
The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles. However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessProfile | [**AccessProfile**](../models/access-profile) | True |
### Return type
[**AccessProfile**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Access profile created. | AccessProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessProfile = @"{
"owner" : {
"name" : "support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"entitlements" : [ {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
}, {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
} ],
"created" : "2021-03-01T22:32:58.104Z",
"description" : "Collection of entitlements to read/write the employee database",
"source" : {
"name" : "ODS-AD-SOURCE",
"id" : "2c91809773dee3610173fdb0b6061ef4",
"type" : "SOURCE"
},
"enabled" : true,
"revocationRequestConfig" : {
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
}, {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
} ]
},
"segments" : [ "f7b1b8a3-5fed-4fd4-ad29-82014e137e19", "29cb6c06-1da8-43ea-8be4-b3125f248f2a" ],
"accessRequestConfig" : {
"commentsRequired" : true,
"approvalSchemes" : [ {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
}, {
"approverId" : "46c79819-a69f-49a2-becb-12c971ae66c6",
"approverType" : "GOVERNANCE_GROUP"
} ],
"denialCommentsRequired" : true
},
"name" : "Employee-database-read-write",
"provisioningCriteria" : {
"children" : [ {
"children" : [ {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
}, {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
} ],
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
}, {
"children" : [ {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
}, {
"children" : "children",
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
} ],
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
} ],
"attribute" : "email",
"operation" : "EQUALS",
"value" : "carlee.cert1c9f9b6fd@mailinator.com"
},
"modified" : "2021-03-02T20:22:28.104Z",
"id" : "2c91808a7190d06e01719938fcd20792",
"requestable" : true
}"@
# Create Access Profile
try {
$Result = ConvertFrom-JsonToAccessProfile -Json $AccessProfile
New-V2025AccessProfile -AccessProfile $Result
# Below is a request that includes all optional parameters
# New-V2025AccessProfile -AccessProfile $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-access-profile
This API deletes an existing Access Profile.
The Access Profile must not be in use, for example, Access Profile can not be deleted if they belong to an Application, Life Cycle State or a Role. If it is, a 400 error is returned.
A user with SOURCE_SUBADMIN must be able to administer the Source associated with the Access Profile.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-access-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Access Profile to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Returned when an access profile cannot be deleted as it&#39;s being used. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the Access Profile to delete
# Delete the specified Access Profile
try {
Remove-V2025AccessProfile -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025AccessProfile -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-access-profiles-in-bulk
This endpoint initiates a bulk deletion of one or more access profiles.
When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information.
This endpoint can only bulk delete up to a limit of 50 access profiles per request.
By default, if any of the indicated access profiles are in use, no deletions will be performed and the **inUse** field of the response indicates the usages that must be removed first. If the request field **bestEffortOnly** is **true**, however, usages are reported in the **inUse** response field but all other indicated access profiles will be deleted.
A SOURCE_SUBADMIN user can only use this endpoint to delete access profiles associated with sources they're able to administer.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-access-profiles-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessProfileBulkDeleteRequest | [**AccessProfileBulkDeleteRequest**](../models/access-profile-bulk-delete-request) | True |
### Return type
[**AccessProfileBulkDeleteResponse**](../models/access-profile-bulk-delete-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returned only if **bestEffortOnly** is **false**, and one or more Access Profiles are in use. | AccessProfileBulkDeleteResponse
202 | Returned if at least one deletion will be performed. | AccessProfileBulkDeleteResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessProfileBulkDeleteRequest = @"{
"accessProfileIds" : [ "2c9180847812e0b1017817051919ecca", "2c9180887812e0b201781e129f151816" ],
"bestEffortOnly" : true
}"@
# Delete Access Profile(s)
try {
$Result = ConvertFrom-JsonToAccessProfileBulkDeleteRequest -Json $AccessProfileBulkDeleteRequest
Remove-V2025AccessProfilesInBulk -AccessProfileBulkDeleteRequest $Result
# Below is a request that includes all optional parameters
# Remove-V2025AccessProfilesInBulk -AccessProfileBulkDeleteRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025AccessProfilesInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-profile
This API returns an Access Profile by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Access Profile
### Return type
[**AccessProfile**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An AccessProfile | AccessProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180837ca6693d017ca8d097500149" # String | ID of the Access Profile
# Get an Access Profile
try {
Get-V2025AccessProfile -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025AccessProfile -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-profile-entitlements
Use this API to get a list of an access profile's entitlements.
A SOURCE_SUBADMIN user must have access to the source associated with the specified access profile.
>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-profile-entitlements)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the access profile containing the entitlements.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **attribute**: *eq, sw* **value**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, attribute, value, created, modified**
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of entitlements. | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the access profile containing the entitlements.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'attribute eq "memberOf"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **attribute**: *eq, sw* **value**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, attribute, value, created, modified** (optional)
# List Access Profile's Entitlements
try {
Get-V2025AccessProfileEntitlements -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025AccessProfileEntitlements -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessProfileEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-profiles
Get a list of access profiles.
>**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-access-profiles)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ForSubadmin | **String** | (optional) | Filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID or the special value **me**, which is shorthand for the calling identity's ID. If you specify an identity that isn't a subadmin, the API returns a 400 Bad Request error.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
Query | ForSegmentIds | **String** | (optional) | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error.
### Return type
[**AccessProfile[]**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of access profiles. | AccessProfile[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ForSubadmin = "8c190e6787aa4ed9a90bd9d5344523fb" # String | Filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID or the special value **me**, which is shorthand for the calling identity's ID. If you specify an identity that isn't a subadmin, the API returns a 400 Bad Request error. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "SailPoint Support"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **requestable**: *eq* **source.id**: *eq, in* Supported composite operators are *and, or* Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$ForSegmentIds = "0b5c9f25-83c6-4762-9073-e38f7bb2ae26,2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error. (optional)
$IncludeUnsegmented = $false # Boolean | Indicates whether the response list should contain unsegmented access profiles. If `for-segment-ids` is absent or empty, specifying *include-unsegmented* as `false` results in an error. (optional) (default to $true)
# List Access Profiles
try {
Get-V2025AccessProfiles
# Below is a request that includes all optional parameters
# Get-V2025AccessProfiles -ForSubadmin $ForSubadmin -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters -ForSegmentIds $ForSegmentIds -IncludeUnsegmented $IncludeUnsegmented
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-access-profile
This API updates an existing Access Profile. The following fields are patchable:
**name**
**description**
**enabled**
**owner**
**requestable**
**accessRequestConfig**
**revokeRequestConfig**
**segments**
**entitlements**
**provisioningCriteria**
**source** (must be updated with entitlements belonging to new source in the same API call)
If you need to change the `source` of the access profile, you can do so only if you update the `entitlements` in the same API call. The new entitlements can only come from the target source that you want to change to. Look for the example "Replace Source" in the examples dropdown.
A user with SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to administer.
> The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.
> You can only add or replace **entitlements** that exist on the source that the access profile is attached to. You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-access-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Access Profile to patch
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**AccessProfile**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the Access Profile as updated. | AccessProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the Access Profile to patch
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] |
# Patch a specified Access Profile
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AccessProfile -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AccessProfile -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AccessProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-access-profiles-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API initiates a bulk update of field requestable for one or more Access Profiles.
> If any of the indicated Access Profiles is exists in Organization,then those Access Profiles will be added in **updated**
list of the response.Requestable field of these Access Profiles marked as **true** or **false**.
> If any of the indicated Access Profiles is not does not exists in Organization,then those Access Profiles will be added in **notFound** list of the response. Access Profiles marked as **notFound** will not be updated.
A SOURCE_SUBADMIN may only use this API to update Access Profiles which are associated with Sources they are able to administer.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-access-profiles-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | AccessProfileBulkUpdateRequestInner | [**[]AccessProfileBulkUpdateRequestInner**](../models/access-profile-bulk-update-request-inner) | True |
### Return type
[**AccessProfileUpdateItem[]**](../models/access-profile-update-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
207 | List of updated and not updated Access Profiles. | AccessProfileUpdateItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
412 | Precondition Failed - Returned in response if API/Feature not enabled for an organization. | UpdateAccessProfilesInBulk412Response
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessProfileBulkUpdateRequestInner = @"[{id=464ae7bf-791e-49fd-b746-06a2e4a89635, requestable=false}]"@ # AccessProfileBulkUpdateRequestInner[] |
# Update Access Profile(s) requestable field.
try {
$Result = ConvertFrom-JsonToAccessProfileBulkUpdateRequestInner -Json $AccessProfileBulkUpdateRequestInner
Update-V2025AccessProfilesInBulk -XSailPointExperimental $XSailPointExperimental -AccessProfileBulkUpdateRequestInner $Result
# Below is a request that includes all optional parameters
# Update-V2025AccessProfilesInBulk -XSailPointExperimental $XSailPointExperimental -AccessProfileBulkUpdateRequestInner $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AccessProfilesInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

419
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestApprovalsApi.md Normal file
View File

@@ -0,0 +1,419 @@
---
id: v2025-access-request-approvals
title: AccessRequestApprovals
pagination_label: AccessRequestApprovals
sidebar_label: AccessRequestApprovals
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestApprovals', 'V2025AccessRequestApprovals']
slug: /tools/sdk/powershell/v2025/methods/access-request-approvals
tags: ['SDK', 'Software Development Kit', 'AccessRequestApprovals', 'V2025AccessRequestApprovals']
---
# AccessRequestApprovals
Use this API to implement and customize access request approval functionality.
With this functionality in place, administrators can delegate qualified users to review users&#39; requests for access or managers&#39; requests to revoke team members&#39; access to applications, entitlements, or roles.
This enables more qualified users to review access requests and the others to spend their time on other tasks.
In Identity Security Cloud, users can request access to applications, entitlements, and roles, and managers can request that team members&#39; access be revoked.
For applications and entitlements, administrators can set access profiles to require approval from the access profile owner, the application owner, the source owner, the requesting user&#39;s manager, or a governance group for access to be granted or revoked.
For roles, administrators can also set roles to allow access requests and require approval from the role owner, the requesting user&#39;s manager, or a governance group for access to be granted or revoked.
If the administrator designates a governance group as the required approver, any governance group member can approve the requests.
When a user submits an access request, Identity Security Cloud sends the first required approver in the queue an email notification, based on the access request configuration&#39;s approval and reminder escalation configuration.
In Approvals in Identity Security Cloud, required approvers can view pending access requests under the Requested tab and approve or deny them, or the approvers can reassign the requests to different reviewers for approval.
If the required approver approves the request and is the only reviewer required, Identity Security Cloud grants or revokes access, based on the request.
If multiple reviewers are required, Identity Security Cloud sends the request to the next reviewer in the queue, based on the access request configuration&#39;s approval reminder and escalation configuration.
The required approver can then view any completed access requests under the Reviewed tab.
Refer to [Access Requests](https://documentation.sailpoint.com/saas/help/requests/index.html) for more information about access request approvals.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Approve-V2025AccessRequest**](#approve-access-request) | **POST** `/access-request-approvals/{approvalId}/approve` | Approve Access Request Approval
[**Invoke-V2025ForwardAccessRequest**](#forward-access-request) | **POST** `/access-request-approvals/{approvalId}/forward` | Forward Access Request Approval
[**Get-V2025AccessRequestApprovalSummary**](#get-access-request-approval-summary) | **GET** `/access-request-approvals/approval-summary` | Get Access Requests Approvals Number
[**Get-V2025AccessRequestApprovers**](#list-access-request-approvers) | **GET** `/access-request-approvals/{accessRequestId}/approvers` | Access Request Approvers
[**Get-V2025CompletedApprovals**](#list-completed-approvals) | **GET** `/access-request-approvals/completed` | Completed Access Request Approvals List
[**Get-V2025PendingApprovals**](#list-pending-approvals) | **GET** `/access-request-approvals/pending` | Pending Access Request Approvals List
[**Deny-V2025AccessRequest**](#reject-access-request) | **POST** `/access-request-approvals/{approvalId}/reject` | Reject Access Request Approval
## approve-access-request
Use this endpoint to approve an access request approval. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/approve-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ApprovalId | **String** | True | Approval ID.
Body | CommentDto | [**CommentDto**](../models/comment-dto) | (optional) | Reviewer's comment.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ApprovalId = "2c91808b7294bea301729568c68c002e" # String | Approval ID.
$CommentDto = @"{
"created" : "2017-07-11T18:45:37.098Z",
"author" : {
"name" : "john.doe",
"id" : "2c9180847e25f377017e2ae8cae4650b",
"type" : "IDENTITY"
},
"comment" : "This is a comment."
}"@
# Approve Access Request Approval
try {
Approve-V2025AccessRequest -ApprovalId $ApprovalId
# Below is a request that includes all optional parameters
# Approve-V2025AccessRequest -ApprovalId $ApprovalId -CommentDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-V2025AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## forward-access-request
Use this API to forward an access request approval to a new owner. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action. Only the owner of the approval and ORG_ADMIN users are allowed to perform this action.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/forward-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ApprovalId | **String** | True | Approval ID.
Body | ForwardApprovalDto | [**ForwardApprovalDto**](../models/forward-approval-dto) | True | Information about the forwarded approval.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ApprovalId = "2c91808b7294bea301729568c68c002e" # String | Approval ID.
$ForwardApprovalDto = @"{
"newOwnerId" : "2c91808568c529c60168cca6f90c1314",
"comment" : "2c91808568c529c60168cca6f90c1313"
}"@
# Forward Access Request Approval
try {
$Result = ConvertFrom-JsonToForwardApprovalDto -Json $ForwardApprovalDto
Invoke-V2025ForwardAccessRequest -ApprovalId $ApprovalId -ForwardApprovalDto $Result
# Below is a request that includes all optional parameters
# Invoke-V2025ForwardAccessRequest -ApprovalId $ApprovalId -ForwardApprovalDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025ForwardAccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-approval-summary
Use this API to return the number of pending, approved and rejected access requests approvals. See the "owner-id" query parameter for authorization information. info.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-approval-summary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN user can also fetch all the approvals in the org, when owner-id is not used. * Non ORG_ADMIN users can only specify *me* or pass their own identity ID value.
Query | FromDate | **String** | (optional) | This is the date and time the results will be shown from. It must be in a valid ISO-8601 format.
### Return type
[**ApprovalSummary**](../models/approval-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Number of pending, approved, rejected access request approvals. | ApprovalSummary
400 | Client Error - Returned if the query parameter is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c91808568c529c60168cca6f90c1313" # String | The ID of the owner or approver identity of the approvals. If present, the value returns approval summary for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN user can also fetch all the approvals in the org, when owner-id is not used. * Non ORG_ADMIN users can only specify *me* or pass their own identity ID value. (optional)
$FromDate = "from-date=2020-03-19T19:59:11Z" # String | This is the date and time the results will be shown from. It must be in a valid ISO-8601 format. (optional)
# Get Access Requests Approvals Number
try {
Get-V2025AccessRequestApprovalSummary
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestApprovalSummary -OwnerId $OwnerId -FromDate $FromDate
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestApprovalSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-request-approvers
This API endpoint returns the list of approvers for the given access request id.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-access-request-approvers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | AccessRequestId | **String** | True | Access Request ID.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return.
Query | Offset | **Int32** | (optional) | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.
Query | Count | **Boolean** | (optional) (default to $false) | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.
### Return type
[**AccessRequestApproversListResponse[]**](../models/access-request-approvers-list-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Approvers. | AccessRequestApproversListResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$AccessRequestId = "2c91808568c529c60168cca6f90c1313" # String | Access Request ID.
$Limit = 100 # Int32 | Max number of results to return. (optional) (default to 250)
$Offset = 10 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. (optional)
$Count = $false # Boolean | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored. (optional) (default to $false)
# Access Request Approvers
try {
Get-V2025AccessRequestApprovers -AccessRequestId $AccessRequestId
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestApprovers -AccessRequestId $AccessRequestId -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestApprovers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-completed-approvals
This endpoint returns list of completed approvals. See *owner-id* query parameter below for authorization info.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-completed-approvals)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | If present, the value returns only completed approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
[**CompletedApproval[]**](../models/completed-approval)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Completed Approvals. | CompletedApproval[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c91808568c529c60168cca6f90c1313" # String | If present, the value returns only completed approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **requestedFor.id**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, sw* (optional)
$Sorters = "modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Completed Access Request Approvals List
try {
Get-V2025CompletedApprovals
# Below is a request that includes all optional parameters
# Get-V2025CompletedApprovals -OwnerId $OwnerId -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CompletedApprovals"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-pending-approvals
This endpoint returns a list of pending approvals. See "owner-id" query parameter below for authorization info.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-pending-approvals)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | If present, the value returns only pending approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
[**PendingApproval[]**](../models/pending-approval)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Pending Approvals. | PendingApproval[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c91808568c529c60168cca6f90c1313" # String | If present, the value returns only pending approvals for the specified identity. * ORG_ADMIN users can call this with any identity ID value. * ORG_ADMIN users can also fetch all the approvals in the org, when owner-id is not used. * Non-ORG_ADMIN users can only specify *me* or pass their own identity ID value. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **requestedFor.id**: *eq, in* **modified**: *gt, lt, ge, le, eq, in* **accessRequestId**: *eq, in* (optional)
$Sorters = "modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Pending Access Request Approvals List
try {
Get-V2025PendingApprovals
# Below is a request that includes all optional parameters
# Get-V2025PendingApprovals -OwnerId $OwnerId -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PendingApprovals"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reject-access-request
Use this API to reject an access request approval. Only the owner of the approval and admin users are allowed to perform this action.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/reject-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ApprovalId | **String** | True | Approval ID.
Body | CommentDto | [**CommentDto**](../models/comment-dto) | True | Reviewer's comment.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ApprovalId = "2c91808b7294bea301729568c68c002e" # String | Approval ID.
$CommentDto = @"{
"created" : "2017-07-11T18:45:37.098Z",
"author" : {
"name" : "john.doe",
"id" : "2c9180847e25f377017e2ae8cae4650b",
"type" : "IDENTITY"
},
"comment" : "This is a comment."
}"@
# Reject Access Request Approval
try {
$Result = ConvertFrom-JsonToCommentDto -Json $CommentDto
Deny-V2025AccessRequest -ApprovalId $ApprovalId -CommentDto $Result
# Below is a request that includes all optional parameters
# Deny-V2025AccessRequest -ApprovalId $ApprovalId -CommentDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Deny-V2025AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

74
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestIdentityMetricsApi.md Normal file
View File

@@ -0,0 +1,74 @@
---
id: v2025-access-request-identity-metrics
title: AccessRequestIdentityMetrics
pagination_label: AccessRequestIdentityMetrics
sidebar_label: AccessRequestIdentityMetrics
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestIdentityMetrics', 'V2025AccessRequestIdentityMetrics']
slug: /tools/sdk/powershell/v2025/methods/access-request-identity-metrics
tags: ['SDK', 'Software Development Kit', 'AccessRequestIdentityMetrics', 'V2025AccessRequestIdentityMetrics']
---
# AccessRequestIdentityMetrics
Use this API to implement access request identity metrics functionality.
With this functionality in place, access request reviewers can see relevant details about the requested access item and associated source activity.
This allows reviewers to see how many of the identities who share a manager with the access requester have this same type of access and how many of them have had activity in the related source.
This additional context about whether the access has been granted before and how often it has been used can help those approving access requests make more informed decisions.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025AccessRequestIdentityMetrics**](#get-access-request-identity-metrics) | **GET** `/access-request-identity-metrics/{identityId}/requested-objects/{requestedObjectId}/type/{type}` | Return access request identity metrics
## get-access-request-identity-metrics
Use this API to return information access metrics.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-identity-metrics)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | Manager's identity ID.
Path | RequestedObjectId | **String** | True | Requested access item's ID.
Path | Type | **String** | True | Requested access item's type.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of the resource access and source activity for the direct reports of the provided manager. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "7025c863-c270-4ba6-beea-edf3cb091573" # String | Manager's identity ID.
$RequestedObjectId = "2db501be-f0fb-4cc5-a695-334133c52891" # String | Requested access item's ID.
$Type = "ENTITLEMENT" # String | Requested access item's type.
# Return access request identity metrics
try {
Get-V2025AccessRequestIdentityMetrics -IdentityId $IdentityId -RequestedObjectId $RequestedObjectId -Type $Type
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestIdentityMetrics -IdentityId $IdentityId -RequestedObjectId $RequestedObjectId -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestIdentityMetrics"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

635
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestsApi.md Normal file
View File

@@ -0,0 +1,635 @@
---
id: v2025-access-requests
title: AccessRequests
pagination_label: AccessRequests
sidebar_label: AccessRequests
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequests', 'V2025AccessRequests']
slug: /tools/sdk/powershell/v2025/methods/access-requests
tags: ['SDK', 'Software Development Kit', 'AccessRequests', 'V2025AccessRequests']
---
# AccessRequests
Use this API to implement and customize access request functionality.
With this functionality in place, users can request access to applications, entitlements, or roles, and managers can request that team members&#39; access be revoked.
This allows users to get access to the tools they need quickly and securely, and it allows managers to take away access to those tools.
Identity Security Cloud&#39;s Access Request service allows end users to request access that requires approval before it can be granted to users and enables qualified users to review those requests and approve or deny them.
In the Request Center in Identity Security Cloud, users can view available applications, roles, and entitlements and request access to them.
If the requested tools requires approval, the requests appear as &#39;Pending&#39; under the My Requests tab until the required approver approves, rejects, or cancels them.
Users can use My Requests to track and/or cancel the requests.
In My Team on the Identity Security Cloud Home, managers can submit requests to revoke their team members&#39; access.
They can use the My Requests tab under Request Center to track and/or cancel the requests.
Refer to [Requesting Access](https://documentation.sailpoint.com/saas/user-help/requests/requesting_access.html) for more information about access requests.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Approve-V2025BulkAccessRequest**](#approve-bulk-access-request) | **POST** `/access-request-approvals/bulk-approve` | Bulk Approve Access Request
[**Suspend-V2025AccessRequest**](#cancel-access-request) | **POST** `/access-requests/cancel` | Cancel Access Request
[**Suspend-V2025AccessRequestInBulk**](#cancel-access-request-in-bulk) | **POST** `/access-requests/bulk-cancel` | Bulk Cancel Access Request
[**Close-V2025AccessRequest**](#close-access-request) | **POST** `/access-requests/close` | Close Access Request
[**New-V2025AccessRequest**](#create-access-request) | **POST** `/access-requests` | Submit Access Request
[**Get-V2025AccessRequestConfig**](#get-access-request-config) | **GET** `/access-request-config` | Get Access Request Configuration
[**Get-V2025AccessRequestStatus**](#list-access-request-status) | **GET** `/access-request-status` | Access Request Status
[**Get-V2025AdministratorsAccessRequestStatus**](#list-administrators-access-request-status) | **GET** `/access-request-administration` | Access Request Status for Administrators
[**Set-V2025AccessRequestConfig**](#set-access-request-config) | **PUT** `/access-request-config` | Update Access Request Configuration
## approve-bulk-access-request
This API endpoint allows approving pending access requests in bulk. Maximum of 50 approval ids can be provided in the request for one single invocation. ORG_ADMIN or users with rights "idn:access-request-administration:write" can approve the access requests in bulk.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/approve-bulk-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | BulkApproveAccessRequest | [**BulkApproveAccessRequest**](../models/bulk-approve-access-request) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$BulkApproveAccessRequest = @"{
"comment" : "I approve these request items",
"approvalIds" : [ "2c9180835d2e5168015d32f890ca1581", "2c9180835d2e5168015d32f890ca1582" ]
}"@
# Bulk Approve Access Request
try {
$Result = ConvertFrom-JsonToBulkApproveAccessRequest -Json $BulkApproveAccessRequest
Approve-V2025BulkAccessRequest -BulkApproveAccessRequest $Result
# Below is a request that includes all optional parameters
# Approve-V2025BulkAccessRequest -BulkApproveAccessRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-V2025BulkAccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## cancel-access-request
This API endpoint cancels a pending access request. An access request can be cancelled only if it has not passed the approval step.
In addition to users with ORG_ADMIN, any user who originally submitted the access request may cancel it.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/cancel-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CancelAccessRequest | [**CancelAccessRequest**](../models/cancel-access-request) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CancelAccessRequest = @"{
"accountActivityId" : "2c9180835d2e5168015d32f890ca1581",
"comment" : "I requested this role by mistake."
}"@
# Cancel Access Request
try {
$Result = ConvertFrom-JsonToCancelAccessRequest -Json $CancelAccessRequest
Suspend-V2025AccessRequest -CancelAccessRequest $Result
# Below is a request that includes all optional parameters
# Suspend-V2025AccessRequest -CancelAccessRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-V2025AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## cancel-access-request-in-bulk
This API endpoint allows cancelling pending access requests in bulk. Maximum of 50 access request ids can be provided in the request for one single invocation.
Only ORG_ADMIN or users with rights "idn:access-request-administration:write" can cancel the access requests in bulk.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/cancel-access-request-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | BulkCancelAccessRequest | [**BulkCancelAccessRequest**](../models/bulk-cancel-access-request) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$BulkCancelAccessRequest = @"{
"accessRequestIds" : [ "2c9180835d2e5168015d32f890ca1581", "2c9180835d2e5168015d32f890ca1582" ],
"comment" : "I requested this role by mistake."
}"@
# Bulk Cancel Access Request
try {
$Result = ConvertFrom-JsonToBulkCancelAccessRequest -Json $BulkCancelAccessRequest
Suspend-V2025AccessRequestInBulk -BulkCancelAccessRequest $Result
# Below is a request that includes all optional parameters
# Suspend-V2025AccessRequestInBulk -BulkCancelAccessRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-V2025AccessRequestInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## close-access-request
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint closes access requests that are stuck in a pending state. It can be used throughout a request's lifecycle even after the approval state, unlike the [Cancel Access Request endpoint](https://developer.sailpoint.com/idn/api/v3/cancel-access-request/).
To find pending access requests with the UI, navigate to Search and use this query: status: Pending AND "Access Request". Use the Column Chooser to select 'Tracking Number', and use the 'Download' button to export a CSV containing the tracking numbers.
To find pending access requests with the API, use the [List Account Activities endpoint](https://developer.sailpoint.com/idn/api/v3/list-account-activities/).
Input the IDs from either source.
To track the status of endpoint requests, navigate to Search and use this query: name:"Close Identity Requests". Search will include "Close Identity Requests Started" audits when requests are initiated and "Close Identity Requests Completed" audits when requests are completed. The completion audit will list the identity request IDs that finished in error.
This API triggers the [Provisioning Completed event trigger](https://developer.sailpoint.com/idn/docs/event-triggers/triggers/provisioning-completed/) for each access request that is closed.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/close-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | CloseAccessRequest | [**CloseAccessRequest**](../models/close-access-request) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CloseAccessRequest = @"{
"executionStatus" : "Terminated",
"accessRequestIds" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"completionStatus" : "Failure",
"message" : "The IdentityNow Administrator manually closed this request."
}"@
# Close Access Request
try {
$Result = ConvertFrom-JsonToCloseAccessRequest -Json $CloseAccessRequest
Close-V2025AccessRequest -XSailPointExperimental $XSailPointExperimental -CloseAccessRequest $Result
# Below is a request that includes all optional parameters
# Close-V2025AccessRequest -XSailPointExperimental $XSailPointExperimental -CloseAccessRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Close-V2025AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-access-request
Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.
Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request
has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn't return an error
if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.
It's best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can
be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also
use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting
an access request to ensure that you aren't requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.
These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.
There are two types of access request:
__GRANT_ACCESS__
* Can be requested for multiple identities in a single request.
* Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.
* Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
* Roles, access profiles and entitlements can be requested.
* While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.
__REVOKE_ACCESS__
* Can only be requested for a single identity at a time.
* You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.
* Does not support self request. Only manager can request to revoke access for their directly managed employees.
* If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements.
* Roles, access profiles, and entitlements can be requested for revocation.
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessRequest | [**AccessRequest**](../models/access-request) | True |
### Return type
[**AccessRequestResponse**](../models/access-request-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Access Request Response. | AccessRequestResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessRequest = @"{
"requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
"clientMetadata" : {
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
"requestedAppName" : "test-app"
},
"requestType" : "GRANT_ACCESS",
"requestedItems" : [ {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
"requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
},
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
} ]
}"@
# Submit Access Request
try {
$Result = ConvertFrom-JsonToAccessRequest -Json $AccessRequest
New-V2025AccessRequest -AccessRequest $Result
# Below is a request that includes all optional parameters
# New-V2025AccessRequest -AccessRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025AccessRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-config
This endpoint returns the current access-request configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**AccessRequestConfig**](../models/access-request-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Access Request Configuration Details. | AccessRequestConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Access Request Configuration
try {
Get-V2025AccessRequestConfig
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-request-status
Use this API to return a list of access request statuses based on the specified query parameters.
If an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses.
Any user with any user level can get the status of their own access requests. A user with ORG_ADMIN is required to call this API to get a list of statuses for other users.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-access-request-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | RequestedFor | **String** | (optional) | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RequestedBy | **String** | (optional) | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RegardingIdentity | **String** | (optional) | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.
Query | AssignedTo | **String** | (optional) | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.
Query | Count | **Boolean** | (optional) (default to $false) | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return.
Query | Offset | **Int32** | (optional) | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **accessRequestId**: *in* **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified, accountActivityItemId, name**
Query | RequestState | **String** | (optional) | Filter the results by the state of the request. The only valid value is *EXECUTING*.
### Return type
[**RequestedItemStatus[]**](../models/requested-item-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of requested item statuses. | RequestedItemStatus[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RequestedFor = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$AssignedTo = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user. (optional)
$Count = $false # Boolean | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored. (optional) (default to $false)
$Limit = 100 # Int32 | Max number of results to return. (optional) (default to 250)
$Offset = 10 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. (optional)
$Filters = 'accountActivityItemId eq "2c918086771c86df0177401efcdf54c0"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **accessRequestId**: *in* **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified, accountActivityItemId, name** (optional)
$RequestState = "request-state=EXECUTING" # String | Filter the results by the state of the request. The only valid value is *EXECUTING*. (optional)
# Access Request Status
try {
Get-V2025AccessRequestStatus
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestStatus -RequestedFor $RequestedFor -RequestedBy $RequestedBy -RegardingIdentity $RegardingIdentity -AssignedTo $AssignedTo -Count $Count -Limit $Limit -Offset $Offset -Filters $Filters -Sorters $Sorters -RequestState $RequestState
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-administrators-access-request-status
Use this API to get access request statuses of all the access requests in the org based on the specified query parameters.
Any user with user level ORG_ADMIN or scope idn:access-request-administration:read can access this endpoint to get the access request statuses
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-administrators-access-request-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | RequestedFor | **String** | (optional) | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RequestedBy | **String** | (optional) | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RegardingIdentity | **String** | (optional) | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.
Query | AssignedTo | **String** | (optional) | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user.
Query | Count | **Boolean** | (optional) (default to $false) | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return.
Query | Offset | **Int32** | (optional) | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **accessRequestId**: *in* **status**: *in, eq, ne* **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified, accountActivityItemId, name, accessRequestId**
Query | RequestState | **String** | (optional) | Filter the results by the state of the request. The only valid value is *EXECUTING*.
### Return type
[**AccessRequestAdminItemStatus[]**](../models/access-request-admin-item-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of requested item statuses. | AccessRequestAdminItemStatus[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RequestedFor = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$AssignedTo = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user. (optional)
$Count = $false # Boolean | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored. (optional) (default to $false)
$Limit = 100 # Int32 | Max number of results to return. (optional) (default to 250)
$Offset = 10 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. (optional)
$Filters = 'accountActivityItemId eq "2c918086771c86df0177401efcdf54c0"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw* **accessRequestId**: *in* **status**: *in, eq, ne* **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified, accountActivityItemId, name, accessRequestId** (optional)
$RequestState = "request-state=EXECUTING" # String | Filter the results by the state of the request. The only valid value is *EXECUTING*. (optional)
# Access Request Status for Administrators
try {
Get-V2025AdministratorsAccessRequestStatus
# Below is a request that includes all optional parameters
# Get-V2025AdministratorsAccessRequestStatus -RequestedFor $RequestedFor -RequestedBy $RequestedBy -RegardingIdentity $RegardingIdentity -AssignedTo $AssignedTo -Count $Count -Limit $Limit -Offset $Offset -Filters $Filters -Sorters $Sorters -RequestState $RequestState
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AdministratorsAccessRequestStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-config
This endpoint replaces the current access-request configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-access-request-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccessRequestConfig | [**AccessRequestConfig**](../models/access-request-config) | True |
### Return type
[**AccessRequestConfig**](../models/access-request-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Access Request Configuration Details. | AccessRequestConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccessRequestConfig = @"{
"requestOnBehalfOfConfig" : {
"allowRequestOnBehalfOfEmployeeByManager" : true,
"allowRequestOnBehalfOfAnyoneByAnyone" : true
},
"approvalReminderAndEscalationConfig" : {
"fallbackApproverRef" : {
"name" : "Alison Ferguso",
"id" : "5168015d32f890ca15812c9180835d2e",
"type" : "IDENTITY",
"email" : "alison.ferguso@identitysoon.com"
},
"maxReminders" : 1,
"daysUntilEscalation" : 0,
"daysBetweenReminders" : 0
},
"autoApprovalEnabled" : true,
"entitlementRequestConfig" : {
"requestCommentsRequired" : false,
"deniedCommentsRequired" : false,
"allowEntitlementRequest" : true,
"grantRequestApprovalSchemes" : "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584"
},
"reauthorizationEnabled" : true,
"approvalsMustBeExternal" : true
}"@
# Update Access Request Configuration
try {
$Result = ConvertFrom-JsonToAccessRequestConfig -Json $AccessRequestConfig
Set-V2025AccessRequestConfig -AccessRequestConfig $Result
# Below is a request that includes all optional parameters
# Set-V2025AccessRequestConfig -AccessRequestConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025AccessRequestConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

160
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccountActivitiesApi.md Normal file
View File

@@ -0,0 +1,160 @@
---
id: v2025-account-activities
title: AccountActivities
pagination_label: AccountActivities
sidebar_label: AccountActivities
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountActivities', 'V2025AccountActivities']
slug: /tools/sdk/powershell/v2025/methods/account-activities
tags: ['SDK', 'Software Development Kit', 'AccountActivities', 'V2025AccountActivities']
---
# AccountActivities
Use this API to implement account activity tracking functionality.
With this functionality in place, users can track source account activity in Identity Security Cloud, which greatly improves traceability in the system.
An account activity refers to a log of each action performed on a source account. This is useful for auditing the changes performed on an account throughout its life.
In Identity Security Cloud&#39;s Search, users can search for account activities and select the activity&#39;s row to get an overview of the activity&#39;s account action and view its progress, its involved sources, and its most basic metadata, such as the identity requesting the option and the recipient.
Account activity includes most actions Identity Security Cloud completes on source accounts. Users can search in Identity Security Cloud for the following account action types:
- Access Request: These include any access requests the source account is involved in.
- Account Attribute Updates: These include updates to a single attribute on an account on a source.
- Account State Update: These include locking or unlocking actions on an account on a source.
- Certification: These include actions removing an entitlement from an account on a source as a result of the entitlement&#39;s revocation during a certification.
- Cloud Automated &#x60;Lifecyclestate&#x60;: These include automated lifecycle state changes that result in a source account&#39;s correlated identity being assigned to a different lifecycle state.
Identity Security Cloud replaces the &#x60;Lifecyclestate&#x60; variable with the name of the lifecycle state it has moved the account&#39;s identity to.
- Identity Attribute Update: These include updates to a source account&#39;s correlated identity attributes as the result of a provisioning action.
When you update an identity attribute that also updates an identity&#39;s lifecycle state, the cloud automated &#x60;Lifecyclestate&#x60; event also displays.
Account Activity does not include attribute updates that occur as a result of aggregation.
- Identity Refresh: These include correlated identity refreshes that occur for an account on a source whenever the account&#39;s correlated identity profile gets a new role or updates.
These also include refreshes that occur whenever Identity Security Cloud assigns an application to the account&#39;s correlated identity based on the application&#39;s being assigned to All Users From Source or Specific Users From Source.
- Lifecycle State Refresh: These include the actions that took place when a lifecycle state changed. This event only occurs after a cloud automated &#x60;Lifecyclestate&#x60; change or a lifecycle state change.
- Lifecycle State Change: These include the account activities that result from an identity&#39;s manual assignment to a null lifecycle state.
- Password Change: These include password changes on sources.
Refer to [Account Activity](https://documentation.sailpoint.com/saas/help/search/index.html#account-activity) for more information about account activities.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025AccountActivity**](#get-account-activity) | **GET** `/account-activities/{id}` | Get an Account Activity
[**Get-V2025AccountActivities**](#list-account-activities) | **GET** `/account-activities` | List Account Activities
## get-account-activity
This gets a single account activity by its id.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-account-activity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account activity id
### Return type
[**AccountActivity**](../models/account-activity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An account activity object | AccountActivity
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account activity id
# Get an Account Activity
try {
Get-V2025AccountActivity -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025AccountActivity -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccountActivity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-account-activities
This gets a collection of account activities that satisfy the given query parameters.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-account-activities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | RequestedFor | **String** | (optional) | The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RequestedBy | **String** | (optional) | The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*.
Query | RegardingIdentity | **String** | (optional) | The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **type**: *eq, in, ge, le, lt, ne, isnull, sw* **created**: *gt, lt, ge, le, eq, in, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **type, created, modified**
### Return type
[**AccountActivity[]**](../models/account-activity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of account activities | AccountActivity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RequestedFor = "2c91808568c529c60168cca6f90c1313" # String | The identity that the activity was requested for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c91808568c529c60168cca6f90c1313" # String | The identity that requested the activity. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c91808568c529c60168cca6f90c1313" # String | The specified identity will be either the requester or target of the account activity. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'type eq "Identity Refresh"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **type**: *eq, in, ge, le, lt, ne, isnull, sw* **created**: *gt, lt, ge, le, eq, in, ne, isnull, sw* **modified**: *gt, lt, ge, le, eq, in, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **type, created, modified** (optional)
# List Account Activities
try {
Get-V2025AccountActivities
# Below is a request that includes all optional parameters
# Get-V2025AccountActivities -RequestedFor $RequestedFor -RequestedBy $RequestedBy -RegardingIdentity $RegardingIdentity -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccountActivities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

88
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccountAggregationsApi.md Normal file
View File

@@ -0,0 +1,88 @@
---
id: v2025-account-aggregations
title: AccountAggregations
pagination_label: AccountAggregations
sidebar_label: AccountAggregations
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountAggregations', 'V2025AccountAggregations']
slug: /tools/sdk/powershell/v2025/methods/account-aggregations
tags: ['SDK', 'Software Development Kit', 'AccountAggregations', 'V2025AccountAggregations']
---
# AccountAggregations
Use this API to implement account aggregation progress tracking functionality.
With this functionality in place, administrators can view in-progress account aggregations, their statuses, and their relevant details.
An account aggregation refers to the process Identity Security Cloud uses to gather and load account data from a source into Identity Security Cloud.
Whenever Identity Security Cloud is in the process of aggregating a source, it adds an entry to the Aggregation Activity Log, along with its relevant details.
To view aggregation activity, administrators can select the Connections drop-down menu, select Sources, and select the relevant source, select its Import Data tab, and select Account Aggregation.
In Account Aggregation, administrators can view the account aggregations&#39; statuses and details in the Account Activity Log.
Refer to [Loading Account Data](https://documentation.sailpoint.com/saas/help/accounts/loading_data.html) for more information about account aggregations.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025AccountAggregationStatus**](#get-account-aggregation-status) | **GET** `/account-aggregations/{id}/status` | In-progress Account Aggregation status
## get-account-aggregation-status
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the status of an *in-progress* account aggregation, along with the total number of **NEW**, **CHANGED** and **DELETED** accounts found since the previous aggregation, and the number of those accounts that have been processed so far.
Accounts that have not changed since the previous aggregation are not included in **totalAccounts** and **processedAccounts** counts returned by this API. This is distinct from **Accounts Scanned** shown in the Aggregation UI, which indicates total accounts scanned regardless of whether they changed or not.
Since this endpoint reports on the status of an *in-progress* account aggregation, totalAccounts and processedAccounts may change between calls to this endpoint.
*Only available up to an hour after the aggregation completes. May respond with *404 Not Found* after that.*
required to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-account-aggregation-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account aggregation id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**AccountAggregationStatus**](../models/account-aggregation-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An account aggregation status object | AccountAggregationStatus
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808477a6b0c60177a81146b8110b" # String | The account aggregation id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# In-progress Account Aggregation status
try {
Get-V2025AccountAggregationStatus -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccountAggregationStatus -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccountAggregationStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

77
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccountUsagesApi.md Normal file
View File

@@ -0,0 +1,77 @@
---
id: v2025-account-usages
title: AccountUsages
pagination_label: AccountUsages
sidebar_label: AccountUsages
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccountUsages', 'V2025AccountUsages']
slug: /tools/sdk/powershell/v2025/methods/account-usages
tags: ['SDK', 'Software Development Kit', 'AccountUsages', 'V2025AccountUsages']
---
# AccountUsages
Use this API to implement account usage insight functionality.
With this functionality in place, administrators can gather information and insights about how their tenants&#39; source accounts are being used.
This allows organizations to get the information they need to start optimizing and securing source account usage.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025UsagesByAccountId**](#get-usages-by-account-id) | **GET** `/account-usages/{accountId}/summaries` | Returns account usage insights
## get-usages-by-account-id
This API returns a summary of account usage insights for past 12 months.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-usages-by-account-id)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | AccountId | **String** | True | ID of IDN account
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date**
### Return type
[**AccountUsage[]**](../models/account-usage)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of account usage insights for past 12 months. | AccountUsage[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$AccountId = "ef38f94347e94562b5bb8424a56397d8" # String | ID of IDN account
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "-date" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date** (optional)
# Returns account usage insights
try {
Get-V2025UsagesByAccountId -AccountId $AccountId
# Below is a request that includes all optional parameters
# Get-V2025UsagesByAccountId -AccountId $AccountId -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025UsagesByAccountId"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

922
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccountsApi.md Normal file
View File

@@ -0,0 +1,922 @@
---
id: v2025-accounts
title: Accounts
pagination_label: Accounts
sidebar_label: Accounts
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Accounts', 'V2025Accounts']
slug: /tools/sdk/powershell/v2025/methods/accounts
tags: ['SDK', 'Software Development Kit', 'Accounts', 'V2025Accounts']
---
# Accounts
Use this API to implement and customize account functionality.
With this functionality in place, administrators can manage users&#39; access across sources in Identity Security Cloud.
In Identity Security Cloud, an account refers to a user&#39;s account on a supported source.
This typically includes a unique identifier for the user, a unique password, a set of permissions associated with the source and a set of attributes. Identity Security Cloud loads accounts through the creation of sources in Identity Security Cloud.
Administrators can correlate users&#39; identities with the users&#39; accounts on the different sources they use.
This allows Identity Security Cloud to govern the access of identities and all their correlated accounts securely and cohesively.
To view the accounts on a source and their correlated identities, administrators can use the Connections drop-down menu, select Sources, select the relevant source, and select its Account tab.
To view and edit source account statuses for an identity in Identity Security Cloud, administrators can use the Identities drop-down menu, select Identity List, select the relevant identity, and select its Accounts tab.
Administrators can toggle an account&#39;s Actions to aggregate the account, enable/disable it, unlock it, or remove it from the identity.
Accounts can have the following statuses:
- Enabled: The account is enabled. The user can access it.
- Disabled: The account is disabled, and the user cannot access it, but the identity is not disabled in Identity Security Cloud. This can occur when an administrator disables the account or when the user&#39;s lifecycle state changes.
- Locked: The account is locked. This may occur when someone has entered an incorrect password for the account too many times.
- Pending: The account is currently updating. This status typically lasts seconds.
Administrators can select the source account to view its attributes, entitlements, and the last time the account&#39;s password was changed.
Refer to [Managing User Accounts](https://documentation.sailpoint.com/saas/help/common/users/user_access.html#managing-user-accounts) for more information about accounts.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025Account**](#create-account) | **POST** `/accounts` | Create Account
[**Remove-V2025Account**](#delete-account) | **DELETE** `/accounts/{id}` | Delete Account
[**Remove-V2025AccountAsync**](#delete-account-async) | **POST** `/accounts/{id}/remove` | Remove Account
[**Disable-V2025Account**](#disable-account) | **POST** `/accounts/{id}/disable` | Disable Account
[**Disable-V2025AccountForIdentity**](#disable-account-for-identity) | **POST** `/identities-accounts/{id}/disable` | Disable IDN Account for Identity
[**Disable-V2025AccountsForIdentities**](#disable-accounts-for-identities) | **POST** `/identities-accounts/disable` | Disable IDN Accounts for Identities
[**Enable-V2025Account**](#enable-account) | **POST** `/accounts/{id}/enable` | Enable Account
[**Enable-V2025AccountForIdentity**](#enable-account-for-identity) | **POST** `/identities-accounts/{id}/enable` | Enable IDN Account for Identity
[**Enable-V2025AccountsForIdentities**](#enable-accounts-for-identities) | **POST** `/identities-accounts/enable` | Enable IDN Accounts for Identities
[**Get-V2025Account**](#get-account) | **GET** `/accounts/{id}` | Account Details
[**Get-V2025AccountEntitlements**](#get-account-entitlements) | **GET** `/accounts/{id}/entitlements` | Account Entitlements
[**Get-V2025Accounts**](#list-accounts) | **GET** `/accounts` | Accounts List
[**Send-V2025Account**](#put-account) | **PUT** `/accounts/{id}` | Update Account
[**Submit-V2025ReloadAccount**](#submit-reload-account) | **POST** `/accounts/{id}/reload` | Reload Account
[**Unlock-V2025Account**](#unlock-account) | **POST** `/accounts/{id}/unlock` | Unlock Account
[**Update-V2025Account**](#update-account) | **PATCH** `/accounts/{id}` | Update Account
## create-account
Submit an account creation task - the API then returns the task ID.
You must include the `sourceId` where the account will be created in the `attributes` object.
This endpoint creates an account on the source record in your ISC tenant.
This is useful for Flat File (`DelimitedFile`) type sources because it allows you to aggregate new accounts without needing to import a new CSV file every time.
However, if you use this endpoint to create an account for a Direct Connection type source, you must ensure that the account also exists on the target source.
The endpoint doesn't actually provision the account on the target source, which means that if the account doesn't also exist on the target source, an aggregation between the source and your tenant will remove it from your tenant.
By providing the account ID of an existing account in the request body, this API will function as a PATCH operation and update the account.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | AccountAttributesCreate | [**AccountAttributesCreate**](../models/account-attributes-create) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details. | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$AccountAttributesCreate = @"{
"attributes" : {
"sourceId" : "34bfcbe116c9407464af37acbaf7a4dc",
"city" : "Austin",
"displayName" : "John Doe",
"userName" : "jdoe",
"sAMAccountName" : "jDoe",
"mail" : "john.doe@sailpoint.com"
}
}"@
# Create Account
try {
$Result = ConvertFrom-JsonToAccountAttributesCreate -Json $AccountAttributesCreate
New-V2025Account -AccountAttributesCreate $Result
# Below is a request that includes all optional parameters
# New-V2025Account -AccountAttributesCreate $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-account
Use this API to delete an account.
This endpoint submits an account delete task and returns the task ID.
This endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you [disable accounts](https://developer.sailpoint.com/idn/api/v3/disable-account) rather than delete them. This will also allow you to reenable the accounts in the future.
>**NOTE: You can only delete accounts from sources of the "DelimitedFile" type.**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details. | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
# Delete Account
try {
Remove-V2025Account -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025Account -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-account-async
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this endpoint to remove accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation.
This endpoint is good for:
* Removing accounts that no longer exist on the source.
* Removing accounts that won't be aggregated following updates to the source configuration.
* Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-account-async)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**TaskResultDto**](../models/task-result-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted. Returns task result details of removal request. | TaskResultDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c350d6aa4f104c61b062cb632421ad10" # String | The account id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Remove Account
try {
Remove-V2025AccountAsync -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025AccountAsync -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025AccountAsync"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## disable-account
This API submits a task to disable the account and returns the task ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/disable-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
Body | AccountToggleRequest | [**AccountToggleRequest**](../models/account-toggle-request) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
$AccountToggleRequest = @"{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581"
}"@
# Disable Account
try {
$Result = ConvertFrom-JsonToAccountToggleRequest -Json $AccountToggleRequest
Disable-V2025Account -Id $Id -AccountToggleRequest $Result
# Below is a request that includes all optional parameters
# Disable-V2025Account -Id $Id -AccountToggleRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Disable-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## disable-account-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API submits a task to disable IDN account for a single identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/disable-account-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808384203c2d018437e631158309" # String | The identity id.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Disable IDN Account for Identity
try {
Disable-V2025AccountForIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Disable-V2025AccountForIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Disable-V2025AccountForIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## disable-accounts-for-identities
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API submits tasks to disable IDN account for each identity provided in the request body.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/disable-accounts-for-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentitiesAccountsBulkRequest | [**IdentitiesAccountsBulkRequest**](../models/identities-accounts-bulk-request) | True |
### Return type
[**BulkIdentitiesAccountsResponse[]**](../models/bulk-identities-accounts-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
207 | Bulk response details. | BulkIdentitiesAccountsResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentitiesAccountsBulkRequest = @"{
"identityIds" : [ "2c91808384203c2d018437e631158308", "2c9180858082150f0180893dbaf553fe" ]
}"@
# Disable IDN Accounts for Identities
try {
$Result = ConvertFrom-JsonToIdentitiesAccountsBulkRequest -Json $IdentitiesAccountsBulkRequest
Disable-V2025AccountsForIdentities -XSailPointExperimental $XSailPointExperimental -IdentitiesAccountsBulkRequest $Result
# Below is a request that includes all optional parameters
# Disable-V2025AccountsForIdentities -XSailPointExperimental $XSailPointExperimental -IdentitiesAccountsBulkRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Disable-V2025AccountsForIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## enable-account
This API submits a task to enable account and returns the task ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/enable-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
Body | AccountToggleRequest | [**AccountToggleRequest**](../models/account-toggle-request) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
$AccountToggleRequest = @"{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581"
}"@
# Enable Account
try {
$Result = ConvertFrom-JsonToAccountToggleRequest -Json $AccountToggleRequest
Enable-V2025Account -Id $Id -AccountToggleRequest $Result
# Below is a request that includes all optional parameters
# Enable-V2025Account -Id $Id -AccountToggleRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Enable-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## enable-account-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API submits a task to enable IDN account for a single identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/enable-account-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808384203c2d018437e631158309" # String | The identity id.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Enable IDN Account for Identity
try {
Enable-V2025AccountForIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Enable-V2025AccountForIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Enable-V2025AccountForIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## enable-accounts-for-identities
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API submits tasks to enable IDN account for each identity provided in the request body.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/enable-accounts-for-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentitiesAccountsBulkRequest | [**IdentitiesAccountsBulkRequest**](../models/identities-accounts-bulk-request) | True |
### Return type
[**BulkIdentitiesAccountsResponse[]**](../models/bulk-identities-accounts-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
207 | Bulk response details. | BulkIdentitiesAccountsResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentitiesAccountsBulkRequest = @"{
"identityIds" : [ "2c91808384203c2d018437e631158308", "2c9180858082150f0180893dbaf553fe" ]
}"@
# Enable IDN Accounts for Identities
try {
$Result = ConvertFrom-JsonToIdentitiesAccountsBulkRequest -Json $IdentitiesAccountsBulkRequest
Enable-V2025AccountsForIdentities -XSailPointExperimental $XSailPointExperimental -IdentitiesAccountsBulkRequest $Result
# Below is a request that includes all optional parameters
# Enable-V2025AccountsForIdentities -XSailPointExperimental $XSailPointExperimental -IdentitiesAccountsBulkRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Enable-V2025AccountsForIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-account
Use this API to return the details for a single account by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
### Return type
[**Account**](../models/account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Account object. | Account
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
# Account Details
try {
Get-V2025Account -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025Account -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-account-entitlements
This API returns entitlements of the account.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-account-entitlements)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An array of account entitlements | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Account Entitlements
try {
Get-V2025AccountEntitlements -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025AccountEntitlements -Id $Id -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccountEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-accounts
List accounts.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-accounts)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | DetailLevel | **String** | (optional) | This value determines whether the API provides `SLIM` or increased level of detail (`FULL`) for each account in the returned list. `FULL` is the default behavior.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **identityId**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **hasEntitlements**: *eq* **sourceId**: *eq, in, sw* **uncorrelated**: *eq* **entitlements**: *eq* **origin**: *eq, in* **manuallyCorrelated**: *eq* **identity.name**: *eq, in, sw* **identity.correlated**: *eq* **identity.identityState**: *eq, in* **source.displayableName**: *eq, in* **source.authoritative**: *eq* **source.connectionType**: *eq, in* **recommendation.method**: *eq, in, isnull* **created**: *eq, ge, gt, le, lt* **modified**: *eq, ge, gt, le, lt*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType**
### Return type
[**Account[]**](../models/account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of account objects. | Account[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$DetailLevel = "SLIM" # String | This value determines whether the API provides `SLIM` or increased level of detail (`FULL`) for each account in the returned list. `FULL` is the default behavior. (optional)
$Filters = 'identityId eq "2c9180858082150f0180893dbaf44201"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **identityId**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **hasEntitlements**: *eq* **sourceId**: *eq, in, sw* **uncorrelated**: *eq* **entitlements**: *eq* **origin**: *eq, in* **manuallyCorrelated**: *eq* **identity.name**: *eq, in, sw* **identity.correlated**: *eq* **identity.identityState**: *eq, in* **source.displayableName**: *eq, in* **source.authoritative**: *eq* **source.connectionType**: *eq, in* **recommendation.method**: *eq, in, isnull* **created**: *eq, ge, gt, le, lt* **modified**: *eq, ge, gt, le, lt* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType** (optional)
# Accounts List
try {
Get-V2025Accounts
# Below is a request that includes all optional parameters
# Get-V2025Accounts -Limit $Limit -Offset $Offset -Count $Count -DetailLevel $DetailLevel -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Accounts"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-account
Use this API to update an account with a PUT request.
This endpoint submits an account update task and returns the task ID.
>**Note: You can only use this PUT endpoint to update accounts from flat file sources.**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
Body | AccountAttributes | [**AccountAttributes**](../models/account-attributes) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details. | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
$AccountAttributes = @"{
"attributes" : {
"city" : "Austin",
"displayName" : "John Doe",
"userName" : "jdoe",
"sAMAccountName" : "jDoe",
"mail" : "john.doe@sailpoint.com"
}
}"@
# Update Account
try {
$Result = ConvertFrom-JsonToAccountAttributes -Json $AccountAttributes
Send-V2025Account -Id $Id -AccountAttributes $Result
# Below is a request that includes all optional parameters
# Send-V2025Account -Id $Id -AccountAttributes $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-reload-account
This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/submit-reload-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account id
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account id
# Reload Account
try {
Submit-V2025ReloadAccount -Id $Id
# Below is a request that includes all optional parameters
# Submit-V2025ReloadAccount -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-V2025ReloadAccount"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## unlock-account
This API submits a task to unlock an account and returns the task ID.
To use this endpoint to unlock an account that has the `forceProvisioning` option set to true, the `idn:accounts-provisioning:manage` scope is required.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/unlock-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The account ID.
Body | AccountUnlockRequest | [**AccountUnlockRequest**](../models/account-unlock-request) | True |
### Return type
[**AccountsAsyncResult**](../models/accounts-async-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Async task details | AccountsAsyncResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The account ID.
$AccountUnlockRequest = @"{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581",
"unlockIDNAccount" : false
}"@
# Unlock Account
try {
$Result = ConvertFrom-JsonToAccountUnlockRequest -Json $AccountUnlockRequest
Unlock-V2025Account -Id $Id -AccountUnlockRequest $Result
# Below is a request that includes all optional parameters
# Unlock-V2025Account -Id $Id -AccountUnlockRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Unlock-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-account
Use this API to update account details.
This API supports updating an account's correlation by modifying the `identityId` and `manuallyCorrelated` fields.
To reassign an account from one identity to another, replace the current `identityId` with a new value.
If the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account
for the previous identity as soon as the account is moved. If the account you're assigning is authoritative,
this causes the previous identity to become uncorrelated and can even result in its deletion.
All accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise.
>**Note:** The `attributes` field can only be modified for flat file accounts.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Account ID.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Account ID.
$RequestBody = # SystemCollectionsHashtable[] | A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"[{op=remove, path=/identityId}]"@ # SystemCollectionsHashtable[] | A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Update Account
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-V2025Account -Id $Id -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-V2025Account -Id $Id -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Account"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

171
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ApplicationDiscoveryApi.md Normal file
View File

@@ -0,0 +1,171 @@
---
id: v2025-application-discovery
title: ApplicationDiscovery
pagination_label: ApplicationDiscovery
sidebar_label: ApplicationDiscovery
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ApplicationDiscovery', 'V2025ApplicationDiscovery']
slug: /tools/sdk/powershell/v2025/methods/application-discovery
tags: ['SDK', 'Software Development Kit', 'ApplicationDiscovery', 'V2025ApplicationDiscovery']
---
# ApplicationDiscovery
Use this API to implement application discovery functionality.
With this functionality in place, you can discover applications within your Okta connector and receive connector recommendations by manually uploading application names.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025DiscoveredApplications**](#get-discovered-applications) | **GET** `/discovered-applications` | Get Discovered Applications for Tenant
[**Get-V2025ManualDiscoverApplicationsCsvTemplate**](#get-manual-discover-applications-csv-template) | **GET** `/manual-discover-applications-template` | Download CSV Template for Discovery
[**Send-V2025ManualDiscoverApplicationsCsvTemplate**](#send-manual-discover-applications-csv-template) | **POST** `/manual-discover-applications` | Upload CSV to Discover Applications
## get-discovered-applications
Get a list of applications that have been identified within the environment. This includes details such as application names, discovery dates, potential correlated saas_vendors and related suggested connectors.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-discovered-applications)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Detail | **String** | (optional) | Determines whether slim, or increased level of detail is provided for each discovered application in the returned list. SLIM is the default behavior.
Query | Filter | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq, sw, co* **description**: *eq, sw, co* **createdAtStart**: *eq, le, ge* **createdAtEnd**: *eq, le, ge* **discoveredAtStart**: *eq, le, ge* **discoveredAtEnd**: *eq, le, ge* **discoverySource**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, description, discoveredAt, discoverySource**
### Return type
[**GetDiscoveredApplications200ResponseInner[]**](../models/get-discovered-applications200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of discovered applications. By default, the API returns a list of SLIM discovered applications. | GetDiscoveredApplications200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Detail = "SLIM" # String | Determines whether slim, or increased level of detail is provided for each discovered application in the returned list. SLIM is the default behavior. (optional)
$Filter = "name eq "Okta" and description co "Okta" and discoverySource in ("csv", "Okta Saas")" # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq, sw, co* **description**: *eq, sw, co* **createdAtStart**: *eq, le, ge* **createdAtEnd**: *eq, le, ge* **discoveredAtStart**: *eq, le, ge* **discoveredAtEnd**: *eq, le, ge* **discoverySource**: *eq, in* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, description, discoveredAt, discoverySource** (optional)
# Get Discovered Applications for Tenant
try {
Get-V2025DiscoveredApplications
# Below is a request that includes all optional parameters
# Get-V2025DiscoveredApplications -Limit $Limit -Offset $Offset -Detail $Detail -Filter $Filter -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DiscoveredApplications"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-manual-discover-applications-csv-template
Download an example CSV file with two columns `application_name` and `description`. The CSV file contains a single row with the values 'Example Application' and 'Example Description'.
The downloaded template is specifically designed for use with the `/manual-discover-applications` endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-manual-discover-applications-csv-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ManualDiscoverApplicationsTemplate**](../models/manual-discover-applications-template)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A CSV file download was successful. | ManualDiscoverApplicationsTemplate
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/csv, application/json
### Example
```powershell
# Download CSV Template for Discovery
try {
Get-V2025ManualDiscoverApplicationsCsvTemplate
# Below is a request that includes all optional parameters
# Get-V2025ManualDiscoverApplicationsCsvTemplate
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManualDiscoverApplicationsCsvTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-manual-discover-applications-csv-template
Uploading a CSV file with application data for manual correlation to specific ISC connectors.
If a suitable ISC connector is unavailable, the system will recommend generic connectors instead.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/send-manual-discover-applications-csv-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| File | **System.IO.FileInfo** | True | The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The CSV has been successfully processed. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$File = # System.IO.FileInfo | The CSV file to upload containing `application_name` and `description` columns. Each row represents an application to be discovered.
# Upload CSV to Discover Applications
try {
Send-V2025ManualDiscoverApplicationsCsvTemplate -File $File
# Below is a request that includes all optional parameters
# Send-V2025ManualDiscoverApplicationsCsvTemplate -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ManualDiscoverApplicationsCsvTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

130
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ApprovalsApi.md Normal file
View File

@@ -0,0 +1,130 @@
---
id: v2025-approvals
title: Approvals
pagination_label: Approvals
sidebar_label: Approvals
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Approvals', 'V2025Approvals']
slug: /tools/sdk/powershell/v2025/methods/approvals
tags: ['SDK', 'Software Development Kit', 'Approvals', 'V2025Approvals']
---
# Approvals
Use this API to implement approval functionality. With this functionality in place, you can get generic approvals and modify them.
The main advantages this API has vs [Access Request Approvals](https://developer.sailpoint.com/docs/api/v2025/access-request-approvals) are that you can use it to get generic approvals individually or in batches and make changes to those approvals.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025Approval**](#get-approval) | **GET** `/generic-approvals/{id}` | Get an approval
[**Get-V2025Approvals**](#get-approvals) | **GET** `/generic-approvals` | Get Approvals
## get-approval
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieve a single approval for a given approval ID. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-approval)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the approval that is to be returned
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**Approval**](../models/approval)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Approval object | Approval
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | ID of the approval that is to be returned
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get an approval
try {
Get-V2025Approval -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Approval -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Approval"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-approvals
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieve a list of approvals, which can be filtered by requester ID, status, or reference type. "Mine" query parameter can be used and it will return all approvals for the current approver. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals.
Absence of all query parameters will will default to mine=true.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-approvals)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Mine | **Boolean** | (optional) | Returns the list of approvals for the current caller
Query | RequesterId | **String** | (optional) | Returns the list of approvals for a given requester ID
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq* **referenceType**: *eq*
### Return type
[**Approval[]**](../models/approval)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Approvals | Approval[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Mine = $true # Boolean | Returns the list of approvals for the current caller (optional)
$RequesterId = "17e633e7d57e481569df76323169deb6a" # String | Returns the list of approvals for a given requester ID (optional)
$Filters = 'filters=status eq PENDING' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq* **referenceType**: *eq* (optional)
# Get Approvals
try {
Get-V2025Approvals -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Approvals -XSailPointExperimental $XSailPointExperimental -Mine $Mine -RequesterId $RequesterId -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Approvals"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

834
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AppsApi.md Normal file
View File

@@ -0,0 +1,834 @@
---
id: v2025-apps
title: Apps
pagination_label: Apps
sidebar_label: Apps
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Apps', 'V2025Apps']
slug: /tools/sdk/powershell/v2025/methods/apps
tags: ['SDK', 'Software Development Kit', 'Apps', 'V2025Apps']
---
# Apps
Use this API to implement source application functionality.
With this functionality in place, you can create, customize, and manage applications within sources.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025SourceApp**](#create-source-app) | **POST** `/source-apps` | Create source app
[**Remove-V2025AccessProfilesFromSourceAppByBulk**](#delete-access-profiles-from-source-app-by-bulk) | **POST** `/source-apps/{id}/access-profiles/bulk-remove` | Bulk remove access profiles from the specified source app
[**Remove-V2025SourceApp**](#delete-source-app) | **DELETE** `/source-apps/{id}` | Delete source app by ID
[**Get-V2025SourceApp**](#get-source-app) | **GET** `/source-apps/{id}` | Get source app by ID
[**Get-V2025AccessProfilesForSourceApp**](#list-access-profiles-for-source-app) | **GET** `/source-apps/{id}/access-profiles` | List access profiles for the specified source app
[**Get-V2025AllSourceApp**](#list-all-source-app) | **GET** `/source-apps/all` | List all source apps
[**Get-V2025AllUserApps**](#list-all-user-apps) | **GET** `/user-apps/all` | List all user apps
[**Get-V2025AssignedSourceApp**](#list-assigned-source-app) | **GET** `/source-apps/assigned` | List assigned source apps
[**Get-V2025AvailableAccountsForUserApp**](#list-available-accounts-for-user-app) | **GET** `/user-apps/{id}/available-accounts` | List available accounts for user app
[**Get-V2025AvailableSourceApps**](#list-available-source-apps) | **GET** `/source-apps` | List available source apps
[**Get-V2025OwnedUserApps**](#list-owned-user-apps) | **GET** `/user-apps` | List owned user apps
[**Update-V2025SourceApp**](#patch-source-app) | **PATCH** `/source-apps/{id}` | Patch source app by ID
[**Update-V2025UserApp**](#patch-user-app) | **PATCH** `/user-apps/{id}` | Patch user app by ID
[**Update-V2025SourceAppsInBulk**](#update-source-apps-in-bulk) | **POST** `/source-apps/bulk-update` | Bulk update source apps
## create-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint creates a source app using the given source app payload
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SourceAppCreateDto | [**SourceAppCreateDto**](../models/source-app-create-dto) | True |
### Return type
[**SourceApp**](../models/source-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the source app as created. | SourceApp
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SourceAppCreateDto = @"{
"name" : "my app",
"description" : "the source app for engineers",
"accountSource" : {
"name" : "ODS-AD-Source",
"id" : "2c9180827ca885d7017ca8ce28a000eb",
"type" : "SOURCE"
},
"matchAllAccounts" : true
}"@
# Create source app
try {
$Result = ConvertFrom-JsonToSourceAppCreateDto -Json $SourceAppCreateDto
New-V2025SourceApp -XSailPointExperimental $XSailPointExperimental -SourceAppCreateDto $Result
# Below is a request that includes all optional parameters
# New-V2025SourceApp -XSailPointExperimental $XSailPointExperimental -SourceAppCreateDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025SourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-access-profiles-from-source-app-by-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the final list of access profiles for the specified source app after removing
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-access-profiles-from-source-app-by-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the source app
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | **[]String** | True |
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**AccessProfileDetails[]**](../models/access-profile-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The final list of access profiles for the specified source app | AccessProfileDetails[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the source app
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = "MyRequestBody" # String[] |
$RequestBody = @"[c9575abb5e3a4e3db82b2f989a738aa2, c9dc28e148a24d65b3ccb5fb8ca5ddd9]"@ # String[] |
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
# Bulk remove access profiles from the specified source app
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Remove-V2025AccessProfilesFromSourceAppByBulk -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Remove-V2025AccessProfilesFromSourceAppByBulk -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result -Limit $Limit
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025AccessProfilesFromSourceAppByBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to delete a specific source app
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | source app ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**SourceApp**](../models/source-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the source app as deleted. | SourceApp
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180835d191a86015d28455b4a2329" # String | source app ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete source app by ID
try {
Remove-V2025SourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025SourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025SourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a source app by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the source app
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**SourceApp**](../models/source-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the source app. | SourceApp
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the source app
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get source app by ID
try {
Get-V2025SourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025SourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-access-profiles-for-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of access profiles for the specified source app
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-access-profiles-for-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the source app
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le*
### Return type
[**AccessProfileDetails[]**](../models/access-profile-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of access profiles for the specified source app | AccessProfileDetails[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the source app
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Filters = 'name eq "developer access profile"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* (optional)
# List access profiles for the specified source app
try {
Get-V2025AccessProfilesForSourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessProfilesForSourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessProfilesForSourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-all-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of all source apps for the org.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-all-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, owner.id, accountSource.id**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, co, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **accountSource.id**: *eq, in* **enabled**: *eq*
### Return type
[**SourceApp[]**](../models/source-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of source apps | SourceApp[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, owner.id, accountSource.id** (optional)
$Filters = 'enabled eq true' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, co, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **accountSource.id**: *eq, in* **enabled**: *eq* (optional)
# List all source apps
try {
Get-V2025AllSourceApp -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AllSourceApp -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Count $Count -Offset $Offset -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AllSourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-all-user-apps
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of all user apps with specified filters.
This API must be used with **filters** query parameter.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-all-user-apps)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Filters | **String** | True | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **ownerId**: *eq* **ownerName**: *eq, sw* **ownerAlias**: *eq, sw* **accountId**: *eq* **sourceAppId**: *eq*
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**UserApp[]**](../models/user-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of user apps | UserApp[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Filters = 'name eq "user app name"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **ownerId**: *eq* **ownerName**: *eq, sw* **ownerAlias**: *eq, sw* **accountId**: *eq* **sourceAppId**: *eq*
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List all user apps
try {
Get-V2025AllUserApps -Filters $Filters -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AllUserApps -Filters $Filters -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Count $Count -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AllUserApps"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-assigned-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of source apps assigned for logged in user.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-assigned-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, accountSource.id**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, co, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **accountSource.id**: *eq, in*
### Return type
[**SourceApp[]**](../models/source-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of source apps | SourceApp[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, accountSource.id** (optional)
$Filters = 'name eq "source app name"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, co, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **accountSource.id**: *eq, in* (optional)
# List assigned source apps
try {
Get-V2025AssignedSourceApp -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AssignedSourceApp -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Count $Count -Offset $Offset -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AssignedSourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-available-accounts-for-user-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of available accounts for the specified user app. The user app needs to belong lo logged in user.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-available-accounts-for-user-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the user app
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**AppAccountDetails[]**](../models/app-account-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of available accounts for the specified user app | AppAccountDetails[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the user app
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List available accounts for user app
try {
Get-V2025AvailableAccountsForUserApp -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AvailableAccountsForUserApp -Id $Id -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AvailableAccountsForUserApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-available-source-apps
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of source apps available for access request.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-available-source-apps)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, owner.id, accountSource.id**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, co, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **accountSource.id**: *eq, in*
### Return type
[**SourceApp[]**](../models/source-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of source apps | SourceApp[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, owner.id, accountSource.id** (optional)
$Filters = 'name eq "source app name"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, co, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **accountSource.id**: *eq, in* (optional)
# List available source apps
try {
Get-V2025AvailableSourceApps -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AvailableSourceApps -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Count $Count -Offset $Offset -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AvailableSourceApps"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-owned-user-apps
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of user apps assigned to logged in user
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-owned-user-apps)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **ownerName**: *eq, sw* **ownerAlias**: *eq, sw* **accountId**: *eq* **sourceAppId**: *eq*
### Return type
[**UserApp[]**](../models/user-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of user apps | UserApp[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Filters = 'name eq "user app name"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **ownerName**: *eq, sw* **ownerAlias**: *eq, sw* **accountId**: *eq* **sourceAppId**: *eq* (optional)
# List owned user apps
try {
Get-V2025OwnedUserApps -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025OwnedUserApps -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Count $Count -Offset $Offset -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025OwnedUserApps"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-source-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates an existing source app using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable: **name**, **description**, **enabled**, **owner**, **provisionRequestEnabled**, **appCenterEnabled**, **accountSource**, **matchAllAccounts** and **accessProfiles**.
Name, description and owner can't be empty or null.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-source-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the source app to patch
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | (optional) |
### Return type
[**SourceAppPatchDto**](../models/source-app-patch-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the source app as updated. | SourceAppPatchDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the source app to patch
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | (optional)
# Patch source app by ID
try {
Update-V2025SourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Update-V2025SourceApp -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025SourceApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-user-app
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates an existing user app using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable: **account**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-user-app)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the user app to patch
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | (optional) |
### Return type
[**UserApp**](../models/user-app)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the user app as updated. | UserApp
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the user app to patch
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | (optional)
# Patch user app by ID
try {
Update-V2025UserApp -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Update-V2025UserApp -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025UserApp"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-source-apps-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates source apps using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. It can update up to 50 source apps in a batch.
The following fields can be updated: **name**, **description**, **enabled**, **owner**, **provisionRequestEnabled**, **appCenterEnabled**, **accountSource**, **matchAllAccounts**, and **accessProfiles**.
Name, description and owner can't be empty or null.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-source-apps-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SourceAppBulkUpdateRequest | [**SourceAppBulkUpdateRequest**](../models/source-app-bulk-update-request) | (optional) |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SourceAppBulkUpdateRequest = @"{
"appIds" : [ "2c91808a7624751a01762f19d665220d", "2c91808a7624751a01762f19d67c220e", "2c91808a7624751a01762f19d692220f" ],
"jsonPatch" : [ {
"op" : "replace",
"path" : "/enabled",
"value" : false
}, {
"op" : "replace",
"path" : "/matchAllAccounts",
"value" : false
} ]
}"@
# Bulk update source apps
try {
Update-V2025SourceAppsInBulk -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Update-V2025SourceAppsInBulk -XSailPointExperimental $XSailPointExperimental -SourceAppBulkUpdateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025SourceAppsInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

187
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AuthProfileApi.md Normal file
View File

@@ -0,0 +1,187 @@
---
id: v2025-auth-profile
title: AuthProfile
pagination_label: AuthProfile
sidebar_label: AuthProfile
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AuthProfile', 'V2025AuthProfile']
slug: /tools/sdk/powershell/v2025/methods/auth-profile
tags: ['SDK', 'Software Development Kit', 'AuthProfile', 'V2025AuthProfile']
---
# AuthProfile
Use this API to implement Auth Profile functionality.
With this functionality in place, users can read authentication profiles and make changes to them.
An authentication profile represents an identity profile&#39;s authentication configuration.
When the identity profile is created, its authentication profile is also created.
An authentication profile includes information like its authentication profile type (&#x60;BLOCK&#x60;, &#x60;MFA&#x60;, &#x60;NON_PTA&#x60;, PTA&#x60;) and settings controlling whether or not it blocks access from off network or untrusted geographies.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025ProfileConfig**](#get-profile-config) | **GET** `/auth-profiles/{id}` | Get Auth Profile
[**Get-V2025ProfileConfigList**](#get-profile-config-list) | **GET** `/auth-profiles` | Get list of Auth Profiles
[**Update-V2025ProfileConfig**](#patch-profile-config) | **PATCH** `/auth-profiles/{id}` | Patch a specified Auth Profile
## get-profile-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns auth profile information.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-profile-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Path | Id | **String** | True | ID of the Auth Profile to patch.
### Return type
[**AuthProfile**](../models/auth-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth Profile | AuthProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the Auth Profile to patch.
# Get Auth Profile
try {
Get-V2025ProfileConfig -XSailPointExperimental $XSailPointExperimental -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ProfileConfig -XSailPointExperimental $XSailPointExperimental -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ProfileConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-profile-config-list
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of auth profiles.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-profile-config-list)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**AuthProfileSummary[]**](../models/auth-profile-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Auth Profiles | AuthProfileSummary[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get list of Auth Profiles
try {
Get-V2025ProfileConfigList -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025ProfileConfigList -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ProfileConfigList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-profile-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates an existing Auth Profile. The following fields are patchable:
**offNetwork**, **untrustedGeography**, **applicationId**, **applicationName**, **type**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-profile-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Auth Profile to patch.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**AuthProfile**](../models/auth-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the Auth Profile as updated. | AuthProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of the Auth Profile to patch.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] |
# Patch a specified Auth Profile
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025ProfileConfig -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025ProfileConfig -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ProfileConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

131
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AuthUsersApi.md Normal file
View File

@@ -0,0 +1,131 @@
---
id: v2025-auth-users
title: AuthUsers
pagination_label: AuthUsers
sidebar_label: AuthUsers
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AuthUsers', 'V2025AuthUsers']
slug: /tools/sdk/powershell/v2025/methods/auth-users
tags: ['SDK', 'Software Development Kit', 'AuthUsers', 'V2025AuthUsers']
---
# AuthUsers
Use this API to implement user authentication system functionality.
With this functionality in place, users can get a user&#39;s authentication system details, including their capabilities, and modify those capabilities.
The user&#39;s capabilities refer to their access to different systems, or authorization, within the tenant, like access to certifications (CERT_ADMIN) or reports (REPORT_ADMIN).
These capabilities also determine a user&#39;s access to the different APIs.
This API provides users with a way to determine a user&#39;s access and make quick and easy changes to that access.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025AuthUser**](#get-auth-user) | **GET** `/auth-users/{id}` | Auth User Details
[**Update-V2025AuthUser**](#patch-auth-user) | **PATCH** `/auth-users/{id}` | Auth User Update
## get-auth-user
Return the specified user's authentication system details.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-user)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Identity ID
### Return type
[**AuthUser**](../models/auth-user)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The specified user&#39;s authentication system details. | AuthUser
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity ID
# Auth User Details
try {
Get-V2025AuthUser -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025AuthUser -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthUser"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-user
Use a PATCH request to update an existing user in the authentication system.
Use this endpoint to modify these fields:
* `capabilities`
A '400.1.1 Illegal update attempt' detail code indicates that you attempted to PATCH a field that is not allowed.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-user)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Identity ID
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth user update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**AuthUser**](../models/auth-user)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Auth user updated. | AuthUser
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity ID
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth user update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Auth User Update
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthUser -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthUser -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthUser"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

286
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025BrandingApi.md Normal file
View File

@@ -0,0 +1,286 @@
---
id: v2025-branding
title: Branding
pagination_label: Branding
sidebar_label: Branding
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Branding', 'V2025Branding']
slug: /tools/sdk/powershell/v2025/methods/branding
tags: ['SDK', 'Software Development Kit', 'Branding', 'V2025Branding']
---
# Branding
Use this API to implement and customize branding functionality.
With this functionality in place, administrators can get and manage existing branding items, and they can also create new branding items and configure them for use throughout Identity Security Cloud.
The Branding APIs provide administrators with a way to customize branding items.
This customization includes details like their colors, logos, and other information.
Refer to [Certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) for more information about certifications.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025BrandingItem**](#create-branding-item) | **POST** `/brandings` | Create a branding item
[**Remove-V2025Branding**](#delete-branding) | **DELETE** `/brandings/{name}` | Delete a branding item
[**Get-V2025Branding**](#get-branding) | **GET** `/brandings/{name}` | Get a branding item
[**Get-V2025BrandingList**](#get-branding-list) | **GET** `/brandings` | List of branding items
[**Set-V2025BrandingItem**](#set-branding-item) | **PUT** `/brandings/{name}` | Update a branding item
## create-branding-item
This API endpoint creates a branding item.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-branding-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| Name | **String** | True | name of branding item
| ProductName | **String** | True | product name
| ActionButtonColor | **String** | (optional) | hex value of color for action button
| ActiveLinkColor | **String** | (optional) | hex value of color for link
| NavigationColor | **String** | (optional) | hex value of color for navigation bar
| EmailFromAddress | **String** | (optional) | email from address
| LoginInformationalMessage | **String** | (optional) | login information message
| FileStandard | **System.IO.FileInfo** | (optional) | png file with logo
### Return type
[**BrandingItem**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Branding item created | BrandingItem
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Name = "MyName" # String | name of branding item
$ProductName = "MyProductName" # String | product name
$ActionButtonColor = "MyActionButtonColor" # String | hex value of color for action button (optional)
$ActiveLinkColor = "MyActiveLinkColor" # String | hex value of color for link (optional)
$NavigationColor = "MyNavigationColor" # String | hex value of color for navigation bar (optional)
$EmailFromAddress = "MyEmailFromAddress" # String | email from address (optional)
$LoginInformationalMessage = "MyLoginInformationalMessage" # String | login information message (optional)
$FileStandard = # System.IO.FileInfo | png file with logo (optional)
# Create a branding item
try {
New-V2025BrandingItem -Name $Name -ProductName $ProductName
# Below is a request that includes all optional parameters
# New-V2025BrandingItem -Name $Name -ProductName $ProductName -ActionButtonColor $ActionButtonColor -ActiveLinkColor $ActiveLinkColor -NavigationColor $NavigationColor -EmailFromAddress $EmailFromAddress -LoginInformationalMessage $LoginInformationalMessage -FileStandard $FileStandard
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025BrandingItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-branding
This API endpoint delete information for an existing branding item by name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-branding)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The name of the branding item to be deleted
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "default" # String | The name of the branding item to be deleted
# Delete a branding item
try {
Remove-V2025Branding -Name $Name
# Below is a request that includes all optional parameters
# Remove-V2025Branding -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Branding"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-branding
This API endpoint retrieves information for an existing branding item by name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-branding)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The name of the branding item to be retrieved
### Return type
[**BrandingItem**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A branding item object | BrandingItem
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "default" # String | The name of the branding item to be retrieved
# Get a branding item
try {
Get-V2025Branding -Name $Name
# Below is a request that includes all optional parameters
# Get-V2025Branding -Name $Name
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Branding"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-branding-list
This API endpoint returns a list of branding items.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-branding-list)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**BrandingItem[]**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of branding items. | BrandingItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List of branding items
try {
Get-V2025BrandingList
# Below is a request that includes all optional parameters
# Get-V2025BrandingList
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025BrandingList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-branding-item
This API endpoint updates information for an existing branding item.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-branding-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The name of the branding item to be retrieved
| Name2 | **String** | True | name of branding item
| ProductName | **String** | True | product name
| ActionButtonColor | **String** | (optional) | hex value of color for action button
| ActiveLinkColor | **String** | (optional) | hex value of color for link
| NavigationColor | **String** | (optional) | hex value of color for navigation bar
| EmailFromAddress | **String** | (optional) | email from address
| LoginInformationalMessage | **String** | (optional) | login information message
| FileStandard | **System.IO.FileInfo** | (optional) | png file with logo
### Return type
[**BrandingItem**](../models/branding-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Branding item updated | BrandingItem
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Name = "default" # String | The name of the branding item to be retrieved
$Name2 = "Name_example" # String | name of branding item
$ProductName = "MyProductName" # String | product name
$ActionButtonColor = "MyActionButtonColor" # String | hex value of color for action button (optional)
$ActiveLinkColor = "MyActiveLinkColor" # String | hex value of color for link (optional)
$NavigationColor = "MyNavigationColor" # String | hex value of color for navigation bar (optional)
$EmailFromAddress = "MyEmailFromAddress" # String | email from address (optional)
$LoginInformationalMessage = "MyLoginInformationalMessage" # String | login information message (optional)
$FileStandard = # System.IO.FileInfo | png file with logo (optional)
# Update a branding item
try {
Set-V2025BrandingItem -Name $Name -Name2 $Name2 -ProductName $ProductName
# Below is a request that includes all optional parameters
# Set-V2025BrandingItem -Name $Name -Name2 $Name2 -ProductName $ProductName -ActionButtonColor $ActionButtonColor -ActiveLinkColor $ActiveLinkColor -NavigationColor $NavigationColor -EmailFromAddress $EmailFromAddress -LoginInformationalMessage $LoginInformationalMessage -FileStandard $FileStandard
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025BrandingItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

324
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CertificationCampaignFiltersApi.md Normal file
View File

@@ -0,0 +1,324 @@
---
id: v2025-certification-campaign-filters
title: CertificationCampaignFilters
pagination_label: CertificationCampaignFilters
sidebar_label: CertificationCampaignFilters
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'CertificationCampaignFilters', 'V2025CertificationCampaignFilters']
slug: /tools/sdk/powershell/v2025/methods/certification-campaign-filters
tags: ['SDK', 'Software Development Kit', 'CertificationCampaignFilters', 'V2025CertificationCampaignFilters']
---
# CertificationCampaignFilters
Use this API to implement the certification campaign filter functionality. These filters can be used to create a certification campaign that includes a subset of your entitlements or users to certify.
For example, if for a certification campaign an organization wants to certify only specific users or entitlements, then those can be included/excluded on the basis of campaign filters.
For more information about creating a campaign filter, refer to [Creating a Campaign Filter](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#creating-a-campaign-filter)
You can create campaign filters using any of the following criteria types:
- Access Profile : This criteria type includes or excludes access profiles from a campaign.
- Account Attribute : This criteria type includes or excludes certification items that match a specified value in an account attribute.
- Entitlement : This criteria type includes or excludes entitlements from a campaign.
- Identity : This criteria type includes or excludes specific identities from your campaign.
- Identity Attribute : This criteria type includes or excludes identities based on whether they have an identity attribute that matches criteria you&#39;ve chosen.
- Role : This criteria type includes or excludes roles, as opposed to identities.
- Source : This criteria type includes or excludes entitlements from a source you select.
For more information about these criteria types, refer to [Types of Campaign Filters](https://documentation.sailpoint.com/saas/help/certs/campaign_filters.html#types-of-campaign-filters)
Once the campaign filter is created, it can be linked while creating the campaign. The generated campaign will have the items to review as per the campaign filter.
For example, An inclusion campaign filter is created with a source of Source 1, an operation of Equals, and an entitlement of Entitlement 1. When this filter is selected, only users who have Entitlement 1 are included in the campaign, and only Entitlement 1 is shown in the certification.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025CampaignFilter**](#create-campaign-filter) | **POST** `/campaign-filters` | Create Campaign Filter
[**Remove-V2025CampaignFilters**](#delete-campaign-filters) | **POST** `/campaign-filters/delete` | Deletes Campaign Filters
[**Get-V2025CampaignFilterById**](#get-campaign-filter-by-id) | **GET** `/campaign-filters/{id}` | Get Campaign Filter by ID
[**Get-V2025CampaignFilters**](#list-campaign-filters) | **GET** `/campaign-filters` | List Campaign Filters
[**Update-V2025CampaignFilter**](#update-campaign-filter) | **POST** `/campaign-filters/{id}` | Updates a Campaign Filter
## create-campaign-filter
Use this API to create a campaign filter based on filter details and criteria.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-campaign-filter)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CampaignFilterDetails | [**CampaignFilterDetails**](../models/campaign-filter-details) | True |
### Return type
[**CampaignFilterDetails**](../models/campaign-filter-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created successfully. | CampaignFilterDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CampaignFilterDetails = @"{
"owner" : "SailPoint Support",
"mode" : "INCLUSION",
"isSystemFilter" : false,
"name" : "Identity Attribute Campaign Filter",
"description" : "Campaign filter to certify data based on an identity attribute's specified property.",
"id" : "5ec18cef39020d6fd7a60ad3970aba61",
"criteriaList" : [ {
"type" : "IDENTITY_ATTRIBUTE",
"property" : "displayName",
"value" : "support",
"operation" : "CONTAINS",
"negateResult" : false,
"shortCircuit" : false,
"recordChildMatches" : false,
"suppressMatchedItems" : false
} ]
}"@
# Create Campaign Filter
try {
$Result = ConvertFrom-JsonToCampaignFilterDetails -Json $CampaignFilterDetails
New-V2025CampaignFilter -CampaignFilterDetails $Result
# Below is a request that includes all optional parameters
# New-V2025CampaignFilter -CampaignFilterDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025CampaignFilter"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-campaign-filters
Deletes campaign filters whose Ids are specified in the provided list of campaign filter Ids. Authorized callers must be an ORG_ADMIN or a CERT_ADMIN.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-campaign-filters)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | RequestBody | **[]String** | True | A json list of IDs of campaign filters to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RequestBody = "MyRequestBody" # String[] | A json list of IDs of campaign filters to delete.
$RequestBody = @""@ # String[] | A json list of IDs of campaign filters to delete.
# Deletes Campaign Filters
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Remove-V2025CampaignFilters -RequestBody $Result
# Below is a request that includes all optional parameters
# Remove-V2025CampaignFilters -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025CampaignFilters"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-campaign-filter-by-id
Retrieves information for an existing campaign filter using the filter's ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-campaign-filter-by-id)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the campaign filter to be retrieved.
### Return type
[**CampaignFilterDetails**](../models/campaign-filter-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A campaign filter object. | CampaignFilterDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "e9f9a1397b842fd5a65842087040d3ac" # String | The ID of the campaign filter to be retrieved.
# Get Campaign Filter by ID
try {
Get-V2025CampaignFilterById -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025CampaignFilterById -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CampaignFilterById"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-campaign-filters
Use this API to list all campaign filters. You can reduce scope with standard V3 query parameters.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-campaign-filters)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Start | **Int32** | (optional) (default to 0) | Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | IncludeSystemFilters | **Boolean** | (optional) (default to $true) | If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true.
### Return type
[**ListCampaignFilters200Response**](../models/list-campaign-filters200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of campaign filter objects. | ListCampaignFilters200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Start = 0 # Int32 | Start/Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$IncludeSystemFilters = $true # Boolean | If this is true, the API includes system filters in the count and results. Otherwise it excludes them. If no value is provided, the default is true. (optional) (default to $true)
# List Campaign Filters
try {
Get-V2025CampaignFilters
# Below is a request that includes all optional parameters
# Get-V2025CampaignFilters -Limit $Limit -Start $Start -IncludeSystemFilters $IncludeSystemFilters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CampaignFilters"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-campaign-filter
Updates an existing campaign filter using the filter's ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-campaign-filter)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | FilterId | **String** | True | The ID of the campaign filter being modified.
Body | CampaignFilterDetails | [**CampaignFilterDetails**](../models/campaign-filter-details) | True | A campaign filter details with updated field values.
### Return type
[**CampaignFilterDetails**](../models/campaign-filter-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created successfully. | CampaignFilterDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$FilterId = "e9f9a1397b842fd5a65842087040d3ac" # String | The ID of the campaign filter being modified.
$CampaignFilterDetails = @"{
"owner" : "SailPoint Support",
"mode" : "INCLUSION",
"isSystemFilter" : false,
"name" : "Identity Attribute Campaign Filter",
"description" : "Campaign filter to certify data based on an identity attribute's specified property.",
"id" : "5ec18cef39020d6fd7a60ad3970aba61",
"criteriaList" : [ {
"type" : "IDENTITY_ATTRIBUTE",
"property" : "displayName",
"value" : "support",
"operation" : "CONTAINS",
"negateResult" : false,
"shortCircuit" : false,
"recordChildMatches" : false,
"suppressMatchedItems" : false
} ]
}"@
# Updates a Campaign Filter
try {
$Result = ConvertFrom-JsonToCampaignFilterDetails -Json $CampaignFilterDetails
Update-V2025CampaignFilter -FilterId $FilterId -CampaignFilterDetails $Result
# Below is a request that includes all optional parameters
# Update-V2025CampaignFilter -FilterId $FilterId -CampaignFilterDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025CampaignFilter"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1471
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CertificationCampaignsApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

248
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CertificationSummariesApi.md Normal file
View File

@@ -0,0 +1,248 @@
---
id: v2025-certification-summaries
title: CertificationSummaries
pagination_label: CertificationSummaries
sidebar_label: CertificationSummaries
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'CertificationSummaries', 'V2025CertificationSummaries']
slug: /tools/sdk/powershell/v2025/methods/certification-summaries
tags: ['SDK', 'Software Development Kit', 'CertificationSummaries', 'V2025CertificationSummaries']
---
# CertificationSummaries
Use this API to implement certification summary functionality.
With this functionality in place, administrators and designated certification reviewers can review summaries of identity certification campaigns and draw conclusions about the campaigns&#39; scope, security, and effectiveness.
Implementing certification summary functionality improves organizations&#39; ability to review their [certifications](https://documentation.sailpoint.com/saas/user-help/certifications.html) and helps them satisfy audit and regulatory requirements by enabling them to trace access changes and the decisions made in their review processes.
A certification refers to Identity Security Cloud&#39;s mechanism for reviewing a user&#39;s access to entitlements (sets of permissions) and approving or removing that access.
These certifications serve as a way of showing that a user&#39;s access has been reviewed and approved.
Multiple certifications by different reviewers are often required to approve a user&#39;s access.
A set of multiple certifications is called a certification campaign.
For example, an organization may use a Manager Certification as a way of showing that a user&#39;s access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user&#39;s access has been reviewed and approved by multiple managers.
Once this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more.
Certification summaries provide information about identity certification campaigns such as the identities involved, the number of decisions made, and the access changed.
For example, an administrator or designated certification reviewer can examine the Manager Certification campaign to get an overview of how many entitlement decisions are made in that campaign as opposed to role decisions, which identities would be affected by changes to the campaign, and how those identities&#39; access would be affected.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025IdentityAccessSummaries**](#get-identity-access-summaries) | **GET** `/certifications/{id}/access-summaries/{type}` | Access Summaries
[**Get-V2025IdentityDecisionSummary**](#get-identity-decision-summary) | **GET** `/certifications/{id}/decision-summary` | Summary of Certification Decisions
[**Get-V2025IdentitySummaries**](#get-identity-summaries) | **GET** `/certifications/{id}/identity-summaries` | Identity Summaries for Campaign Certification
[**Get-V2025IdentitySummary**](#get-identity-summary) | **GET** `/certifications/{id}/identity-summaries/{identitySummaryId}` | Summary for Identity
## get-identity-access-summaries
This API returns a list of access summaries for the specified identity campaign certification and type. Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-access-summaries)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Path | Type | **String** | True | The type of access review item to retrieve summaries for
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **completed**: *eq, ne* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name**
### Return type
[**AccessSummary[]**](../models/access-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of access summaries | AccessSummary[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$Type = "ROLE" # String | The type of access review item to retrieve summaries for
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'access.id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **completed**: *eq, ne* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw* (optional)
$Sorters = "access.name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name** (optional)
# Access Summaries
try {
Get-V2025IdentityAccessSummaries -Id $Id -Type $Type
# Below is a request that includes all optional parameters
# Get-V2025IdentityAccessSummaries -Id $Id -Type $Type -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityAccessSummaries"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-decision-summary
This API returns a summary of the decisions made on an identity campaign certification. The decisions are summarized by type. Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-decision-summary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The certification ID
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **identitySummary.id**: *eq, in*
### Return type
[**IdentityCertDecisionSummary**](../models/identity-cert-decision-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of the decisions made | IdentityCertDecisionSummary
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification ID
$Filters = 'identitySummary.id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **identitySummary.id**: *eq, in* (optional)
# Summary of Certification Decisions
try {
Get-V2025IdentityDecisionSummary -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025IdentityDecisionSummary -Id $Id -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityDecisionSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-summaries
This API returns a list of the identity summaries for a specific identity campaign certification. Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-summaries)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **completed**: *eq, ne* **name**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
### Return type
[**CertificationIdentitySummary[]**](../models/certification-identity-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identity summaries | CertificationIdentitySummary[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **completed**: *eq, ne* **name**: *eq, sw* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
# Identity Summaries for Campaign Certification
try {
Get-V2025IdentitySummaries -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025IdentitySummaries -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentitySummaries"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-summary
This API returns the summary for an identity on a specified identity campaign certification. Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-summary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Path | IdentitySummaryId | **String** | True | The identity summary ID
### Return type
[**CertificationIdentitySummary**](../models/certification-identity-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity summary | CertificationIdentitySummary
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$IdentitySummaryId = "2c91808772a504f50172a9540e501ba8" # String | The identity summary ID
# Summary for Identity
try {
Get-V2025IdentitySummary -Id $Id -IdentitySummaryId $IdentitySummaryId
# Below is a request that includes all optional parameters
# Get-V2025IdentitySummary -Id $Id -IdentitySummaryId $IdentitySummaryId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentitySummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

659
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CertificationsApi.md Normal file
View File

@@ -0,0 +1,659 @@
---
id: v2025-certifications
title: Certifications
pagination_label: Certifications
sidebar_label: Certifications
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Certifications', 'V2025Certifications']
slug: /tools/sdk/powershell/v2025/methods/certifications
tags: ['SDK', 'Software Development Kit', 'Certifications', 'V2025Certifications']
---
# Certifications
Use this API to implement certification functionality.
With this functionality in place, administrators and designated certification reviewers can review users&#39; access certifications and decide whether to approve access, revoke it, or reassign the review to another reviewer.
Implementing certifications improves organizations&#39; data security by reducing inappropriate access through a distributed review process and helping them satisfy audit and regulatory requirements.
A certification refers to Identity Security Cloud&#39;s mechanism for reviewing a user&#39;s access to entitlements (sets of permissions) and approving or removing that access.
These serve as a way of showing that a user&#39;s access has been reviewed and approved.
Multiple certifications by different reviewers are often required to approve a user&#39;s access.
A set of multiple certifications is called a certification campaign.
For example, an organization may use a Manager Certification as a way of showing that a user&#39;s access has been reviewed and approved by their manager, or if the certification is part of a campaign, that the user&#39;s access has been reviewed and approved by multiple managers.
Once this certification has been completed, Identity Security Cloud would provision all the access the user needs, nothing more.
Organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers.
Those reviewers can select the &#39;Certifications&#39; tab to view any of the certifications they either need to review or have already reviewed under the &#39;Active&#39; and &#39;Completed&#39; tabs, respectively.
When a certification campaign is in progress, certification reviewers will see certifications listed under &#39;Active,&#39; where they can review the involved identities.
Under the &#39;Decision&#39; column on the right, next to each access item, reviewers can select the checkmark to approve access, select the &#39;X&#39; to revoke access, or they can toggle the &#39;More Options&#39; menu to reassign the certification to another reviewer and provide a reason for reassignment in the form of a comment.
Once a reviewer has made decisions on all the certification&#39;s involved access items, he or she must select &#39;Sign Off&#39; to complete the review process.
Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer&#39;s list of work items.
Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. In the remediation phase, identities&#39; entitlements are altered to remove any entitlements marked for revocation.
In this situation, the certification campaign completes once all the remediation requests are completed.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025CertificationTask**](#get-certification-task) | **GET** `/certification-tasks/{id}` | Certification Task by ID
[**Get-V2025IdentityCertification**](#get-identity-certification) | **GET** `/certifications/{id}` | Identity Certification by ID
[**Get-V2025IdentityCertificationItemPermissions**](#get-identity-certification-item-permissions) | **GET** `/certifications/{certificationId}/access-review-items/{itemId}/permissions` | Permissions for Entitlement Certification Item
[**Get-V2025PendingCertificationTasks**](#get-pending-certification-tasks) | **GET** `/certification-tasks` | List of Pending Certification Tasks
[**Get-V2025CertificationReviewers**](#list-certification-reviewers) | **GET** `/certifications/{id}/reviewers` | List of Reviewers for certification
[**Get-V2025IdentityAccessReviewItems**](#list-identity-access-review-items) | **GET** `/certifications/{id}/access-review-items` | List of Access Review Items
[**Get-V2025IdentityCertifications**](#list-identity-certifications) | **GET** `/certifications` | List Identity Campaign Certifications
[**Select-V2025IdentityDecision**](#make-identity-decision) | **POST** `/certifications/{id}/decide` | Decide on a Certification Item
[**Invoke-V2025ReassignIdentityCertifications**](#reassign-identity-certifications) | **POST** `/certifications/{id}/reassign` | Reassign Identities or Items
[**Invoke-V2025SignOffIdentityCertification**](#sign-off-identity-certification) | **POST** `/certifications/{id}/sign-off` | Finalize Identity Certification Decisions
[**Submit-V2025ReassignCertsAsync**](#submit-reassign-certs-async) | **POST** `/certifications/{id}/reassign-async` | Reassign Certifications Asynchronously
## get-certification-task
This API returns the certification task for the specified ID. Reviewers for the specified certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-certification-task)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The task ID
### Return type
[**CertificationTask**](../models/certification-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A certification task | CertificationTask
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "63b32151-26c0-42f4-9299-8898dc1c9daa" # String | The task ID
# Certification Task by ID
try {
Get-V2025CertificationTask -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025CertificationTask -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CertificationTask"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-certification
This API returns a single identity campaign certification by its ID. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-certification)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The certification id
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification object | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification id
# Identity Certification by ID
try {
Get-V2025IdentityCertification -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025IdentityCertification -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityCertification"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-certification-item-permissions
This API returns the permissions associated with an entitlement certification item based on the certification item's ID. Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-certification-item-permissions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | CertificationId | **String** | True | The certification ID
Path | ItemId | **String** | True | The certification item ID
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **target**: *eq, sw* **rights**: *ca* Supported composite operators: *and, or* All field values (second filter operands) are case-insensitive for this API. Only a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field. For example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22` The following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PermissionDto[]**](../models/permission-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of permissions associated with the given itemId | PermissionDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$CertificationId = "ef38f94347e94562b5bb8424a56397d8" # String | The certification ID
$ItemId = "2c91808671bcbab40171bd945d961227" # String | The certification item ID
$Filters = 'target eq "SYS.OBJAUTH2"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **target**: *eq, sw* **rights**: *ca* Supported composite operators: *and, or* All field values (second filter operands) are case-insensitive for this API. Only a single *and* or *or* composite filter operator may be used. It must also be used between a target filter and a rights filter, not between 2 filters for the same field. For example, the following is valid: `?filters=rights+ca+(%22CREATE%22)+and+target+eq+%22SYS.OBJAUTH2%22` The following is invalid: 1?filters=rights+ca+(%22CREATE%22)+and+rights+ca+(%SELECT%22)1 (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Permissions for Entitlement Certification Item
try {
Get-V2025IdentityCertificationItemPermissions -CertificationId $CertificationId -ItemId $ItemId
# Below is a request that includes all optional parameters
# Get-V2025IdentityCertificationItemPermissions -CertificationId $CertificationId -ItemId $ItemId -Filters $Filters -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityCertificationItemPermissions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-pending-certification-tasks
This API returns a list of pending (`QUEUED` or `IN_PROGRESS`) certification tasks. Any authenticated token can call this API, but only certification tasks you are authorized to review will be returned.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-pending-certification-tasks)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ReviewerIdentity | **String** | (optional) | The ID of reviewer identity. *me* indicates the current user.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **targetId**: *eq, in* **type**: *eq, in*
### Return type
[**CertificationTask[]**](../models/certification-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of pending certification tasks | CertificationTask[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ReviewerIdentity = "Ada.1de82e55078344" # String | The ID of reviewer identity. *me* indicates the current user. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'type eq "ADMIN_REASSIGN"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **targetId**: *eq, in* **type**: *eq, in* (optional)
# List of Pending Certification Tasks
try {
Get-V2025PendingCertificationTasks
# Below is a request that includes all optional parameters
# Get-V2025PendingCertificationTasks -ReviewerIdentity $ReviewerIdentity -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PendingCertificationTasks"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-certification-reviewers
This API returns a list of reviewers for the certification. Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-certification-reviewers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The certification ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **email**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, email**
### Return type
[**IdentityReferenceWithNameAndEmail[]**](../models/identity-reference-with-name-and-email)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of reviewers | IdentityReferenceWithNameAndEmail[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification ID
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "Bob"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **email**: *eq, sw* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, email** (optional)
# List of Reviewers for certification
try {
Get-V2025CertificationReviewers -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025CertificationReviewers -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CertificationReviewers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-access-review-items
This API returns a list of access review items for an identity campaign certification. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-access-review-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **type**: *eq* **access.type**: *eq* **completed**: *eq, ne* **identitySummary.id**: *eq, in* **identitySummary.name**: *eq, sw* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName**
Query | Entitlements | **String** | (optional) | Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs. An error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time.
Query | AccessProfiles | **String** | (optional) | Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs. An error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time.
Query | Roles | **String** | (optional) | Filter results to view access review items that pertain to any of the specified comma-separated role IDs. An error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time.
### Return type
[**AccessReviewItem[]**](../models/access-review-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of access review items | AccessReviewItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **type**: *eq* **access.type**: *eq* **completed**: *eq, ne* **identitySummary.id**: *eq, in* **identitySummary.name**: *eq, sw* **access.id**: *eq, in* **access.name**: *eq, sw* **entitlement.sourceName**: *eq, sw* **accessProfile.sourceName**: *eq, sw* (optional)
$Sorters = "access.name,-accessProfile.sourceName" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitySummary.name, access.name, access.type, entitlement.sourceName, accessProfile.sourceName** (optional)
$Entitlements = "identityEntitlement" # String | Filter results to view access review items that pertain to any of the specified comma-separated entitlement IDs. An error will occur if this param is used with **access-profiles** or **roles** as only one of these query params can be used at a time. (optional)
$AccessProfiles = "accessProfile1" # String | Filter results to view access review items that pertain to any of the specified comma-separated access-profle IDs. An error will occur if this param is used with **entitlements** or **roles** as only one of these query params can be used at a time. (optional)
$Roles = "userRole" # String | Filter results to view access review items that pertain to any of the specified comma-separated role IDs. An error will occur if this param is used with **entitlements** or **access-profiles** as only one of these query params can be used at a time. (optional)
# List of Access Review Items
try {
Get-V2025IdentityAccessReviewItems -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025IdentityAccessReviewItems -Id $Id -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters -Entitlements $Entitlements -AccessProfiles $AccessProfiles -Roles $Roles
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityAccessReviewItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-certifications
Use this API to get a list of identity campaign certifications for the specified query parameters. Any authenticated token can call this API, but only certifications you are authorized to review will be returned. This API does not support requests for certifications assigned to governance groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-certifications)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | ReviewerIdentity | **String** | (optional) | Reviewer's identity. *me* indicates the current user.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **campaign.id**: *eq, in* **phase**: *eq* **completed**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, due, signed**
### Return type
[**IdentityCertificationDto[]**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identity campaign certifications. | IdentityCertificationDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ReviewerIdentity = "me" # String | Reviewer's identity. *me* indicates the current user. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **campaign.id**: *eq, in* **phase**: *eq* **completed**: *eq* (optional)
$Sorters = "name,due" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, due, signed** (optional)
# List Identity Campaign Certifications
try {
Get-V2025IdentityCertifications
# Below is a request that includes all optional parameters
# Get-V2025IdentityCertifications -ReviewerIdentity $ReviewerIdentity -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityCertifications"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## make-identity-decision
The API makes a decision to approve or revoke one or more identity campaign certification items. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/make-identity-decision)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the identity campaign certification on which to make decisions
Body | ReviewDecision | [**[]ReviewDecision**](../models/review-decision) | True | A non-empty array of decisions to be made.
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification object | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the identity campaign certification on which to make decisions
$ReviewDecision = @"{
"comments" : "This user no longer needs access to this source",
"decision" : "APPROVE",
"proposedEndDate" : "2017-07-11T18:45:37.098Z",
"recommendation" : {
"reasons" : [ "Reason 1", "Reason 2" ],
"recommendation" : "recommendation",
"timestamp" : "2020-06-01T13:49:37.385Z"
},
"id" : "ef38f94347e94562b5bb8424a56397d8",
"bulk" : true
}"@ # ReviewDecision[] | A non-empty array of decisions to be made.
# Decide on a Certification Item
try {
$Result = ConvertFrom-JsonToReviewDecision -Json $ReviewDecision
Select-V2025IdentityDecision -Id $Id -ReviewDecision $Result
# Below is a request that includes all optional parameters
# Select-V2025IdentityDecision -Id $Id -ReviewDecision $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Select-V2025IdentityDecision"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reassign-identity-certifications
This API reassigns up to 50 identities or items in an identity campaign certification to another reviewer. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/reassign-identity-certifications)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Body | ReviewReassign | [**ReviewReassign**](../models/review-reassign) | True |
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification details after completing the reassignment. | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$ReviewReassign = @"{
"reason" : "reassigned for some reason",
"reassignTo" : "ef38f94347e94562b5bb8424a56397d8",
"reassign" : [ {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
}, {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
} ]
}"@
# Reassign Identities or Items
try {
$Result = ConvertFrom-JsonToReviewReassign -Json $ReviewReassign
Invoke-V2025ReassignIdentityCertifications -Id $Id -ReviewReassign $Result
# Below is a request that includes all optional parameters
# Invoke-V2025ReassignIdentityCertifications -Id $Id -ReviewReassign $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025ReassignIdentityCertifications"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## sign-off-identity-certification
This API finalizes all decisions made on an identity campaign certification and initiates any remediations required. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/sign-off-identity-certification)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
### Return type
[**IdentityCertificationDto**](../models/identity-certification-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity campaign certification object | IdentityCertificationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
# Finalize Identity Certification Decisions
try {
Invoke-V2025SignOffIdentityCertification -Id $Id
# Below is a request that includes all optional parameters
# Invoke-V2025SignOffIdentityCertification -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025SignOffIdentityCertification"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-reassign-certs-async
This API initiates a task to reassign up to 500 identities or items in an identity campaign certification to another
reviewer. The `certification-tasks` API can be used to get an updated status on the task and determine when the
reassignment is complete.
Reviewers for this certification can also call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/submit-reassign-certs-async)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity campaign certification ID
Body | ReviewReassign | [**ReviewReassign**](../models/review-reassign) | True |
### Return type
[**CertificationTask**](../models/certification-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A certification task object for the reassignment which can be queried for status. | CertificationTask
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The identity campaign certification ID
$ReviewReassign = @"{
"reason" : "reassigned for some reason",
"reassignTo" : "ef38f94347e94562b5bb8424a56397d8",
"reassign" : [ {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
}, {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "ITEM"
} ]
}"@
# Reassign Certifications Asynchronously
try {
$Result = ConvertFrom-JsonToReviewReassign -Json $ReviewReassign
Submit-V2025ReassignCertsAsync -Id $Id -ReviewReassign $Result
# Below is a request that includes all optional parameters
# Submit-V2025ReassignCertsAsync -Id $Id -ReviewReassign $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-V2025ReassignCertsAsync"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1076
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ConfigurationHubApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

312
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ConnectorCustomizersApi.md Normal file
View File

@@ -0,0 +1,312 @@
---
id: v2025-connector-customizers
title: ConnectorCustomizers
pagination_label: ConnectorCustomizers
sidebar_label: ConnectorCustomizers
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ConnectorCustomizers', 'V2025ConnectorCustomizers']
slug: /tools/sdk/powershell/v2025/methods/connector-customizers
tags: ['SDK', 'Software Development Kit', 'ConnectorCustomizers', 'V2025ConnectorCustomizers']
---
# ConnectorCustomizers
Saas Connectivity Customizers are cloud-based connector customizers. The customizers allow you to customize the out of the box connectors in a similar way to how you can use rules to customize VA (virtual appliance) based connectors.
Use these APIs to implement connector customizers functionality.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ConnectorCustomizer**](#create-connector-customizer) | **POST** `/connector-customizers` | Create Connector Customizer
[**New-V2025ConnectorCustomizerVersion**](#create-connector-customizer-version) | **POST** `/connector-customizers/{id}/versions` | Creates a connector customizer version
[**Remove-V2025ConnectorCustomizer**](#delete-connector-customizer) | **DELETE** `/connector-customizers/{id}` | Delete Connector Customizer
[**Get-V2025ConnectorCustomizer**](#get-connector-customizer) | **GET** `/connector-customizers/{id}` | Get connector customizer
[**Get-V2025ConnectorCustomizers**](#list-connector-customizers) | **GET** `/connector-customizers` | List All Connector Customizers
[**Send-V2025ConnectorCustomizer**](#put-connector-customizer) | **PUT** `/connector-customizers/{id}` | Update Connector Customizer
## create-connector-customizer
Create a connector customizer.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-connector-customizer)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ConnectorCustomizerCreateRequest | [**ConnectorCustomizerCreateRequest**](../models/connector-customizer-create-request) | True | Connector customizer to create.
### Return type
[**ConnectorCustomizerCreateResponse**](../models/connector-customizer-create-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created connector customizer. | ConnectorCustomizerCreateResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ConnectorCustomizerCreateRequest = @"{
"name" : "My Custom Connector"
}"@
# Create Connector Customizer
try {
$Result = ConvertFrom-JsonToConnectorCustomizerCreateRequest -Json $ConnectorCustomizerCreateRequest
New-V2025ConnectorCustomizer -ConnectorCustomizerCreateRequest $Result
# Below is a request that includes all optional parameters
# New-V2025ConnectorCustomizer -ConnectorCustomizerCreateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ConnectorCustomizer"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-connector-customizer-version
Creates a new version for the customizer.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-connector-customizer-version)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The id of the connector customizer.
### Return type
[**ConnectorCustomizerVersionCreateResponse**](../models/connector-customizer-version-create-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The created connector customizer version object. | ConnectorCustomizerVersionCreateResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "b07dc46a-1498-4de8-bfbb-259a68e70c8a" # String | The id of the connector customizer.
# Creates a connector customizer version
try {
New-V2025ConnectorCustomizerVersion -Id $Id
# Below is a request that includes all optional parameters
# New-V2025ConnectorCustomizerVersion -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ConnectorCustomizerVersion"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-connector-customizer
Delete the connector customizer for the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-connector-customizer)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the connector customizer to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "b07dc46a-1498-4de8-bfbb-259a68e70c8a" # String | ID of the connector customizer to delete.
# Delete Connector Customizer
try {
Remove-V2025ConnectorCustomizer -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ConnectorCustomizer -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ConnectorCustomizer"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-customizer
Gets connector customizer by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-customizer)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the connector customizer to get.
### Return type
[**ConnectorCustomizersResponse**](../models/connector-customizers-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Connector customizer with the given ID. | ConnectorCustomizersResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "b07dc46a-1498-4de8-bfbb-259a68e70c8a" # String | ID of the connector customizer to get.
# Get connector customizer
try {
Get-V2025ConnectorCustomizer -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ConnectorCustomizer -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorCustomizer"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-connector-customizers
List all connector customizers.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-connector-customizers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ConnectorCustomizersResponse[]**](../models/connector-customizers-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List all connector customizers. | ConnectorCustomizersResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
# List All Connector Customizers
try {
Get-V2025ConnectorCustomizers
# Below is a request that includes all optional parameters
# Get-V2025ConnectorCustomizers -Offset $Offset -Limit $Limit
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorCustomizers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-customizer
Update an existing connector customizer with the one provided in the request body. These fields are immutable: `id`, `name`, `type`.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-connector-customizer)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the connector customizer to update.
Body | ConnectorCustomizerUpdateRequest | [**ConnectorCustomizerUpdateRequest**](../models/connector-customizer-update-request) | (optional) | Connector rule with updated data.
### Return type
[**ConnectorCustomizerUpdateResponse**](../models/connector-customizer-update-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated connector customizer. | ConnectorCustomizerUpdateResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "b07dc46a-1498-4de8-bfbb-259a68e70c8a" # String | ID of the connector customizer to update.
$ConnectorCustomizerUpdateRequest = @"{
"name" : "My Custom Connector"
}"@
# Update Connector Customizer
try {
Send-V2025ConnectorCustomizer -Id $Id
# Below is a request that includes all optional parameters
# Send-V2025ConnectorCustomizer -Id $Id -ConnectorCustomizerUpdateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ConnectorCustomizer"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

368
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ConnectorRuleManagementApi.md Normal file
View File

@@ -0,0 +1,368 @@
---
id: v2025-connector-rule-management
title: ConnectorRuleManagement
pagination_label: ConnectorRuleManagement
sidebar_label: ConnectorRuleManagement
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ConnectorRuleManagement', 'V2025ConnectorRuleManagement']
slug: /tools/sdk/powershell/v2025/methods/connector-rule-management
tags: ['SDK', 'Software Development Kit', 'ConnectorRuleManagement', 'V2025ConnectorRuleManagement']
---
# ConnectorRuleManagement
Use this API to implement connector rule management functionality.
With this functionality in place, administrators can implement connector-executed rules in a programmatic, scalable way.
In Identity Security Cloud (ISC), [rules](https://developer.sailpoint.com/docs/extensibility/rules) serve as a flexible configuration framework you can leverage to perform complex or advanced configurations.
[Connector-executed rules](https://developer.sailpoint.com/docs/extensibility/rules/connector-rules) are rules that are executed in the ISC virtual appliance (VA), usually extensions of the [connector](https://documentation.sailpoint.com/connectors/isc/landingpages/help/landingpages/isc_landing.html) itself, the bridge between the data source and ISC.
This API allows administrators to view existing connector-executed rules, make changes to them, delete them, and create new ones from the available types.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ConnectorRule**](#create-connector-rule) | **POST** `/connector-rules` | Create Connector Rule
[**Remove-V2025ConnectorRule**](#delete-connector-rule) | **DELETE** `/connector-rules/{id}` | Delete Connector Rule
[**Get-V2025ConnectorRule**](#get-connector-rule) | **GET** `/connector-rules/{id}` | Get Connector Rule
[**Get-V2025ConnectorRuleList**](#get-connector-rule-list) | **GET** `/connector-rules` | List Connector Rules
[**Send-V2025ConnectorRule**](#put-connector-rule) | **PUT** `/connector-rules/{id}` | Update Connector Rule
[**Test-V2025ConnectorRule**](#test-connector-rule) | **POST** `/connector-rules/validate` | Validate Connector Rule
## create-connector-rule
Create a connector rule from the available types.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-connector-rule)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ConnectorRuleCreateRequest | [**ConnectorRuleCreateRequest**](../models/connector-rule-create-request) | True | Connector rule to create.
### Return type
[**ConnectorRuleResponse**](../models/connector-rule-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created connector rule. | ConnectorRuleResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ConnectorRuleCreateRequest = @"{
"sourceCode" : {
"version" : "1.0",
"script" : "return \"Mr. \" + firstName;"
},
"signature" : {
"output" : {
"name" : "firstName",
"description" : "the first name of the identity",
"type" : "String"
},
"input" : [ {
"name" : "firstName",
"description" : "the first name of the identity",
"type" : "String"
}, {
"name" : "firstName",
"description" : "the first name of the identity",
"type" : "String"
} ]
},
"name" : "WebServiceBeforeOperationRule",
"description" : "This rule does that",
"attributes" : { },
"type" : "BuildMap"
}"@
# Create Connector Rule
try {
$Result = ConvertFrom-JsonToConnectorRuleCreateRequest -Json $ConnectorRuleCreateRequest
New-V2025ConnectorRule -ConnectorRuleCreateRequest $Result
# Below is a request that includes all optional parameters
# New-V2025ConnectorRule -ConnectorRuleCreateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ConnectorRule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-connector-rule
Delete the connector rule for the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-connector-rule)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the connector rule to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | ID of the connector rule to delete.
# Delete Connector Rule
try {
Remove-V2025ConnectorRule -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ConnectorRule -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ConnectorRule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-rule
Get a connector rule by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-rule)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the connector rule to get.
### Return type
[**ConnectorRuleResponse**](../models/connector-rule-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Connector rule with the given ID. | ConnectorRuleResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | ID of the connector rule to get.
# Get Connector Rule
try {
Get-V2025ConnectorRule -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ConnectorRule -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorRule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-rule-list
List existing connector rules.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-rule-list)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ConnectorRuleResponse[]**](../models/connector-rule-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of connector rules. | ConnectorRuleResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Connector Rules
try {
Get-V2025ConnectorRuleList
# Below is a request that includes all optional parameters
# Get-V2025ConnectorRuleList -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorRuleList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-rule
Update an existing connector rule with the one provided in the request body. These fields are immutable: `id`, `name`, `type`
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-connector-rule)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the connector rule to update.
Body | ConnectorRuleUpdateRequest | [**ConnectorRuleUpdateRequest**](../models/connector-rule-update-request) | (optional) | Connector rule with updated data.
### Return type
[**ConnectorRuleResponse**](../models/connector-rule-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated connector rule. | ConnectorRuleResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | ID of the connector rule to update.
$ConnectorRuleUpdateRequest = @"{
"sourceCode" : {
"version" : "1.0",
"script" : "return \"Mr. \" + firstName;"
},
"signature" : {
"output" : {
"name" : "firstName",
"description" : "the first name of the identity",
"type" : "String"
},
"input" : [ {
"name" : "firstName",
"description" : "the first name of the identity",
"type" : "String"
}, {
"name" : "firstName",
"description" : "the first name of the identity",
"type" : "String"
} ]
},
"name" : "WebServiceBeforeOperationRule",
"description" : "This rule does that",
"attributes" : { },
"id" : "8113d48c0b914f17b4c6072d4dcb9dfe",
"type" : "BuildMap"
}"@
# Update Connector Rule
try {
Send-V2025ConnectorRule -Id $Id
# Below is a request that includes all optional parameters
# Send-V2025ConnectorRule -Id $Id -ConnectorRuleUpdateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ConnectorRule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-connector-rule
Detect issues within the connector rule's code to fix and list them.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/test-connector-rule)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SourceCode | [**SourceCode**](../models/source-code) | True | Code to validate.
### Return type
[**ConnectorRuleValidationResponse**](../models/connector-rule-validation-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the code&#39;s eligibility as a connector rule. | ConnectorRuleValidationResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$SourceCode = @"{
"version" : "1.0",
"script" : "return \"Mr. \" + firstName;"
}"@
# Validate Connector Rule
try {
$Result = ConvertFrom-JsonToSourceCode -Json $SourceCode
Test-V2025ConnectorRule -SourceCode $Result
# Below is a request that includes all optional parameters
# Test-V2025ConnectorRule -SourceCode $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-V2025ConnectorRule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

692
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ConnectorsApi.md Normal file
View File

@@ -0,0 +1,692 @@
---
id: v2025-connectors
title: Connectors
pagination_label: Connectors
sidebar_label: Connectors
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Connectors', 'V2025Connectors']
slug: /tools/sdk/powershell/v2025/methods/connectors
tags: ['SDK', 'Software Development Kit', 'Connectors', 'V2025Connectors']
---
# Connectors
Use this API to implement connector functionality.
With this functionality in place, administrators can view available connectors.
Connectors are the bridges Identity Security Cloud uses to communicate with and aggregate data from sources.
For example, if it is necessary to set up a connection between Identity Security Cloud and the Active Directory source, a connector can bridge the two and enable Identity Security Cloud to synchronize data between the systems.
This ensures account entitlements and states are correct throughout the organization.
In Identity Security Cloud, administrators can use the Connections drop-down menu and select Sources to view the available source connectors.
Refer to [Identity Security Cloud Connectors](https://documentation.sailpoint.com/connectors/identitynow/landingpages/help/landingpages/identitynow_connectivity_landing.html) for more information about the connectors available in Identity Security Cloud.
Refer to [SaaS Connectivity](https://developer.sailpoint.com/docs/connectivity/saas-connectivity/) for more information about the SaaS custom connectors that do not need VAs (virtual appliances) to communicate with their sources.
Refer to [Managing Sources](https://documentation.sailpoint.com/saas/help/sources/managing_sources.html) for more information about using connectors in Identity Security Cloud.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025CustomConnector**](#create-custom-connector) | **POST** `/connectors` | Create Custom Connector
[**Remove-V2025CustomConnector**](#delete-custom-connector) | **DELETE** `/connectors/{scriptName}` | Delete Connector by Script Name
[**Get-V2025Connector**](#get-connector) | **GET** `/connectors/{scriptName}` | Get Connector by Script Name
[**Get-V2025ConnectorCorrelationConfig**](#get-connector-correlation-config) | **GET** `/connectors/{scriptName}/correlation-config` | Get Connector Correlation Configuration
[**Get-V2025ConnectorList**](#get-connector-list) | **GET** `/connectors` | Get Connector List
[**Get-V2025ConnectorSourceConfig**](#get-connector-source-config) | **GET** `/connectors/{scriptName}/source-config` | Get Connector Source Configuration
[**Get-V2025ConnectorSourceTemplate**](#get-connector-source-template) | **GET** `/connectors/{scriptName}/source-template` | Get Connector Source Template
[**Get-V2025ConnectorTranslations**](#get-connector-translations) | **GET** `/connectors/{scriptName}/translations/{locale}` | Get Connector Translations
[**Send-V2025ConnectorCorrelationConfig**](#put-connector-correlation-config) | **PUT** `/connectors/{scriptName}/correlation-config` | Update Connector Correlation Configuration
[**Send-V2025ConnectorSourceConfig**](#put-connector-source-config) | **PUT** `/connectors/{scriptName}/source-config` | Update Connector Source Configuration
[**Send-V2025ConnectorSourceTemplate**](#put-connector-source-template) | **PUT** `/connectors/{scriptName}/source-template` | Update Connector Source Template
[**Send-V2025ConnectorTranslations**](#put-connector-translations) | **PUT** `/connectors/{scriptName}/translations/{locale}` | Update Connector Translations
[**Update-V2025Connector**](#update-connector) | **PATCH** `/connectors/{scriptName}` | Update Connector by Script Name
## create-custom-connector
Create custom connector.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-custom-connector)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | V3CreateConnectorDto | [**V3CreateConnectorDto**](../models/v3-create-connector-dto) | True |
### Return type
[**V3ConnectorDto**](../models/v3-connector-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Connector Dto object | V3ConnectorDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$V3CreateConnectorDto = @"{
"name" : "custom connector",
"directConnect" : true,
"className" : "sailpoint.connector.OpenConnectorAdapter",
"type" : "custom connector type",
"status" : "RELEASED"
}"@
# Create Custom Connector
try {
$Result = ConvertFrom-JsonToV3CreateConnectorDto -Json $V3CreateConnectorDto
New-V2025CustomConnector -V3CreateConnectorDto $Result
# Below is a request that includes all optional parameters
# New-V2025CustomConnector -V3CreateConnectorDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025CustomConnector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-custom-connector
Delete a custom connector that using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-custom-connector)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# Delete Connector by Script Name
try {
Remove-V2025CustomConnector -ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Remove-V2025CustomConnector -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025CustomConnector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector
Fetches a connector that using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
Query | Locale | **String** | (optional) | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
[**ConnectorDetail**](../models/connector-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Connector Dto object | ConnectorDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en"" (optional)
# Get Connector by Script Name
try {
Get-V2025Connector -ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-V2025Connector -ScriptName $ScriptName -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Connector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-correlation-config
Fetches a connector's correlation config using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-correlation-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s correlation config | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/xml, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
# Get Connector Correlation Configuration
try {
Get-V2025ConnectorCorrelationConfig -ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-V2025ConnectorCorrelationConfig -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorCorrelationConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-list
Fetches list of connectors that have 'RELEASED' status using filtering and pagination.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-list)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw, co* **type**: *sw, co, eq* **directConnect**: *eq* **category**: *eq* **features**: *ca* **labels**: *ca*
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Locale | **String** | (optional) | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
[**V3ConnectorDto[]**](../models/v3-connector-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Connector Dto object | V3ConnectorDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Filters = 'directConnect eq "true"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw, co* **type**: *sw, co, eq* **directConnect**: *eq* **category**: *eq* **features**: *ca* **labels**: *ca* (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en"" (optional)
# Get Connector List
try {
Get-V2025ConnectorList
# Below is a request that includes all optional parameters
# Get-V2025ConnectorList -Filters $Filters -Limit $Limit -Offset $Offset -Count $Count -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-source-config
Fetches a connector's source config using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-source-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s source template | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/xml, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# Get Connector Source Configuration
try {
Get-V2025ConnectorSourceConfig -ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-V2025ConnectorSourceConfig -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorSourceConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-source-template
Fetches a connector's source template using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-source-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s source template | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/xml, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
# Get Connector Source Template
try {
Get-V2025ConnectorSourceTemplate -ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-V2025ConnectorSourceTemplate -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorSourceTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-connector-translations
Fetches a connector's translations using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-connector-translations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
Path | Locale | **String** | True | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s translations | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/plain, application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en""
# Get Connector Translations
try {
Get-V2025ConnectorTranslations -ScriptName $ScriptName -Locale $Locale
# Below is a request that includes all optional parameters
# Get-V2025ConnectorTranslations -ScriptName $ScriptName -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ConnectorTranslations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-correlation-config
Update a connector's correlation config using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-connector-correlation-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
| File | **System.IO.FileInfo** | True | connector correlation config xml file
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
$File = # System.IO.FileInfo | connector correlation config xml file
# Update Connector Correlation Configuration
try {
Send-V2025ConnectorCorrelationConfig -ScriptName $ScriptName -File $File
# Below is a request that includes all optional parameters
# Send-V2025ConnectorCorrelationConfig -ScriptName $ScriptName -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ConnectorCorrelationConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-source-config
Update a connector's source config using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-connector-source-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
| File | **System.IO.FileInfo** | True | connector source config xml file
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$File = # System.IO.FileInfo | connector source config xml file
# Update Connector Source Configuration
try {
Send-V2025ConnectorSourceConfig -ScriptName $ScriptName -File $File
# Below is a request that includes all optional parameters
# Send-V2025ConnectorSourceConfig -ScriptName $ScriptName -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ConnectorSourceConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-source-template
Update a connector's source template using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-connector-source-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
| File | **System.IO.FileInfo** | True | connector source template xml file
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$File = # System.IO.FileInfo | connector source template xml file
# Update Connector Source Template
try {
Send-V2025ConnectorSourceTemplate -ScriptName $ScriptName -File $File
# Below is a request that includes all optional parameters
# Send-V2025ConnectorSourceTemplate -ScriptName $ScriptName -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ConnectorSourceTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-connector-translations
Update a connector's translations using its script name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-connector-translations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
Path | Locale | **String** | True | The locale to apply to the config. If no viable locale is given, it will default to ""en""
### Return type
[**UpdateDetail**](../models/update-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The connector&#39;s update detail | UpdateDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. Scriptname is the unique id generated at connector creation.
$Locale = "de" # String | The locale to apply to the config. If no viable locale is given, it will default to ""en""
# Update Connector Translations
try {
Send-V2025ConnectorTranslations -ScriptName $ScriptName -Locale $Locale
# Below is a request that includes all optional parameters
# Send-V2025ConnectorTranslations -ScriptName $ScriptName -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ConnectorTranslations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-connector
This API updates a custom connector by script name using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable:
* connectorMetadata
* applicationXml
* correlationConfigXml
* sourceConfigXml
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-connector)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of connector detail update operations
### Return type
[**ConnectorDetail**](../models/connector-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A updated Connector Dto object | ConnectorDetail
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the connector. ScriptName is the unique id generated at connector creation.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of connector detail update operations
# Update Connector by Script Name
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025Connector -ScriptName $ScriptName -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025Connector -ScriptName $ScriptName -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Connector"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1067
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CustomFormsApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

189
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025CustomPasswordInstructionsApi.md Normal file
View File

@@ -0,0 +1,189 @@
---
id: v2025-custom-password-instructions
title: CustomPasswordInstructions
pagination_label: CustomPasswordInstructions
sidebar_label: CustomPasswordInstructions
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'CustomPasswordInstructions', 'V2025CustomPasswordInstructions']
slug: /tools/sdk/powershell/v2025/methods/custom-password-instructions
tags: ['SDK', 'Software Development Kit', 'CustomPasswordInstructions', 'V2025CustomPasswordInstructions']
---
# CustomPasswordInstructions
Use this API to implement custom password instruction functionality.
With this functionality in place, administrators can create custom password instructions to help users reset their passwords, change them, unlock their accounts, or recover their usernames.
This allows administrators to emphasize password policies or provide organization-specific instructions.
Administrators must first use [Update Password Org Config](https://developer.sailpoint.com/docs/api/v2025/put-password-org-config/) to set &#x60;customInstructionsEnabled&#x60; to &#x60;true&#x60;.
Once they have enabled custom instructions, they can use [Create Custom Password Instructions](https://developer.sailpoint.com/docs/api/v2025/create-custom-password-instructions/) to create custom page content for the specific pageId they select.
For example, an administrator can use the pageId forget-username:user-email to set the custom text for the case when users forget their usernames and must enter their emails.
Refer to [Creating Custom Instruction Text](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html#creating-custom-instruction-text) for more information about creating custom password instructions.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025CustomPasswordInstructions**](#create-custom-password-instructions) | **POST** `/custom-password-instructions` | Create Custom Password Instructions
[**Remove-V2025CustomPasswordInstructions**](#delete-custom-password-instructions) | **DELETE** `/custom-password-instructions/{pageId}` | Delete Custom Password Instructions by page ID
[**Get-V2025CustomPasswordInstructions**](#get-custom-password-instructions) | **GET** `/custom-password-instructions/{pageId}` | Get Custom Password Instructions by Page ID
## create-custom-password-instructions
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API creates the custom password instructions for the specified page ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-custom-password-instructions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | CustomPasswordInstruction | [**CustomPasswordInstruction**](../models/custom-password-instruction) | True |
### Return type
[**CustomPasswordInstruction**](../models/custom-password-instruction)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the custom password instructions. | CustomPasswordInstruction
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CustomPasswordInstruction = @"{
"pageContent" : "Please enter a new password. Your password must be at least 8 characters long and contain at least one number and one letter.",
"pageId" : "change-password:enter-password",
"locale" : "en"
}"@
# Create Custom Password Instructions
try {
$Result = ConvertFrom-JsonToCustomPasswordInstruction -Json $CustomPasswordInstruction
New-V2025CustomPasswordInstructions -XSailPointExperimental $XSailPointExperimental -CustomPasswordInstruction $Result
# Below is a request that includes all optional parameters
# New-V2025CustomPasswordInstructions -XSailPointExperimental $XSailPointExperimental -CustomPasswordInstruction $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025CustomPasswordInstructions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-custom-password-instructions
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API delete the custom password instructions for the specified page ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-custom-password-instructions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | PageId | **String** | True | The page ID of custom password instructions to delete.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Locale | **String** | (optional) | The locale for the custom instructions, a BCP47 language tag. The default value is \""default\"".
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$PageId = "change-password:enter-password" # String | The page ID of custom password instructions to delete.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Locale = "MyLocale" # String | The locale for the custom instructions, a BCP47 language tag. The default value is \""default\"". (optional)
# Delete Custom Password Instructions by page ID
try {
Remove-V2025CustomPasswordInstructions -PageId $PageId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025CustomPasswordInstructions -PageId $PageId -XSailPointExperimental $XSailPointExperimental -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025CustomPasswordInstructions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-custom-password-instructions
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the custom password instructions for the specified page ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-custom-password-instructions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | PageId | **String** | True | The page ID of custom password instructions to query.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Locale | **String** | (optional) | The locale for the custom instructions, a BCP47 language tag. The default value is \""default\"".
### Return type
[**CustomPasswordInstruction**](../models/custom-password-instruction)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the custom password instructions. | CustomPasswordInstruction
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$PageId = "change-password:enter-password" # String | The page ID of custom password instructions to query.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Locale = "MyLocale" # String | The locale for the custom instructions, a BCP47 language tag. The default value is \""default\"". (optional)
# Get Custom Password Instructions by Page ID
try {
Get-V2025CustomPasswordInstructions -PageId $PageId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025CustomPasswordInstructions -PageId $PageId -XSailPointExperimental $XSailPointExperimental -Locale $Locale
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CustomPasswordInstructions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

458
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025DataSegmentationApi.md Normal file
View File

@@ -0,0 +1,458 @@
---
id: v2025-data-segmentation
title: DataSegmentation
pagination_label: DataSegmentation
sidebar_label: DataSegmentation
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'DataSegmentation', 'V2025DataSegmentation']
slug: /tools/sdk/powershell/v2025/methods/data-segmentation
tags: ['SDK', 'Software Development Kit', 'DataSegmentation', 'V2025DataSegmentation']
---
# DataSegmentation
This service is responsible for creating segments that will determine how access is delegated to identities
withing the organization.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025DataSegment**](#create-data-segment) | **POST** `/data-segments` | Create Segment
[**Remove-V2025DataSegment**](#delete-data-segment) | **DELETE** `/data-segments/{segmentId}` | Delete Segment by ID
[**Get-V2025DataSegment**](#get-data-segment) | **GET** `/data-segments/{segmentId}` | Get Segment by ID
[**Get-V2025DataSegmentIdentityMembership**](#get-data-segment-identity-membership) | **GET** `/data-segments/membership/{identityId}` | Get SegmentMembership by Identity ID
[**Get-V2025DataSegmentationEnabledForUser**](#get-data-segmentation-enabled-for-user) | **GET** `/data-segments/user-enabled/{identityId}` | Is Segmentation enabled by Identity
[**Get-V2025DataSegments**](#list-data-segments) | **GET** `/data-segments` | Get Segments
[**Update-V2025DataSegment**](#patch-data-segment) | **PATCH** `/data-segments/{segmentId}` | Update Segment
[**Publish-V2025DataSegment**](#publish-data-segment) | **POST** `/data-segments/{segmentId}` | Publish segment by ID
## create-data-segment
This API creates a segment.
>**Note:** Segment definitions may take time to propagate to all identities.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-data-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | DataSegment | [**DataSegment**](../models/data-segment) | True |
### Return type
[**DataSegment**](../models/data-segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Segment created | DataSegment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$DataSegment = @""@
# Create Segment
try {
$Result = ConvertFrom-JsonToDataSegment -Json $DataSegment
New-V2025DataSegment -DataSegment $Result
# Below is a request that includes all optional parameters
# New-V2025DataSegment -DataSegment $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025DataSegment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-data-segment
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API deletes the segment specified by the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-data-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to delete.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Published | **Boolean** | (optional) (default to $false) | This determines which version of the segment to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The segment ID to delete.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Published = $false # Boolean | This determines which version of the segment to delete (optional) (default to $false)
# Delete Segment by ID
try {
Remove-V2025DataSegment -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025DataSegment -Id $Id -XSailPointExperimental $XSailPointExperimental -Published $Published
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025DataSegment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-data-segment
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the segment specified by the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-data-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to retrieve.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**DataSegment**](../models/data-segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Segment | DataSegment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The segment ID to retrieve.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Segment by ID
try {
Get-V2025DataSegment -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025DataSegment -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DataSegment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-data-segment-identity-membership
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the segment membership specified by the given identity ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-data-segment-identity-membership)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | The identity ID to retrieve the segments they are in.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Segment Memberships for specified identity | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The identity ID to retrieve the segments they are in.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get SegmentMembership by Identity ID
try {
Get-V2025DataSegmentIdentityMembership -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025DataSegmentIdentityMembership -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DataSegmentIdentityMembership"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-data-segmentation-enabled-for-user
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns whether or not segmentation is enabled for the identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-data-segmentation-enabled-for-user)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | The identity ID to retrieve if segmentation is enabled for the identity.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
**Boolean**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returns if segmentation is enabled for a specified User | Boolean
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The identity ID to retrieve if segmentation is enabled for the identity.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Is Segmentation enabled by Identity
try {
Get-V2025DataSegmentationEnabledForUser -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025DataSegmentationEnabledForUser -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DataSegmentationEnabledForUser"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-data-segments
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the segment specified by the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-data-segments)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Enabled | **Boolean** | (optional) (default to $true) | This boolean indicates whether the segment is currently active. Inactive segments have no effect.
Query | Unique | **Boolean** | (optional) (default to $false) | This returns only one record if set to true and that would be the published record if exists.
Query | Published | **Boolean** | (optional) (default to $true) | This boolean indicates whether the segment is being applied to the accounts. If unpublished its being actively modified until published
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **name**: *eq, in, sw*
### Return type
[**DataSegment[]**](../models/data-segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all segments | DataSegment[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Enabled = $true # Boolean | This boolean indicates whether the segment is currently active. Inactive segments have no effect. (optional) (default to $true)
$Unique = $false # Boolean | This returns only one record if set to true and that would be the published record if exists. (optional) (default to $false)
$Published = $true # Boolean | This boolean indicates whether the segment is being applied to the accounts. If unpublished its being actively modified until published (optional) (default to $true)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq ""' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **name**: *eq, in, sw* (optional)
# Get Segments
try {
Get-V2025DataSegments -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025DataSegments -XSailPointExperimental $XSailPointExperimental -Enabled $Enabled -Unique $Unique -Published $Published -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DataSegments"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-data-segment
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to update segment fields by using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-data-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to modify.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * membership * memberFilter * memberSelection * scopes * enabled
### Return type
[**DataSegment**](../models/data-segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the segment&#39;s new representation. | DataSegment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The segment ID to modify.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * membership * memberFilter * memberSelection * scopes * enabled
$RequestBody = @"[{op=replace, path=/memberFilter, value={expression={operator=AND, children=[{operator=EQUALS, attribute=location, value={type=STRING, value=Philadelphia}}, {operator=EQUALS, attribute=department, value={type=STRING, value=HR}}]}}}]"@ # SystemCollectionsHashtable[] | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * membership * memberFilter * memberSelection * scopes * enabled
# Update Segment
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-V2025DataSegment -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-V2025DataSegment -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025DataSegment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## publish-data-segment
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This will publish the segment so that it starts applying the segmentation to the desired users if enabled
[API Spec](https://developer.sailpoint.com/docs/api/v2025/publish-data-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | **[]String** | True | A list of segment ids that you wish to publish
Query | PublishAll | **Boolean** | (optional) (default to $true) | This flag decides whether you want to publish all unpublished or a list of specific segment ids
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Segments published |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = "MyRequestBody" # String[] | A list of segment ids that you wish to publish
$RequestBody = @""@ # String[] | A list of segment ids that you wish to publish
$PublishAll = $true # Boolean | This flag decides whether you want to publish all unpublished or a list of specific segment ids (optional) (default to $true)
# Publish segment by ID
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Publish-V2025DataSegment -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Publish-V2025DataSegment -XSailPointExperimental $XSailPointExperimental -RequestBody $Result -PublishAll $PublishAll
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Publish-V2025DataSegment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

553
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025DimensionsApi.md Normal file
View File

@@ -0,0 +1,553 @@
---
id: v2025-dimensions
title: Dimensions
pagination_label: Dimensions
sidebar_label: Dimensions
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Dimensions', 'V2025Dimensions']
slug: /tools/sdk/powershell/v2025/methods/dimensions
tags: ['SDK', 'Software Development Kit', 'Dimensions', 'V2025Dimensions']
---
# Dimensions
Use this API to implement and customize dynamic role functionality. With this functionality in place, administrators can create dimensions and configure them for use throughout Identity Security Cloud. Identity Security Cloud can use established criteria to automatically assign the dimensions to qualified users. This enables users to get all the access they need quickly and securely and administrators to spend their time on other tasks. Entitlements represent the most granular level of access in Identity Security Cloud.
Access profiles represent the next level and often group entitlements. Dimension represent access selectively based on the evaluation of contextual information that is available or provided. Each Dimension include context attributes and access selection expressions which map criteria to access right assignments. Each dimension can contain up to 5 context attributes. Dynamic Access Roles represent the broadest level of access and often group access profiles ,entitlements and dimensions.Each Dynamic Access Role may contain one or more Dimensions.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025Dimension**](#create-dimension) | **POST** `/roles/{roleId}/dimensions` | Create a Dimension
[**Remove-V2025BulkDimensions**](#delete-bulk-dimensions) | **POST** `/roles/{roleId}/dimensions/bulk-delete` | Delete Dimension(s)
[**Remove-V2025Dimension**](#delete-dimension) | **DELETE** `/roles/{roleId}/dimensions/{dimensionId}` | Delete a Dimension
[**Get-V2025Dimension**](#get-dimension) | **GET** `/roles/{roleId}/dimensions/{dimensionId}` | Get a Dimension under Role.
[**Get-V2025DimensionEntitlements**](#get-dimension-entitlements) | **GET** `/roles/{roleId}/dimensions/{dimensionId}/entitlements` | List Dimension&#39;s Entitlements
[**Get-V2025DimensionAccessProfiles**](#list-dimension-access-profiles) | **GET** `/roles/{roleId}/dimensions/{dimensionId}/access-profiles` | List Dimension&#39;s Access Profiles
[**Get-V2025Dimensions**](#list-dimensions) | **GET** `/roles/{roleId}/dimensions` | List Dimensions
[**Update-V2025Dimension**](#patch-dimension) | **PATCH** `/roles/{roleId}/dimensions/{dimensionId}` | Patch a specified Dimension
## create-dimension
This API creates a dimension.
You must have a token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority to call this API.
Additionally, a ROLE_SUBADMIN cannot create a dimension that includes an access profile or entitlement if that access profile or entitlement is linked to a source that the ROLE_SUBADMIN is not associated with.
The maximum supported length for the description field is 2000 characters.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-dimension)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Body | Dimension | [**Dimension**](../models/dimension) | True |
### Return type
[**Dimension**](../models/dimension)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Dimension created | Dimension
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$Dimension = @"{
"owner" : {
"name" : "support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"entitlements" : [ {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
}, {
"name" : "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
"id" : "2c91809773dee32014e13e122092014e",
"type" : "ENTITLEMENT"
} ],
"accessProfiles" : [ {
"name" : "Access Profile 2567",
"id" : "ff808081751e6e129f1518161919ecca",
"type" : "ACCESS_PROFILE"
}, {
"name" : "Access Profile 2567",
"id" : "ff808081751e6e129f1518161919ecca",
"type" : "ACCESS_PROFILE"
} ],
"created" : "2021-03-01T22:32:58.104Z",
"name" : "Dimension 2567",
"modified" : "2021-03-02T20:22:28.104Z",
"description" : "Urna amet cursus pellentesque nisl orci maximus lorem nisl euismod fusce morbi placerat adipiscing maecenas nisi tristique et metus et lacus sed morbi nunc nisl maximus magna arcu varius sollicitudin elementum enim maecenas nisi id ipsum tempus fusce diam ipsum tortor.",
"id" : "2c918086749d78830174a1a40e121518",
"membership" : {
"criteria" : {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"children" : [ {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"children" : [ {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
}, {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
} ],
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
}, {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"children" : [ {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
}, {
"stringValue" : "carlee.cert1c9f9b6fd@mailinator.com",
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
} ],
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
} ],
"operation" : "EQUALS",
"key" : {
"property" : "attribute.email",
"type" : "IDENTITY"
}
},
"type" : "STANDARD"
},
"parentId" : "2c918086749d78830174a1a40e121518"
}"@
# Create a Dimension
try {
$Result = ConvertFrom-JsonToDimension -Json $Dimension
New-V2025Dimension -RoleId $RoleId -Dimension $Result
# Below is a request that includes all optional parameters
# New-V2025Dimension -RoleId $RoleId -Dimension $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025Dimension"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-bulk-dimensions
This endpoint initiates a bulk deletion of one or more dimensions.
When the request is successful, the endpoint returns the bulk delete's task result ID. To follow the task, you can use [Get Task Status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status), which will return the task result's status and information.
This endpoint can only bulk delete up to a limit of 50 roles per request.
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this endpoint. In addition, a token with ROLE_SUBADMIN authority can only call this endpoint if all dimensions included in the request are associated with sources with management workgroups the ROLE_SUBADMIN is a member of.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-bulk-dimensions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimensions.
Body | DimensionBulkDeleteRequest | [**DimensionBulkDeleteRequest**](../models/dimension-bulk-delete-request) | True |
### Return type
[**TaskResultDto**](../models/task-result-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Returns an object with the id of the task performing the delete operation. | TaskResultDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimensions.
$DimensionBulkDeleteRequest = @"{
"dimensionIds" : [ "2c9180847812e0b1017817051919ecca", "2c9180887812e0b201781e129f151816" ]
}"@
# Delete Dimension(s)
try {
$Result = ConvertFrom-JsonToDimensionBulkDeleteRequest -Json $DimensionBulkDeleteRequest
Remove-V2025BulkDimensions -RoleId $RoleId -DimensionBulkDeleteRequest $Result
# Below is a request that includes all optional parameters
# Remove-V2025BulkDimensions -RoleId $RoleId -DimensionBulkDeleteRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025BulkDimensions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-dimension
This API deletes a Dimension by its ID.
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles/Entitlements included in the Dimension are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-dimension)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Path | DimensionId | **String** | True | Id of the Dimension
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$DimensionId = "2c9180835d191a86015d28455b4a2329" # String | Id of the Dimension
# Delete a Dimension
try {
Remove-V2025Dimension -RoleId $RoleId -DimensionId $DimensionId
# Below is a request that includes all optional parameters
# Remove-V2025Dimension -RoleId $RoleId -DimensionId $DimensionId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Dimension"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-dimension
This API returns a Dimension by its ID.
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles or Entitlements included in the Dimension or Parent Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-dimension)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Path | DimensionId | **String** | True | Id of the Dimension
### Return type
[**Dimension**](../models/dimension)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Dimension | Dimension
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$DimensionId = "2c9180835d191a86015d28455b4a2329" # String | Id of the Dimension
# Get a Dimension under Role.
try {
Get-V2025Dimension -RoleId $RoleId -DimensionId $DimensionId
# Below is a request that includes all optional parameters
# Get-V2025Dimension -RoleId $RoleId -DimensionId $DimensionId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Dimension"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-dimension-entitlements
This API lists the Entitlements associated with a given dimension.
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-dimension-entitlements)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Path | DimensionId | **String** | True | Id of the Dimension
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **attribute**: *eq, sw* **value**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, attribute, value, created, modified**
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Entitlements | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$DimensionId = "2c9180835d191a86015d28455b4a2329" # String | Id of the Dimension
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'attribute eq "memberOf"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **attribute**: *eq, sw* **value**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, attribute, value, created, modified** (optional)
# List Dimension's Entitlements
try {
Get-V2025DimensionEntitlements -RoleId $RoleId -DimensionId $DimensionId
# Below is a request that includes all optional parameters
# Get-V2025DimensionEntitlements -RoleId $RoleId -DimensionId $DimensionId -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DimensionEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-dimension-access-profiles
This API lists the Access Profiles associated with a given Dimension
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-dimension-access-profiles)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Path | DimensionId | **String** | True | Id of the Dimension
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
### Return type
[**AccessProfile[]**](../models/access-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Access Profiles | AccessProfile[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$DimensionId = "2c9180835d191a86015d28455b4a2329" # String | Id of the Dimension
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'source.id eq "2c91808982f979270182f99e386d00fa"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* **source.id**: *eq, in* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
# List Dimension's Access Profiles
try {
Get-V2025DimensionAccessProfiles -RoleId $RoleId -DimensionId $DimensionId
# Below is a request that includes all optional parameters
# Get-V2025DimensionAccessProfiles -RoleId $RoleId -DimensionId $DimensionId -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DimensionAccessProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-dimensions
This API returns a list of dimensions under a specified role.
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-dimensions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Query | ForSubadmin | **String** | (optional) | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
### Return type
[**Dimension[]**](../models/dimension)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Dimensions | Dimension[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$ForSubadmin = "5168015d32f890ca15812c9180835d2e" # String | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin. (optional)
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq '2c918086749d78830174a1a40e121518'' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
# List Dimensions
try {
Get-V2025Dimensions -RoleId $RoleId
# Below is a request that includes all optional parameters
# Get-V2025Dimensions -RoleId $RoleId -ForSubadmin $ForSubadmin -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Dimensions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-dimension
This API updates an existing dimension using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable: **name** **description** **owner** **accessProfiles** **entitlements** **membership**
A token with API, ORG_ADMIN, ROLE_ADMIN, or ROLE_SUBADMIN authority is required to call this API. In addition, a token with ROLE_SUBADMIN authority may only call this API if all access profiles/entitlements included in the dimension are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
The maximum supported length for the description field is 2000 characters.
When you use this API to modify a dimension's membership identities, you can only modify up to a limit of 500 membership identities at a time.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-dimension)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | RoleId | **String** | True | Parent Role Id of the dimension.
Path | DimensionId | **String** | True | Id of the Dimension
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**Dimension**](../models/dimension)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the Dimension as updated. | Dimension
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$RoleId = "6603fba3004f43c687610a29195252ce" # String | Parent Role Id of the dimension.
$DimensionId = "2c9180835d191a86015d28455b4a2329" # String | Id of the Dimension
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] |
# Patch a specified Dimension
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025Dimension -RoleId $RoleId -DimensionId $DimensionId -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025Dimension -RoleId $RoleId -DimensionId $DimensionId -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Dimension"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

782
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025EntitlementsApi.md Normal file
View File

@@ -0,0 +1,782 @@
---
id: v2025-entitlements
title: Entitlements
pagination_label: Entitlements
sidebar_label: Entitlements
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Entitlements', 'V2025Entitlements']
slug: /tools/sdk/powershell/v2025/methods/entitlements
tags: ['SDK', 'Software Development Kit', 'Entitlements', 'V2025Entitlements']
---
# Entitlements
Use this API to implement and customize entitlement functionality.
With this functionality in place, administrators can view entitlements and configure them for use throughout Identity Security Cloud in certifications, access profiles, and roles.
Administrators in Identity Security Cloud can then grant users access to the entitlements or configure them so users themselves can request access to the entitlements whenever they need them.
With a good approval process, this entitlement functionality allows users to gain the specific access they need on sources quickly and securely.
Entitlements represent access rights on sources.
Entitlements are the most granular form of access in Identity Security Cloud.
Entitlements are often grouped into access profiles, and access profiles themselves are often grouped into roles, the broadest form of access in Identity Security Cloud.
For example, an Active Directory source in Identity Security Cloud can have multiple entitlements: the first, &#39;Employees,&#39; may represent the access all employees have at the organization, and a second, &#39;Developers,&#39; may represent the access all developers have at the organization.
An administrator can then create a broader set of access in the form of an access profile, &#39;AD Developers&#39; grouping the &#39;Employees&#39; entitlement with the &#39;Developers&#39; entitlement.
An administrator can then create an even broader set of access in the form of a role grouping the &#39;AD Developers&#39; access profile with another profile, &#39;GitHub Developers,&#39; grouping entitlements for the GitHub source.
When users only need Active Directory employee access, they can request access to the &#39;Employees&#39; entitlement.
When users need both Active Directory employee and developer access, they can request access to the &#39;AD Developers&#39; access profile.
When users need both the &#39;AD Developers&#39; access profile and the &#39;GitHub Developers&#39; access profile, they can request access to the role grouping both.
Administrators often use roles and access profiles within those roles to manage access so that users can gain access more quickly, but the hierarchy of access all starts with entitlements.
Anywhere entitlements appear, you can select them to find more information about the following:
- Cloud Access Details: These provide details about the cloud access entitlements on cloud-enabled sources.
- Permissions: Permissions represent individual units of read/write/admin access to a system.
- Relationships: These list each entitlement&#39;s parent and child relationships.
- Type: This is the entitlement&#39;s type. Some sources support multiple types, each with a different attribute schema.
Identity Security Cloud uses entitlements in many features, including the following:
- Certifications: Entitlements can be revoked from an identity that no longer needs them.
- Roles: Roles can group access profiles which themselves group entitlements. You can grant and revoke access on a broad level with roles. Role membership criteria can grant roles to identities based on whether they have certain entitlements or attributes.
- Access Profiles: Access profiles group entitlements.
They are the most important units of access in Identity Security Cloud.
Identity Security Cloud uses them in provisioning, certifications, and access requests, and administrators can configure them to grant very broad or very granular access.
You cannot delete entitlements directly from Identity Security Cloud.
Entitlements are deleted based on their inclusion in aggregations.
Refer to [Deleting Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html#deleting-entitlements) more information about deleting entitlements.
Refer to [Entitlements](https://documentation.sailpoint.com/saas/help/access/entitlements.html) for more information about entitlements.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025AccessModelMetadataForEntitlement**](#create-access-model-metadata-for-entitlement) | **POST** `/entitlements/{id}/access-model-metadata/{attributeKey}/values/{attributeValue}` | Add metadata to an entitlement.
[**Remove-V2025AccessModelMetadataFromEntitlement**](#delete-access-model-metadata-from-entitlement) | **DELETE** `/entitlements/{id}/access-model-metadata/{attributeKey}/values/{attributeValue}` | Remove metadata from an entitlement.
[**Get-V2025Entitlement**](#get-entitlement) | **GET** `/entitlements/{id}` | Get an entitlement
[**Get-V2025EntitlementRequestConfig**](#get-entitlement-request-config) | **GET** `/entitlements/{id}/entitlement-request-config` | Get Entitlement Request Config
[**Import-V2025EntitlementsBySource**](#import-entitlements-by-source) | **POST** `/entitlements/aggregate/sources/{id}` | Aggregate Entitlements
[**Get-V2025EntitlementChildren**](#list-entitlement-children) | **GET** `/entitlements/{id}/children` | List of entitlements children
[**Get-V2025EntitlementParents**](#list-entitlement-parents) | **GET** `/entitlements/{id}/parents` | List of entitlements parents
[**Get-V2025Entitlements**](#list-entitlements) | **GET** `/entitlements` | Gets a list of entitlements.
[**Update-V2025Entitlement**](#patch-entitlement) | **PATCH** `/entitlements/{id}` | Patch an entitlement
[**Send-V2025EntitlementRequestConfig**](#put-entitlement-request-config) | **PUT** `/entitlements/{id}/entitlement-request-config` | Replace Entitlement Request Config
[**Reset-V2025SourceEntitlements**](#reset-source-entitlements) | **POST** `/entitlements/reset/sources/{id}` | Reset Source Entitlements
[**Update-V2025EntitlementsInBulk**](#update-entitlements-in-bulk) | **POST** `/entitlements/bulk-update` | Bulk update an entitlement list
## create-access-model-metadata-for-entitlement
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Add single Access Model Metadata to an entitlement.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-model-metadata-for-entitlement)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The entitlement id.
Path | AttributeKey | **String** | True | Technical name of the Attribute.
Path | AttributeValue | **String** | True | Technical name of the Attribute Value.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**Entitlement**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK | Entitlement
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808c74ff913f0175097daa9d59cd" # String | The entitlement id.
$AttributeKey = "iscPrivacy" # String | Technical name of the Attribute.
$AttributeValue = "public" # String | Technical name of the Attribute Value.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Add metadata to an entitlement.
try {
New-V2025AccessModelMetadataForEntitlement -Id $Id -AttributeKey $AttributeKey -AttributeValue $AttributeValue -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# New-V2025AccessModelMetadataForEntitlement -Id $Id -AttributeKey $AttributeKey -AttributeValue $AttributeValue -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025AccessModelMetadataForEntitlement"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-access-model-metadata-from-entitlement
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Remove single Access Model Metadata from an entitlement.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-access-model-metadata-from-entitlement)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The entitlement id.
Path | AttributeKey | **String** | True | Technical name of the Attribute.
Path | AttributeValue | **String** | True | Technical name of the Attribute Value.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808c74ff913f0175097daa9d59cd" # String | The entitlement id.
$AttributeKey = "iscPrivacy" # String | Technical name of the Attribute.
$AttributeValue = "public" # String | Technical name of the Attribute Value.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Remove metadata from an entitlement.
try {
Remove-V2025AccessModelMetadataFromEntitlement -Id $Id -AttributeKey $AttributeKey -AttributeValue $AttributeValue -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025AccessModelMetadataFromEntitlement -Id $Id -AttributeKey $AttributeKey -AttributeValue $AttributeValue -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025AccessModelMetadataFromEntitlement"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-entitlement
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns an entitlement by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The entitlement ID
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**Entitlement**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An entitlement | Entitlement
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808874ff91550175097daaec161c" # String | The entitlement ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get an entitlement
try {
Get-V2025Entitlement -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Entitlement -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Entitlement"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-entitlement-request-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the entitlement request config for a specified entitlement.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-request-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Entitlement Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**EntitlementRequestConfig**](../models/entitlement-request-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An Entitlement Request Config | EntitlementRequestConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808874ff91550175097daaec161c" # String | Entitlement Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Entitlement Request Config
try {
Get-V2025EntitlementRequestConfig -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025EntitlementRequestConfig -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementRequestConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## import-entitlements-by-source
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Starts an entitlement aggregation on the specified source. Though this endpoint has been deprecated, you can find its Beta equivalent [here](https://developer.sailpoint.com/docs/api/beta/import-entitlements).
If the target source is a direct connection, then the request body must be empty. You will also need to make sure the Content-Type header is not set. If you set the Content-Type header without specifying a body, then you will receive a 500 error.
If the target source is a delimited file source, then the CSV file needs to be included in the request body. You will also need to set the Content-Type header to `multipart/form-data`.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/import-entitlements-by-source)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Source Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
| CsvFile | **System.IO.FileInfo** | (optional) | The CSV file containing the source entitlements to aggregate.
### Return type
[**LoadEntitlementTask**](../models/load-entitlement-task)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Aggregate Entitlements Task | LoadEntitlementTask
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Source Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CsvFile = # System.IO.FileInfo | The CSV file containing the source entitlements to aggregate. (optional)
# Aggregate Entitlements
try {
Import-V2025EntitlementsBySource -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Import-V2025EntitlementsBySource -Id $Id -XSailPointExperimental $XSailPointExperimental -CsvFile $CsvFile
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Import-V2025EntitlementsBySource"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-entitlement-children
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of all child entitlements of a given entitlement.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-entitlement-children)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Entitlement Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* **type**: *eq, in* **attribute**: *eq, in* **value**: *eq, in, sw* **source.id**: *eq, in* **requestable**: *eq* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le*
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of entitlements children from an entitlement | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808874ff91550175097daaec161c" # String | Entitlement Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id** (optional)
$Filters = 'attribute eq "memberOf"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* **type**: *eq, in* **attribute**: *eq, in* **value**: *eq, in, sw* **source.id**: *eq, in* **requestable**: *eq* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* (optional)
# List of entitlements children
try {
Get-V2025EntitlementChildren -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025EntitlementChildren -Id $Id -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementChildren"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-entitlement-parents
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of all parent entitlements of a given entitlement.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-entitlement-parents)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Entitlement Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* **type**: *eq, in* **attribute**: *eq, in* **value**: *eq, in, sw* **source.id**: *eq, in* **requestable**: *eq* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le*
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of entitlements parents from an entitlement | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808c74ff913f0175097daa9d59cd" # String | Entitlement Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id** (optional)
$Filters = 'attribute eq "memberOf"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* **type**: *eq, in* **attribute**: *eq, in* **value**: *eq, in, sw* **source.id**: *eq, in* **requestable**: *eq* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* (optional)
# List of entitlements parents
try {
Get-V2025EntitlementParents -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025EntitlementParents -Id $Id -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementParents"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-entitlements
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of entitlements.
This API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive).
Any authenticated token can call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-entitlements)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | AccountId | **String** | (optional) | The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).
Query | SegmentedForIdentity | **String** | (optional) | If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID. Cannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.
Query | ForSegmentIds | **String** | (optional) | If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs. Cannot be specified with the **account-id** or **segmented-for-identity** param(s).
Query | IncludeUnsegmented | **Boolean** | (optional) (default to $true) | Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* **type**: *eq, in* **attribute**: *eq, in* **value**: *eq, in, sw* **source.id**: *eq, in* **requestable**: *eq* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in*
### Return type
[**Entitlement[]**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of entitlements | Entitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccountId = "ef38f94347e94562b5bb8424a56397d8" # String | The account ID. If specified, returns only entitlements associated with the given Account. Cannot be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s). (optional)
$SegmentedForIdentity = "me" # String | If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID. Cannot be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity. (optional)
$ForSegmentIds = "041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649" # String | If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs. Cannot be specified with the **account-id** or **segmented-for-identity** param(s). (optional)
$IncludeUnsegmented = $true # Boolean | Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error. (optional) (default to $true)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id, requestable** (optional)
$Filters = 'attribute eq "memberOf"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* **type**: *eq, in* **attribute**: *eq, in* **value**: *eq, in, sw* **source.id**: *eq, in* **requestable**: *eq* **created**: *gt, lt, ge, le* **modified**: *gt, lt, ge, le* **owner.id**: *eq, in* (optional)
# Gets a list of entitlements.
try {
Get-V2025Entitlements -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Entitlements -XSailPointExperimental $XSailPointExperimental -AccountId $AccountId -SegmentedForIdentity $SegmentedForIdentity -ForSegmentIds $ForSegmentIds -IncludeUnsegmented $IncludeUnsegmented -Offset $Offset -Limit $Limit -Count $Count -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Entitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-entitlement
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates an existing entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
The following fields are patchable: **requestable**, **privileged**, **segments**, **owner**, **name**, **description**, and **manuallyUpdatedFields**
When you're patching owner, only owner type and owner id must be provided. Owner name is optional, and it won't be modified. If the owner name is provided, it should correspond to the real name. The only owner type currently supported is IDENTITY.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-entitlement)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the entitlement to patch
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | (optional) |
### Return type
[**Entitlement**](../models/entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the entitlement as updated. | Entitlement
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | ID of the entitlement to patch
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | (optional)
# Patch an entitlement
try {
Update-V2025Entitlement -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Update-V2025Entitlement -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Entitlement"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-entitlement-request-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API replaces the entitlement request config for a specified entitlement.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-entitlement-request-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Entitlement ID
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | EntitlementRequestConfig | [**EntitlementRequestConfig**](../models/entitlement-request-config) | True |
### Return type
[**EntitlementRequestConfig**](../models/entitlement-request-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the entitlement request config as updated. | EntitlementRequestConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121e121518" # String | Entitlement ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$EntitlementRequestConfig = @"{
"requestCommentsRequired" : false,
"deniedCommentsRequired" : false,
"allowEntitlementRequest" : true,
"grantRequestApprovalSchemes" : "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584"
}"@
# Replace Entitlement Request Config
try {
$Result = ConvertFrom-JsonToEntitlementRequestConfig -Json $EntitlementRequestConfig
Send-V2025EntitlementRequestConfig -Id $Id -XSailPointExperimental $XSailPointExperimental -EntitlementRequestConfig $Result
# Below is a request that includes all optional parameters
# Send-V2025EntitlementRequestConfig -Id $Id -XSailPointExperimental $XSailPointExperimental -EntitlementRequestConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025EntitlementRequestConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reset-source-entitlements
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Remove all entitlements from a specific source.
To reload the accounts along with the entitlements you removed, you must run an unoptimized aggregation. To do so, use [Account Aggregation](https://developer.sailpoint.com/docs/api/v2024/import-accounts/) with `disableOptimization` = `true`.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/reset-source-entitlements)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of source for the entitlement reset
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**EntitlementSourceResetBaseReferenceDto**](../models/entitlement-source-reset-base-reference-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Entitlement source reset task result | EntitlementSourceResetBaseReferenceDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808a7813090a017814121919ecca" # String | ID of source for the entitlement reset
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Reset Source Entitlements
try {
Reset-V2025SourceEntitlements -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Reset-V2025SourceEntitlements -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Reset-V2025SourceEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-entitlements-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
"This API applies an update to every entitlement of the list.\n\nThe\
\ number of entitlements to update is limited to 50 items maximum.\n\nThe JsonPatch\
\ update follows the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.\
\ allowed operations : `**{ \"op\": \"replace\", \"path\": \"/privileged\", \"\
value\": boolean }** **{ \"op\": \"replace\", \"path\": \"/requestable\",\"value\"\
: boolean }**`"
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-entitlements-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | EntitlementBulkUpdateRequest | [**EntitlementBulkUpdateRequest**](../models/entitlement-bulk-update-request) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$EntitlementBulkUpdateRequest = @"{
"entitlementIds" : [ "2c91808a7624751a01762f19d665220d", "2c91808a7624751a01762f19d67c220e", "2c91808a7624751a01762f19d692220f" ],
"jsonPatch" : [ {
"op" : "replace",
"path" : "/privileged",
"value" : false
}, {
"op" : "replace",
"path" : "/requestable",
"value" : false
} ]
}"@
# Bulk update an entitlement list
try {
$Result = ConvertFrom-JsonToEntitlementBulkUpdateRequest -Json $EntitlementBulkUpdateRequest
Update-V2025EntitlementsInBulk -XSailPointExperimental $XSailPointExperimental -EntitlementBulkUpdateRequest $Result
# Below is a request that includes all optional parameters
# Update-V2025EntitlementsInBulk -XSailPointExperimental $XSailPointExperimental -EntitlementBulkUpdateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025EntitlementsInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

174
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025GlobalTenantSecuritySettingsApi.md Normal file
View File

@@ -0,0 +1,174 @@
---
id: v2025-global-tenant-security-settings
title: GlobalTenantSecuritySettings
pagination_label: GlobalTenantSecuritySettings
sidebar_label: GlobalTenantSecuritySettings
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'GlobalTenantSecuritySettings', 'V2025GlobalTenantSecuritySettings']
slug: /tools/sdk/powershell/v2025/methods/global-tenant-security-settings
tags: ['SDK', 'Software Development Kit', 'GlobalTenantSecuritySettings', 'V2025GlobalTenantSecuritySettings']
---
# GlobalTenantSecuritySettings
Use this API to implement and customize global tenant security settings.
With this functionality in place, administrators can manage the global security settings that a tenant/org has.
This API can be used to configure the networks and Geographies allowed to access Identity Security Cloud URLs.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025AuthOrgNetworkConfig**](#create-auth-org-network-config) | **POST** `/auth-org/network-config` | Create security network configuration.
[**Get-V2025AuthOrgNetworkConfig**](#get-auth-org-network-config) | **GET** `/auth-org/network-config` | Get security network configuration.
[**Update-V2025AuthOrgNetworkConfig**](#patch-auth-org-network-config) | **PATCH** `/auth-org/network-config` | Update security network configuration.
## create-auth-org-network-config
This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:manage'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-auth-org-network-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | NetworkConfiguration | [**NetworkConfiguration**](../models/network-configuration) | True | Network configuration creation request body. The following constraints ensure the request body conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
### Return type
[**NetworkConfiguration**](../models/network-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Network configuration for the tenant. | NetworkConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$NetworkConfiguration = @"{
"range" : [ "1.3.7.2", "255.255.255.252/30" ],
"whitelisted" : true,
"geolocation" : [ "CA", "FR", "HT" ]
}"@
# Create security network configuration.
try {
$Result = ConvertFrom-JsonToNetworkConfiguration -Json $NetworkConfiguration
New-V2025AuthOrgNetworkConfig -NetworkConfiguration $Result
# Below is a request that includes all optional parameters
# New-V2025AuthOrgNetworkConfig -NetworkConfiguration $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025AuthOrgNetworkConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-auth-org-network-config
This API returns the details of an org's network auth configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-auth-org-network-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**NetworkConfiguration**](../models/network-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Network configuration for the tenant&#39;s auth org. | NetworkConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get security network configuration.
try {
Get-V2025AuthOrgNetworkConfig
# Below is a request that includes all optional parameters
# Get-V2025AuthOrgNetworkConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AuthOrgNetworkConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-auth-org-network-config
This API updates an existing network configuration for an org using PATCH
Requires security scope of: 'sp:auth-org:manage'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-auth-org-network-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Network Config conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
### Return type
[**NetworkConfiguration**](../models/network-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Auth Org network configuration. | NetworkConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Network Config conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
# Update security network configuration.
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025AuthOrgNetworkConfig -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025AuthOrgNetworkConfig -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025AuthOrgNetworkConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

614
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025GovernanceGroupsApi.md Normal file
View File

@@ -0,0 +1,614 @@
---
id: v2025-governance-groups
title: GovernanceGroups
pagination_label: GovernanceGroups
sidebar_label: GovernanceGroups
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'GovernanceGroups', 'V2025GovernanceGroups']
slug: /tools/sdk/powershell/v2025/methods/governance-groups
tags: ['SDK', 'Software Development Kit', 'GovernanceGroups', 'V2025GovernanceGroups']
---
# GovernanceGroups
Use this API to implement and customize Governance Group functionality. With this functionality in place, administrators can create Governance Groups and configure them for use throughout Identity Security Cloud.
A governance group is a group of users that can make governance decisions about access. If your organization has the Access Request or Certifications service, you can configure governance groups to review access requests or certifications. A governance group can determine whether specific access is appropriate for a user.
Refer to [Creating and Managing Governance Groups](https://documentation.sailpoint.com/saas/help/common/users/governance_groups.html) for more information about how to build Governance Groups in the visual builder in the Identity Security Cloud UI.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025Workgroup**](#create-workgroup) | **POST** `/workgroups` | Create a new Governance Group.
[**Remove-V2025Workgroup**](#delete-workgroup) | **DELETE** `/workgroups/{id}` | Delete a Governance Group
[**Remove-V2025WorkgroupMembers**](#delete-workgroup-members) | **POST** `/workgroups/{workgroupId}/members/bulk-delete` | Remove members from Governance Group
[**Remove-V2025WorkgroupsInBulk**](#delete-workgroups-in-bulk) | **POST** `/workgroups/bulk-delete` | Delete Governance Group(s)
[**Get-V2025Workgroup**](#get-workgroup) | **GET** `/workgroups/{id}` | Get Governance Group by Id
[**Get-V2025Connections**](#list-connections) | **GET** `/workgroups/{workgroupId}/connections` | List connections for Governance Group
[**Get-V2025WorkgroupMembers**](#list-workgroup-members) | **GET** `/workgroups/{workgroupId}/members` | List Governance Group Members
[**Get-V2025Workgroups**](#list-workgroups) | **GET** `/workgroups` | List Governance Groups
[**Update-V2025Workgroup**](#patch-workgroup) | **PATCH** `/workgroups/{id}` | Patch a Governance Group
[**Update-V2025WorkgroupMembers**](#update-workgroup-members) | **POST** `/workgroups/{workgroupId}/members/bulk-add` | Add members to Governance Group
## create-workgroup
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API creates a new Governance Group.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-workgroup)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | WorkgroupDto | [**WorkgroupDto**](../models/workgroup-dto) | True |
### Return type
[**WorkgroupDto**](../models/workgroup-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Governance Group object created. | WorkgroupDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$WorkgroupDto = @"{
"owner" : {
"emailAddress" : "support@sailpoint.com",
"displayName" : "Support",
"name" : "Support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"connectionCount" : 1641498673000,
"created" : "2022-01-06T19:51:13Z",
"memberCount" : 1641498673000,
"name" : "DB Access Governance Group",
"description" : "Description of the Governance Group",
"modified" : "2022-01-06T19:51:13Z",
"id" : "2c91808568c529c60168cca6f90c1313"
}"@
# Create a new Governance Group.
try {
$Result = ConvertFrom-JsonToWorkgroupDto -Json $WorkgroupDto
New-V2025Workgroup -XSailPointExperimental $XSailPointExperimental -WorkgroupDto $Result
# Below is a request that includes all optional parameters
# New-V2025Workgroup -XSailPointExperimental $XSailPointExperimental -WorkgroupDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025Workgroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-workgroup
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API deletes a Governance Group by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-workgroup)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Governance Group
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180837ca6693d017ca8d097500149" # String | ID of the Governance Group
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete a Governance Group
try {
Remove-V2025Workgroup -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025Workgroup -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Workgroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-workgroup-members
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API removes one or more members from a Governance Group. A
> **Following field of Identity is an optional field in the request.**
> **name**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-workgroup-members)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | WorkgroupId | **String** | True | ID of the Governance Group.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentityPreviewResponseIdentity | [**[]IdentityPreviewResponseIdentity**](../models/identity-preview-response-identity) | True | List of identities to be removed from a Governance Group members list.
### Return type
[**WorkgroupMemberDeleteItem[]**](../models/workgroup-member-delete-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
207 | List of deleted and not deleted identities from Governance Group members list. | WorkgroupMemberDeleteItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$WorkgroupId = "2c91808a7813090a017814121919ecca" # String | ID of the Governance Group.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityPreviewResponseIdentity = @""@ # IdentityPreviewResponseIdentity[] | List of identities to be removed from a Governance Group members list.
# Remove members from Governance Group
try {
$Result = ConvertFrom-JsonToIdentityPreviewResponseIdentity -Json $IdentityPreviewResponseIdentity
Remove-V2025WorkgroupMembers -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental -IdentityPreviewResponseIdentity $Result
# Below is a request that includes all optional parameters
# Remove-V2025WorkgroupMembers -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental -IdentityPreviewResponseIdentity $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025WorkgroupMembers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-workgroups-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API initiates a bulk deletion of one or more Governance Groups.
> If any of the indicated Governance Groups have one or more connections associated with it,then those Governance Groups will be added in **inUse** list of the response. Governance Group(s) marked as **inUse** can not be deleted.
> If any of the indicated Governance Groups is not does not exists in Organization,then those Governance Groups will be added in **notFound** list of the response. Governance Groups marked as **notFound** will not be deleted.
> If any of the indicated Governance Groups does not have any connections associated with it,then those Governance Groups will be added in **deleted** list of the response. A Governance Group marked as **deleted** will be deleted from current Organization.
> If the request contains any **inUse** or **notFound** Governance Group IDs then it skips only these Governance Groups for deletion and deletes the rest of Governance Groups which have no connections associated with it.
> **This API has limit number of Governance Groups can be deleted at one time. If the request contains more then 100 Governance Groups IDs to be deleted then the API will throw an exception.**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-workgroups-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | WorkgroupBulkDeleteRequest | [**WorkgroupBulkDeleteRequest**](../models/workgroup-bulk-delete-request) | True |
### Return type
[**WorkgroupDeleteItem[]**](../models/workgroup-delete-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
207 | Governance Group bulk delete response. | WorkgroupDeleteItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$WorkgroupBulkDeleteRequest = @"{
"ids" : [ "567a697e-885b-495a-afc5-d55e1c23a302", "c7b0f7b2-1e78-4063-b294-a555333dacd2" ]
}"@
# Delete Governance Group(s)
try {
$Result = ConvertFrom-JsonToWorkgroupBulkDeleteRequest -Json $WorkgroupBulkDeleteRequest
Remove-V2025WorkgroupsInBulk -XSailPointExperimental $XSailPointExperimental -WorkgroupBulkDeleteRequest $Result
# Below is a request that includes all optional parameters
# Remove-V2025WorkgroupsInBulk -XSailPointExperimental $XSailPointExperimental -WorkgroupBulkDeleteRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025WorkgroupsInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-workgroup
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a Governance Groups by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-workgroup)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Governance Group
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**WorkgroupDto**](../models/workgroup-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Governance Group | WorkgroupDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180837ca6693d017ca8d097500149" # String | ID of the Governance Group
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Governance Group by Id
try {
Get-V2025Workgroup -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Workgroup -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Workgroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-connections
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns list of connections associated with a Governance Group.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-connections)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | WorkgroupId | **String** | True | ID of the Governance Group.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
### Return type
[**WorkgroupConnectionDto[]**](../models/workgroup-connection-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List all connections associated with a Governance Group. | WorkgroupConnectionDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$WorkgroupId = "2c91808a7813090a017814121919ecca" # String | ID of the Governance Group.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
# List connections for Governance Group
try {
Get-V2025Connections -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Connections -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Connections"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-workgroup-members
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns list of members associated with a Governance Group.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-workgroup-members)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | WorkgroupId | **String** | True | ID of the Governance Group.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified**
### Return type
[**ListWorkgroupMembers200ResponseInner[]**](../models/list-workgroup-members200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List all members associated with a Governance Group. | ListWorkgroupMembers200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$WorkgroupId = "2c91808a7813090a017814121919ecca" # String | ID of the Governance Group.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
# List Governance Group Members
try {
Get-V2025WorkgroupMembers -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025WorkgroupMembers -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025WorkgroupMembers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-workgroups
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns list of Governance Groups
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-workgroups)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **name**: *eq, sw, in* **memberships.identityId**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified, id, description**
### Return type
[**WorkgroupDto[]**](../models/workgroup-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Governance Groups | WorkgroupDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name sw "Test"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **name**: *eq, sw, in* **memberships.identityId**: *eq, in* (optional)
$Sorters = "name,-modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified, id, description** (optional)
# List Governance Groups
try {
Get-V2025Workgroups -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Workgroups -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Workgroups"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-workgroup
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates an existing governance group by ID. The following fields and objects are patchable:
* name
* description
* owner
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-workgroup)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Governance Group
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | (optional) |
### Return type
[**WorkgroupDto**](../models/workgroup-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A Governance Group. | WorkgroupDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180837ca6693d017ca8d097500149" # String | ID of the Governance Group
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | (optional)
# Patch a Governance Group
try {
Update-V2025Workgroup -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Update-V2025Workgroup -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Workgroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-workgroup-members
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API adds one or more members to a Governance Group. A token with API, ORG_ADMIN authority is required to call this API.
> **Following field of Identity is an optional field in the request.**
> **name**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-workgroup-members)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | WorkgroupId | **String** | True | ID of the Governance Group.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentityPreviewResponseIdentity | [**[]IdentityPreviewResponseIdentity**](../models/identity-preview-response-identity) | True | List of identities to be added to a Governance Group members list.
### Return type
[**WorkgroupMemberAddItem[]**](../models/workgroup-member-add-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
207 | List of added and not added identities into Governance Group members list. | WorkgroupMemberAddItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$WorkgroupId = "2c91808a7813090a017814121919ecca" # String | ID of the Governance Group.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityPreviewResponseIdentity = @""@ # IdentityPreviewResponseIdentity[] | List of identities to be added to a Governance Group members list.
# Add members to Governance Group
try {
$Result = ConvertFrom-JsonToIdentityPreviewResponseIdentity -Json $IdentityPreviewResponseIdentity
Update-V2025WorkgroupMembers -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental -IdentityPreviewResponseIdentity $Result
# Below is a request that includes all optional parameters
# Update-V2025WorkgroupMembers -WorkgroupId $WorkgroupId -XSailPointExperimental $XSailPointExperimental -IdentityPreviewResponseIdentity $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025WorkgroupMembers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

601
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IAIAccessRequestRecommendationsApi.md Normal file
View File

@@ -0,0 +1,601 @@
---
id: v2025-iai-access-request-recommendations
title: IAIAccessRequestRecommendations
pagination_label: IAIAccessRequestRecommendations
sidebar_label: IAIAccessRequestRecommendations
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IAIAccessRequestRecommendations', 'V2025IAIAccessRequestRecommendations']
slug: /tools/sdk/powershell/v2025/methods/iai-access-request-recommendations
tags: ['SDK', 'Software Development Kit', 'IAIAccessRequestRecommendations', 'V2025IAIAccessRequestRecommendations']
---
# IAIAccessRequestRecommendations
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Add-V2025AccessRequestRecommendationsIgnoredItem**](#add-access-request-recommendations-ignored-item) | **POST** `/ai-access-request-recommendations/ignored-items` | Ignore Access Request Recommendation
[**Add-V2025AccessRequestRecommendationsRequestedItem**](#add-access-request-recommendations-requested-item) | **POST** `/ai-access-request-recommendations/requested-items` | Accept Access Request Recommendation
[**Add-V2025AccessRequestRecommendationsViewedItem**](#add-access-request-recommendations-viewed-item) | **POST** `/ai-access-request-recommendations/viewed-items` | Mark Viewed Access Request Recommendations
[**Add-V2025AccessRequestRecommendationsViewedItems**](#add-access-request-recommendations-viewed-items) | **POST** `/ai-access-request-recommendations/viewed-items/bulk-create` | Bulk Mark Viewed Access Request Recommendations
[**Get-V2025AccessRequestRecommendations**](#get-access-request-recommendations) | **GET** `/ai-access-request-recommendations` | Identity Access Request Recommendations
[**Get-V2025AccessRequestRecommendationsConfig**](#get-access-request-recommendations-config) | **GET** `/ai-access-request-recommendations/config` | Get Access Request Recommendations config
[**Get-V2025AccessRequestRecommendationsIgnoredItems**](#get-access-request-recommendations-ignored-items) | **GET** `/ai-access-request-recommendations/ignored-items` | List Ignored Access Request Recommendations
[**Get-V2025AccessRequestRecommendationsRequestedItems**](#get-access-request-recommendations-requested-items) | **GET** `/ai-access-request-recommendations/requested-items` | List Accepted Access Request Recommendations
[**Get-V2025AccessRequestRecommendationsViewedItems**](#get-access-request-recommendations-viewed-items) | **GET** `/ai-access-request-recommendations/viewed-items` | List Viewed Access Request Recommendations
[**Set-V2025AccessRequestRecommendationsConfig**](#set-access-request-recommendations-config) | **PUT** `/ai-access-request-recommendations/config` | Update Access Request Recommendations config
## add-access-request-recommendations-ignored-item
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API ignores a recommended access request item. Once an item is ignored, it will be marked as ignored=true if it is still a recommended item. The consumer can decide to hide ignored recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/add-access-request-recommendations-ignored-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | AccessRequestRecommendationActionItemDto | [**AccessRequestRecommendationActionItemDto**](../models/access-request-recommendation-action-item-dto) | True | The recommended access item to ignore for an identity.
### Return type
[**AccessRequestRecommendationActionItemResponseDto**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Recommendation successfully stored as ignored. | AccessRequestRecommendationActionItemResponseDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessRequestRecommendationActionItemDto = @"{
"access" : {
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
},
"identityId" : "2c91808570313110017040b06f344ec9"
}"@
# Ignore Access Request Recommendation
try {
$Result = ConvertFrom-JsonToAccessRequestRecommendationActionItemDto -Json $AccessRequestRecommendationActionItemDto
Add-V2025AccessRequestRecommendationsIgnoredItem -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
# Below is a request that includes all optional parameters
# Add-V2025AccessRequestRecommendationsIgnoredItem -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Add-V2025AccessRequestRecommendationsIgnoredItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## add-access-request-recommendations-requested-item
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API consumes a notification that a recommended access request item was requested. This API does not actually make the request, it is just a notification. This will help provide feedback in order to improve our recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/add-access-request-recommendations-requested-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | AccessRequestRecommendationActionItemDto | [**AccessRequestRecommendationActionItemDto**](../models/access-request-recommendation-action-item-dto) | True | The recommended access item that was requested for an identity.
### Return type
[**AccessRequestRecommendationActionItemResponseDto**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Notification successfully acknowledged. | AccessRequestRecommendationActionItemResponseDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessRequestRecommendationActionItemDto = @"{
"access" : {
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
},
"identityId" : "2c91808570313110017040b06f344ec9"
}"@
# Accept Access Request Recommendation
try {
$Result = ConvertFrom-JsonToAccessRequestRecommendationActionItemDto -Json $AccessRequestRecommendationActionItemDto
Add-V2025AccessRequestRecommendationsRequestedItem -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
# Below is a request that includes all optional parameters
# Add-V2025AccessRequestRecommendationsRequestedItem -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Add-V2025AccessRequestRecommendationsRequestedItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## add-access-request-recommendations-viewed-item
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API consumes a notification that a recommended access request item was viewed. Future recommendations with this item will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/add-access-request-recommendations-viewed-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | AccessRequestRecommendationActionItemDto | [**AccessRequestRecommendationActionItemDto**](../models/access-request-recommendation-action-item-dto) | True | The recommended access that was viewed for an identity.
### Return type
[**AccessRequestRecommendationActionItemResponseDto**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Recommendation successfully stored as viewed. | AccessRequestRecommendationActionItemResponseDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessRequestRecommendationActionItemDto = @"{
"access" : {
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
},
"identityId" : "2c91808570313110017040b06f344ec9"
}"@
# Mark Viewed Access Request Recommendations
try {
$Result = ConvertFrom-JsonToAccessRequestRecommendationActionItemDto -Json $AccessRequestRecommendationActionItemDto
Add-V2025AccessRequestRecommendationsViewedItem -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
# Below is a request that includes all optional parameters
# Add-V2025AccessRequestRecommendationsViewedItem -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Add-V2025AccessRequestRecommendationsViewedItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## add-access-request-recommendations-viewed-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API consumes a notification that a set of recommended access request item were viewed. Future recommendations with these items will be marked with viewed=true. This can be useful for the consumer to determine if there are any new/unviewed recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/add-access-request-recommendations-viewed-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | AccessRequestRecommendationActionItemDto | [**[]AccessRequestRecommendationActionItemDto**](../models/access-request-recommendation-action-item-dto) | True | The recommended access items that were viewed for an identity.
### Return type
[**AccessRequestRecommendationActionItemResponseDto[]**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Recommendations successfully stored as viewed. | AccessRequestRecommendationActionItemResponseDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessRequestRecommendationActionItemDto = @"{
"access" : {
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
},
"identityId" : "2c91808570313110017040b06f344ec9"
}"@ # AccessRequestRecommendationActionItemDto[] | The recommended access items that were viewed for an identity.
# Bulk Mark Viewed Access Request Recommendations
try {
$Result = ConvertFrom-JsonToAccessRequestRecommendationActionItemDto -Json $AccessRequestRecommendationActionItemDto
Add-V2025AccessRequestRecommendationsViewedItems -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
# Below is a request that includes all optional parameters
# Add-V2025AccessRequestRecommendationsViewedItems -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationActionItemDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Add-V2025AccessRequestRecommendationsViewedItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-recommendations
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the access request recommendations for the specified identity. The default identity is *me* which indicates the current user.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-recommendations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | IdentityId | **String** | (optional) (default to "me") | Get access request recommendations for an identityId. *me* indicates the current user.
Query | Limit | **Int32** | (optional) (default to 15) | Max number of results to return.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | IncludeTranslationMessages | **Boolean** | (optional) (default to $false) | If *true* it will populate a list of translation messages in the response.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.name**: *co* **access.type**: *eq, in* **access.description**: *co, eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name, access.type** By default the recommendations are sorted by highest confidence first.
### Return type
[**AccessRequestRecommendationItemDetail[]**](../models/access-request-recommendation-item-detail)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of access request recommendations for the identityId | AccessRequestRecommendationItemDetail[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityId = "2c91808570313110017040b06f344ec9" # String | Get access request recommendations for an identityId. *me* indicates the current user. (optional) (default to "me")
$Limit = 15 # Int32 | Max number of results to return. (optional) (default to 15)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$IncludeTranslationMessages = $false # Boolean | If *true* it will populate a list of translation messages in the response. (optional) (default to $false)
$Filters = 'access.name co "admin"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.name**: *co* **access.type**: *eq, in* **access.description**: *co, eq, in* (optional)
$Sorters = "access.name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name, access.type** By default the recommendations are sorted by highest confidence first. (optional)
# Identity Access Request Recommendations
try {
Get-V2025AccessRequestRecommendations -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestRecommendations -XSailPointExperimental $XSailPointExperimental -IdentityId $IdentityId -Limit $Limit -Offset $Offset -Count $Count -IncludeTranslationMessages $IncludeTranslationMessages -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestRecommendations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-recommendations-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the configurations for Access Request Recommender for the tenant.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-recommendations-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**AccessRequestRecommendationConfigDto**](../models/access-request-recommendation-config-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Configurations for Access Request Recommender for the tenant. | AccessRequestRecommendationConfigDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Access Request Recommendations config
try {
Get-V2025AccessRequestRecommendationsConfig -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestRecommendationsConfig -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestRecommendationsConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-recommendations-ignored-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of ignored access request recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-recommendations-ignored-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.id**: *eq, in* **access.type**: *eq, in* **identityId**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp**
### Return type
[**AccessRequestRecommendationActionItemResponseDto[]**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returns list of ignored access request recommendations. | AccessRequestRecommendationActionItemResponseDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'identityId eq "2c9180846b0a0583016b299f210c1314"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.id**: *eq, in* **access.type**: *eq, in* **identityId**: *eq, in* (optional)
$Sorters = "access.id" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp** (optional)
# List Ignored Access Request Recommendations
try {
Get-V2025AccessRequestRecommendationsIgnoredItems -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestRecommendationsIgnoredItems -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestRecommendationsIgnoredItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-recommendations-requested-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of requested access request recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-recommendations-requested-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.id**: *eq, in* **access.type**: *eq, in* **identityId**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp**
### Return type
[**AccessRequestRecommendationActionItemResponseDto[]**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returns the list of requested access request recommendations. | AccessRequestRecommendationActionItemResponseDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'access.id eq "2c9180846b0a0583016b299f210c1314"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.id**: *eq, in* **access.type**: *eq, in* **identityId**: *eq, in* (optional)
$Sorters = "access.id" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp** (optional)
# List Accepted Access Request Recommendations
try {
Get-V2025AccessRequestRecommendationsRequestedItems -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestRecommendationsRequestedItems -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestRecommendationsRequestedItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-access-request-recommendations-viewed-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns the list of viewed access request recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-access-request-recommendations-viewed-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.id**: *eq, in* **access.type**: *eq, in* **identityId**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp**
### Return type
[**AccessRequestRecommendationActionItemResponseDto[]**](../models/access-request-recommendation-action-item-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Returns list of viewed access request recommendations. | AccessRequestRecommendationActionItemResponseDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'access.id eq "2c9180846b0a0583016b299f210c1314"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **access.id**: *eq, in* **access.type**: *eq, in* **identityId**: *eq, in* (optional)
$Sorters = "access.id" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.id, access.type, identityId, timestamp** (optional)
# List Viewed Access Request Recommendations
try {
Get-V2025AccessRequestRecommendationsViewedItems -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025AccessRequestRecommendationsViewedItems -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AccessRequestRecommendationsViewedItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-access-request-recommendations-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates the configurations for Access Request Recommender for the tenant.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-access-request-recommendations-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | AccessRequestRecommendationConfigDto | [**AccessRequestRecommendationConfigDto**](../models/access-request-recommendation-config-dto) | True | The desired configurations for Access Request Recommender for the tenant.
### Return type
[**AccessRequestRecommendationConfigDto**](../models/access-request-recommendation-config-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully updated configurations for Access Request Recommender for the tenant. | AccessRequestRecommendationConfigDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessRequestRecommendationConfigDto = @"{
"scoreThreshold" : 0.5,
"startDateAttribute" : "startDate",
"restrictionAttribute" : "location",
"moverAttribute" : "isMover",
"joinerAttribute" : "isJoiner",
"useRestrictionAttribute" : true
}"@
# Update Access Request Recommendations config
try {
$Result = ConvertFrom-JsonToAccessRequestRecommendationConfigDto -Json $AccessRequestRecommendationConfigDto
Set-V2025AccessRequestRecommendationsConfig -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationConfigDto $Result
# Below is a request that includes all optional parameters
# Set-V2025AccessRequestRecommendationsConfig -XSailPointExperimental $XSailPointExperimental -AccessRequestRecommendationConfigDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025AccessRequestRecommendationsConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

196
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IAICommonAccessApi.md Normal file
View File

@@ -0,0 +1,196 @@
---
id: v2025-iai-common-access
title: IAICommonAccess
pagination_label: IAICommonAccess
sidebar_label: IAICommonAccess
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IAICommonAccess', 'V2025IAICommonAccess']
slug: /tools/sdk/powershell/v2025/methods/iai-common-access
tags: ['SDK', 'Software Development Kit', 'IAICommonAccess', 'V2025IAICommonAccess']
---
# IAICommonAccess
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025CommonAccess**](#create-common-access) | **POST** `/common-access` | Create common access items
[**Get-V2025CommonAccess**](#get-common-access) | **GET** `/common-access` | Get a paginated list of common access
[**Update-V2025CommonAccessStatusInBulk**](#update-common-access-status-in-bulk) | **POST** `/common-access/update-status` | Bulk update common access status
## create-common-access
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API is used to add roles/access profiles to the list of common access for a customer. Requires authorization scope of iai:access-modeling:create
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-common-access)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | CommonAccessItemRequest | [**CommonAccessItemRequest**](../models/common-access-item-request) | True |
### Return type
[**CommonAccessItemResponse**](../models/common-access-item-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Returns details of the common access classification request. | CommonAccessItemResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CommonAccessItemRequest = @"{
"access" : {
"ownerName" : "ownerName",
"name" : "name",
"description" : "description",
"id" : "id",
"type" : "ACCESS_PROFILE",
"ownerId" : "ownerId"
},
"status" : "CONFIRMED"
}"@
# Create common access items
try {
$Result = ConvertFrom-JsonToCommonAccessItemRequest -Json $CommonAccessItemRequest
New-V2025CommonAccess -XSailPointExperimental $XSailPointExperimental -CommonAccessItemRequest $Result
# Below is a request that includes all optional parameters
# New-V2025CommonAccess -XSailPointExperimental $XSailPointExperimental -CommonAccessItemRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025CommonAccess"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-common-access
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint returns the current common access for a customer. The returned items can be filtered and sorted. Requires authorization scope of iai:access-modeling:read
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-common-access)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq, sw* **reviewedByUser** *eq* **access.id**: *eq, sw* **access.type**: *eq* **access.name**: *sw, eq* **access.description**: *sw, eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name, status** By default the common access items are sorted by name, ascending.
### Return type
[**CommonAccessResponse[]**](../models/common-access-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns a list of common access for a customer. | CommonAccessResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'access.type eq "ROLE"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq, sw* **reviewedByUser** *eq* **access.id**: *eq, sw* **access.type**: *eq* **access.name**: *sw, eq* **access.description**: *sw, eq* (optional)
$Sorters = "access.name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **access.name, status** By default the common access items are sorted by name, ascending. (optional)
# Get a paginated list of common access
try {
Get-V2025CommonAccess -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025CommonAccess -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025CommonAccess"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-common-access-status-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This submits an update request to the common access application. At this time there are no parameters. Requires authorization scope of iai:access-modeling:update
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-common-access-status-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | CommonAccessIDStatus | [**[]CommonAccessIDStatus**](../models/common-access-id-status) | True | Confirm or deny in bulk the common access ids that are (or aren't) common access
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CommonAccessIDStatus = @"{
"confirmedIds" : [ "046b6c7f-0b8a-43b9-b35d-6489e6daee91", "046b6c7f-0b8a-43b9-b35d-6489e6daee91" ],
"deniedIds" : [ "046b6c7f-0b8a-43b9-b35d-6489e6daee91", "046b6c7f-0b8a-43b9-b35d-6489e6daee91" ]
}"@ # CommonAccessIDStatus[] | Confirm or deny in bulk the common access ids that are (or aren't) common access
# Bulk update common access status
try {
$Result = ConvertFrom-JsonToCommonAccessIDStatus -Json $CommonAccessIDStatus
Update-V2025CommonAccessStatusInBulk -XSailPointExperimental $XSailPointExperimental -CommonAccessIDStatus $Result
# Below is a request that includes all optional parameters
# Update-V2025CommonAccessStatusInBulk -XSailPointExperimental $XSailPointExperimental -CommonAccessIDStatus $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025CommonAccessStatusInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

542
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IAIOutliersApi.md Normal file
View File

@@ -0,0 +1,542 @@
---
id: v2025-iai-outliers
title: IAIOutliers
pagination_label: IAIOutliers
sidebar_label: IAIOutliers
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IAIOutliers', 'V2025IAIOutliers']
slug: /tools/sdk/powershell/v2025/methods/iai-outliers
tags: ['SDK', 'Software Development Kit', 'IAIOutliers', 'V2025IAIOutliers']
---
# IAIOutliers
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Export-V2025OutliersZip**](#export-outliers-zip) | **GET** `/outliers/export` | IAI Identity Outliers Export
[**Get-V2025IdentityOutlierSnapshots**](#get-identity-outlier-snapshots) | **GET** `/outlier-summaries` | IAI Identity Outliers Summary
[**Get-V2025IdentityOutliers**](#get-identity-outliers) | **GET** `/outliers` | IAI Get Identity Outliers
[**Get-V2025LatestIdentityOutlierSnapshots**](#get-latest-identity-outlier-snapshots) | **GET** `/outlier-summaries/latest` | IAI Identity Outliers Latest Summary
[**Get-V2025OutlierContributingFeatureSummary**](#get-outlier-contributing-feature-summary) | **GET** `/outlier-feature-summaries/{outlierFeatureId}` | Get identity outlier contibuting feature summary
[**Get-V2025PeerGroupOutliersContributingFeatures**](#get-peer-group-outliers-contributing-features) | **GET** `/outliers/{outlierId}/contributing-features` | Get identity outlier&#39;s contibuting features
[**Invoke-V2025IgnoreIdentityOutliers**](#ignore-identity-outliers) | **POST** `/outliers/ignore` | IAI Identity Outliers Ignore
[**Get-V2025OutliersContributingFeatureAccessItems**](#list-outliers-contributing-feature-access-items) | **GET** `/outliers/{outlierId}/feature-details/{contributingFeatureName}/access-items` | Gets a list of access items associated with each identity outlier contributing feature
[**Invoke-V2025UnIgnoreIdentityOutliers**](#un-ignore-identity-outliers) | **POST** `/outliers/unignore` | IAI Identity Outliers Unignore
## export-outliers-zip
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API exports a list of ignored outliers to a CSV as well as list of non-ignored outliers to a CSV. These two CSVs will be zipped and exported.
Columns will include: identityId, type, firstDetectionDate, latestDetectionDate, ignored, & attributes (defined set of identity attributes).
[API Spec](https://developer.sailpoint.com/docs/api/v2025/export-outliers-zip)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Type | **String** | (optional) | Type of the identity outliers snapshot to filter on
### Return type
**System.IO.FileInfo**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns zip of two CSVs to download. One CSV for ignored outliers and the other for non-ignored outliers. | System.IO.FileInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/zip, application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Type = "LOW_SIMILARITY" # String | Type of the identity outliers snapshot to filter on (optional)
# IAI Identity Outliers Export
try {
Export-V2025OutliersZip -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Export-V2025OutliersZip -XSailPointExperimental $XSailPointExperimental -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Export-V2025OutliersZip"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-outlier-snapshots
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a summary containing the number of identities that customer has, the number of outliers, and the type of outlier.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-outlier-snapshots)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Type | **String** | (optional) | Type of the identity outliers snapshot to filter on
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **snapshotDate**: *ge, le*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **snapshotDate**
### Return type
[**OutlierSummary[]**](../models/outlier-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers | OutlierSummary[]
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Type = "LOW_SIMILARITY" # String | Type of the identity outliers snapshot to filter on (optional)
$Filters = 'snapshotDate ge "2022-02-07T20:13:29.356648026Z"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **snapshotDate**: *ge, le* (optional)
$Sorters = "snapshotDate" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **snapshotDate** (optional)
# IAI Identity Outliers Summary
try {
Get-V2025IdentityOutlierSnapshots -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityOutlierSnapshots -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Type $Type -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityOutlierSnapshots"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-outliers
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of outliers, containing data such as identity ID, outlier type, detection dates, identity attributes, if identity is ignored, and certification information.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-outliers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Type | **String** | (optional) | Type of the identity outliers snapshot to filter on
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **attributes**: *eq, sw, co, in* **firstDetectionDate**: *ge, le* **certStatus**: *eq* **ignored**: *eq* **score**: *ge, le*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **firstDetectionDate, attributes, score**
### Return type
[**Outlier[]**](../models/outlier)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns list of objects. Each object contains information about outliers. | Outlier[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Type = "LOW_SIMILARITY" # String | Type of the identity outliers snapshot to filter on (optional)
$Filters = 'attributes.displayName sw "John" and certStatus eq "false"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **attributes**: *eq, sw, co, in* **firstDetectionDate**: *ge, le* **certStatus**: *eq* **ignored**: *eq* **score**: *ge, le* (optional)
$Sorters = "attributes.displayName,firstDetectionDate,-score" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **firstDetectionDate, attributes, score** (optional)
# IAI Get Identity Outliers
try {
Get-V2025IdentityOutliers -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityOutliers -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Type $Type -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityOutliers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-latest-identity-outlier-snapshots
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a most recent snapshot of each outlier type, each containing the number of identities that customer has, the number of outliers, and the type of outlier.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-latest-identity-outlier-snapshots)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Type | **String** | (optional) | Type of the identity outliers snapshot to filter on
### Return type
[**LatestOutlierSummary[]**](../models/latest-outlier-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns list of objects. Each object is a summary to give high level statistics/counts of outliers. | LatestOutlierSummary[]
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Type = "LOW_SIMILARITY" # String | Type of the identity outliers snapshot to filter on (optional)
# IAI Identity Outliers Latest Summary
try {
Get-V2025LatestIdentityOutlierSnapshots -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025LatestIdentityOutlierSnapshots -XSailPointExperimental $XSailPointExperimental -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025LatestIdentityOutlierSnapshots"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-outlier-contributing-feature-summary
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a summary of a contributing feature for an identity outlier.
The object contains: contributing feature name (translated text or message key), identity outlier display name, feature values, feature definition and explanation (translated text or message key), peer display name and identityId, access item reference, translation messages object.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-outlier-contributing-feature-summary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | OutlierFeatureId | **String** | True | Contributing feature id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**OutlierFeatureSummary**](../models/outlier-feature-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns selected contributing feature summary for an outlier. | OutlierFeatureSummary
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OutlierFeatureId = "04654b66-7561-4090-94f9-abee0722a1af" # String | Contributing feature id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get identity outlier contibuting feature summary
try {
Get-V2025OutlierContributingFeatureSummary -OutlierFeatureId $OutlierFeatureId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025OutlierContributingFeatureSummary -OutlierFeatureId $OutlierFeatureId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025OutlierContributingFeatureSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-peer-group-outliers-contributing-features
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of contributing feature objects for a single outlier.
The object contains: feature name, feature value type, value, importance, display name (translated text or message key), description (translated text or message key), translation messages object.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-peer-group-outliers-contributing-features)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | OutlierId | **String** | True | The outlier id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | IncludeTranslationMessages | **String** | (optional) | Whether or not to include translation messages object in returned response
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **importance**
### Return type
[**OutlierContributingFeature[]**](../models/outlier-contributing-feature)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns list of objects. Each object contains a feature and metadata about that feature. | OutlierContributingFeature[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OutlierId = "2c918085842e69ae018432d22ccb212f" # String | The outlier id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$IncludeTranslationMessages = "include-translation-messages=" # String | Whether or not to include translation messages object in returned response (optional)
$Sorters = "importance" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **importance** (optional)
# Get identity outlier's contibuting features
try {
Get-V2025PeerGroupOutliersContributingFeatures -OutlierId $OutlierId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025PeerGroupOutliersContributingFeatures -OutlierId $OutlierId -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -IncludeTranslationMessages $IncludeTranslationMessages -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PeerGroupOutliersContributingFeatures"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## ignore-identity-outliers
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API receives a list of identity IDs in the request, changes the outliers to be ignored.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/ignore-identity-outliers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | **[]String** | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = "MyRequestBody" # String[] |
$RequestBody = @""@ # String[] |
# IAI Identity Outliers Ignore
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Invoke-V2025IgnoreIdentityOutliers -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Invoke-V2025IgnoreIdentityOutliers -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025IgnoreIdentityOutliers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-outliers-contributing-feature-access-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of the enriched access items associated with each feature filtered by the access item type.
The object contains: accessItemId, display name (translated text or message key), description (translated text or message key), accessType, sourceName, extremelyRare.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-outliers-contributing-feature-access-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | OutlierId | **String** | True | The outlier id
Path | ContributingFeatureName | **String** | True | The name of contributing feature
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | AccessType | **String** | (optional) | The type of access item for the identity outlier contributing feature. If not provided, it returns all.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **displayName**
### Return type
[**OutliersContributingFeatureAccessItems[]**](../models/outliers-contributing-feature-access-items)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of access items. | OutliersContributingFeatureAccessItems[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OutlierId = "2c918085842e69ae018432d22ccb212f" # String | The outlier id
$ContributingFeatureName = "radical_entitlement_count" # String | The name of contributing feature
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$AccessType = "ENTITLEMENT" # String | The type of access item for the identity outlier contributing feature. If not provided, it returns all. (optional)
$Sorters = "displayName" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **displayName** (optional)
# Gets a list of access items associated with each identity outlier contributing feature
try {
Get-V2025OutliersContributingFeatureAccessItems -OutlierId $OutlierId -ContributingFeatureName $ContributingFeatureName -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025OutliersContributingFeatureAccessItems -OutlierId $OutlierId -ContributingFeatureName $ContributingFeatureName -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -AccessType $AccessType -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025OutliersContributingFeatureAccessItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## un-ignore-identity-outliers
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API receives a list of identity IDs in the request, changes the outliers to be un-ignored.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/un-ignore-identity-outliers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | **[]String** | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = "MyRequestBody" # String[] |
$RequestBody = @""@ # String[] |
# IAI Identity Outliers Unignore
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Invoke-V2025UnIgnoreIdentityOutliers -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Invoke-V2025UnIgnoreIdentityOutliers -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025UnIgnoreIdentityOutliers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

80
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IAIPeerGroupStrategiesApi.md Normal file
View File

@@ -0,0 +1,80 @@
---
id: v2025-iai-peer-group-strategies
title: IAIPeerGroupStrategies
pagination_label: IAIPeerGroupStrategies
sidebar_label: IAIPeerGroupStrategies
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IAIPeerGroupStrategies', 'V2025IAIPeerGroupStrategies']
slug: /tools/sdk/powershell/v2025/methods/iai-peer-group-strategies
tags: ['SDK', 'Software Development Kit', 'IAIPeerGroupStrategies', 'V2025IAIPeerGroupStrategies']
---
# IAIPeerGroupStrategies
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025PeerGroupOutliers**](#get-peer-group-outliers) | **GET** `/peer-group-strategies/{strategy}/identity-outliers` | Identity Outliers List
## get-peer-group-outliers
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
-- Deprecated : See 'IAI Outliers' This API will be used by Identity Governance systems to identify identities that are not included in an organization's peer groups. By default, 250 identities are returned. You can specify between 1 and 1000 number of identities that can be returned.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-peer-group-outliers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Strategy | **String** | True | The strategy used to create peer groups. Currently, 'entitlement' is supported.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PeerGroupMember[]**](../models/peer-group-member)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identities that are not included in peer groups. | PeerGroupMember[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Strategy = "entitlement" # String | The strategy used to create peer groups. Currently, 'entitlement' is supported.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Identity Outliers List
try {
Get-V2025PeerGroupOutliers -Strategy $Strategy -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025PeerGroupOutliers -Strategy $Strategy -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PeerGroupOutliers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

196
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IAIRecommendationsApi.md Normal file
View File

@@ -0,0 +1,196 @@
---
id: v2025-iai-recommendations
title: IAIRecommendations
pagination_label: IAIRecommendations
sidebar_label: IAIRecommendations
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IAIRecommendations', 'V2025IAIRecommendations']
slug: /tools/sdk/powershell/v2025/methods/iai-recommendations
tags: ['SDK', 'Software Development Kit', 'IAIRecommendations', 'V2025IAIRecommendations']
---
# IAIRecommendations
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025Recommendations**](#get-recommendations) | **POST** `/recommendations/request` | Returns Recommendation Based on Object
[**Get-V2025RecommendationsConfig**](#get-recommendations-config) | **GET** `/recommendations/config` | Get certification recommendation config values
[**Update-V2025RecommendationsConfig**](#update-recommendations-config) | **PUT** `/recommendations/config` | Update certification recommendation config values
## get-recommendations
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
The getRecommendations API returns recommendations based on the requested object. The recommendations are invoked by IdentityIQ and IdentityNow plug-ins that retrieve recommendations based on the performed calculations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-recommendations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RecommendationRequestDto | [**RecommendationRequestDto**](../models/recommendation-request-dto) | True |
### Return type
[**RecommendationResponseDto**](../models/recommendation-response-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The recommendations for a customer | RecommendationResponseDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RecommendationRequestDto = @"{
"prescribeMode" : false,
"excludeInterpretations" : false,
"requests" : [ {
"item" : {
"id" : "2c938083633d259901633d2623ec0375",
"type" : "ENTITLEMENT"
},
"identityId" : "2c938083633d259901633d25c68c00fa"
}, {
"item" : {
"id" : "2c938083633d259901633d2623ec0375",
"type" : "ENTITLEMENT"
},
"identityId" : "2c938083633d259901633d25c68c00fa"
} ],
"includeTranslationMessages" : false,
"includeDebugInformation" : true
}"@
# Returns Recommendation Based on Object
try {
$Result = ConvertFrom-JsonToRecommendationRequestDto -Json $RecommendationRequestDto
Get-V2025Recommendations -XSailPointExperimental $XSailPointExperimental -RecommendationRequestDto $Result
# Below is a request that includes all optional parameters
# Get-V2025Recommendations -XSailPointExperimental $XSailPointExperimental -RecommendationRequestDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Recommendations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-recommendations-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieves configuration attributes used by certification recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-recommendations-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**RecommendationConfigDto**](../models/recommendation-config-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Cert recommendation configuration attributes | RecommendationConfigDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get certification recommendation config values
try {
Get-V2025RecommendationsConfig -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RecommendationsConfig -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RecommendationsConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-recommendations-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Updates configuration attributes used by certification recommendations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-recommendations-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RecommendationConfigDto | [**RecommendationConfigDto**](../models/recommendation-config-dto) | True |
### Return type
[**RecommendationConfigDto**](../models/recommendation-config-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Cert recommendation configuration attributes after update | RecommendationConfigDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RecommendationConfigDto = @"{
"recommenderFeatures" : [ "jobTitle", "location", "peer_group", "department", "active" ],
"peerGroupPercentageThreshold" : 0.5,
"runAutoSelectOnce" : false,
"onlyTuneThreshold" : false
}"@
# Update certification recommendation config values
try {
$Result = ConvertFrom-JsonToRecommendationConfigDto -Json $RecommendationConfigDto
Update-V2025RecommendationsConfig -XSailPointExperimental $XSailPointExperimental -RecommendationConfigDto $Result
# Below is a request that includes all optional parameters
# Update-V2025RecommendationsConfig -XSailPointExperimental $XSailPointExperimental -RecommendationConfigDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025RecommendationsConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1511
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IAIRoleMiningApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

132
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IconsApi.md Normal file
View File

@@ -0,0 +1,132 @@
---
id: v2025-icons
title: Icons
pagination_label: Icons
sidebar_label: Icons
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Icons', 'V2025Icons']
slug: /tools/sdk/powershell/v2025/methods/icons
tags: ['SDK', 'Software Development Kit', 'Icons', 'V2025Icons']
---
# Icons
Use this API to implement functionality related to object icons (application icons for example).
With this functionality in place, administrators can set or remove an icon for specific object type for use throughout Identity Security Cloud.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Remove-V2025Icon**](#delete-icon) | **DELETE** `/icons/{objectType}/{objectId}` | Delete an icon
[**Set-V2025Icon**](#set-icon) | **PUT** `/icons/{objectType}/{objectId}` | Update an icon
## delete-icon
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API endpoint delete an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-icon)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ObjectType | **String** | True | Object type. Available options ['application']
Path | ObjectId | **String** | True | Object id.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ObjectType = "application" # String | Object type. Available options ['application']
$ObjectId = "a291e870-48c3-4953-b656-fb5ce2a93169" # String | Object id.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete an icon
try {
Remove-V2025Icon -ObjectType $ObjectType -ObjectId $ObjectId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025Icon -ObjectType $ObjectType -ObjectId $ObjectId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Icon"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-icon
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API endpoint updates an icon by object type and object id. A token with ORG_ADMIN authority is required to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-icon)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ObjectType | **String** | True | Object type. Available options ['application']
Path | ObjectId | **String** | True | Object id.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
| Image | **System.IO.FileInfo** | True | file with icon. Allowed mime-types ['image/png', 'image/jpeg']
### Return type
[**SetIcon200Response**](../models/set-icon200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Icon updated | SetIcon200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$ObjectType = "application" # String | Object type. Available options ['application']
$ObjectId = "a291e870-48c3-4953-b656-fb5ce2a93169" # String | Object id.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Image = # System.IO.FileInfo | file with icon. Allowed mime-types ['image/png', 'image/jpeg']
# Update an icon
try {
Set-V2025Icon -ObjectType $ObjectType -ObjectId $ObjectId -XSailPointExperimental $XSailPointExperimental -Image $Image
# Below is a request that includes all optional parameters
# Set-V2025Icon -ObjectType $ObjectType -ObjectId $ObjectId -XSailPointExperimental $XSailPointExperimental -Image $Image
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025Icon"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

650
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IdentitiesApi.md Normal file
View File

@@ -0,0 +1,650 @@
---
id: v2025-identities
title: Identities
pagination_label: Identities
sidebar_label: Identities
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Identities', 'V2025Identities']
slug: /tools/sdk/powershell/v2025/methods/identities
tags: ['SDK', 'Software Development Kit', 'Identities', 'V2025Identities']
---
# Identities
Use this API to implement identity functionality.
With this functionality in place, administrators can synchronize an identity&#39;s attributes with its various source attributes.
Identity Security Cloud uses identities as users&#39; authoritative accounts. Identities can own other accounts, entitlements, and attributes.
An identity has a variety of attributes, such as an account name, an email address, a job title, and more.
These identity attributes can be correlated with different attributes on different sources.
For example, the identity John.Smith can own an account in the GitHub source with the account name John-Smith-Org, and Identity Security Cloud knows they are the same person with the same access and attributes.
In Identity Security Cloud, administrators often set up these synchronizations to get triggered automatically with a change or to run on a schedule.
To manually synchronize attributes for an identity, administrators can use the Identities drop-down menu and select Identity List to view the list of identities.
They can then select the identity they want to manually synchronize and use the hamburger menu to select &#39;Synchronize Attributes.&#39;
Doing so immediately begins the attribute synchronization and analyzes all accounts for the selected identity.
Refer to [Synchronizing Attributes](https://documentation.sailpoint.com/saas/help/provisioning/attr_sync.html) for more information about synchronizing attributes.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Remove-V2025Identity**](#delete-identity) | **DELETE** `/identities/{id}` | Delete identity
[**Get-V2025Identity**](#get-identity) | **GET** `/identities/{id}` | Identity Details
[**Get-V2025IdentityOwnershipDetails**](#get-identity-ownership-details) | **GET** `/identities/{identityId}/ownership` | Get ownership details
[**Get-V2025RoleAssignment**](#get-role-assignment) | **GET** `/identities/{identityId}/role-assignments/{assignmentId}` | Role assignment details
[**Get-V2025RoleAssignments**](#get-role-assignments) | **GET** `/identities/{identityId}/role-assignments` | List role assignments
[**Get-V2025Identities**](#list-identities) | **GET** `/identities` | List Identities
[**Reset-V2025Identity**](#reset-identity) | **POST** `/identities/{id}/reset` | Reset an identity
[**Send-V2025IdentityVerificationAccountToken**](#send-identity-verification-account-token) | **POST** `/identities/{id}/verification/account/send` | Send password reset email
[**Start-V2025IdentitiesInvite**](#start-identities-invite) | **POST** `/identities/invite` | Invite identities to register
[**Start-V2025IdentityProcessing**](#start-identity-processing) | **POST** `/identities/process` | Process a list of identityIds
[**Sync-V2025hronizeAttributesForIdentity**](#synchronize-attributes-for-identity) | **POST** `/identities/{identityId}/synchronize-attributes` | Attribute synchronization for single identity.
## delete-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
The API returns successful response if the requested identity was deleted.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Identity Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request is invalid. It may indicate that the specified identity is marked as protected and cannot be deleted. | IdentityAssociationDetails
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete identity
try {
Remove-V2025Identity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025Identity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Identity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a single identity using the Identity ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Identity Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**Identity**](../models/identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An identity object | Identity
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Identity Details
try {
Get-V2025Identity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Identity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Identity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-ownership-details
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to return an identity's owned objects that will cause problems for deleting the identity.
Use this API as a checklist of objects that you need to reassign to a different identity before you can delete the identity.
For a full list of objects owned by an identity, use the [Search API](https://developer.sailpoint.com/docs/api/v3/search-post/). When you search for identities, the returned identities have a property, `owns`, that contains a more comprehensive list of identity's owned objects.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-ownership-details)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | Identity ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**IdentityOwnershipAssociationDetails**](../models/identity-ownership-association-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Identity&#39;s ownership association details. | IdentityOwnershipAssociationDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "ff8081814d2a8036014d701f3fbf53fa" # String | Identity ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get ownership details
try {
Get-V2025IdentityOwnershipDetails -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityOwnershipDetails -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityOwnershipDetails"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-assignment
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-assignment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | Identity Id
Path | AssignmentId | **String** | True | Assignment Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**RoleAssignmentDto**](../models/role-assignment-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A role assignment object | RoleAssignmentDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "ef38f94347e94562b5bb8424a56397d8" # String | Identity Id
$AssignmentId = "1cbb0705b38c4226b1334eadd8874086" # String | Assignment Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Role assignment details
try {
Get-V2025RoleAssignment -IdentityId $IdentityId -AssignmentId $AssignmentId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleAssignment -IdentityId $IdentityId -AssignmentId $AssignmentId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleAssignment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-assignments
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This returns either a list of Role Assignments when querying with either a Role Id or Role Name, or a list of Role Assignment References if querying with only identity Id.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-assignments)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | Identity Id to get the role assignments for
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | RoleId | **String** | (optional) | Role Id to filter the role assignments with
Query | RoleName | **String** | (optional) | Role name to filter the role assignments with
### Return type
[**GetRoleAssignments200ResponseInner[]**](../models/get-role-assignments200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A role assignment object | GetRoleAssignments200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "ef38f94347e94562b5bb8424a56397d8" # String | Identity Id to get the role assignments for
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RoleId = "e7697a1e96d04db1ac7b0f4544915d2c" # String | Role Id to filter the role assignments with (optional)
$RoleName = "Engineer" # String | Role name to filter the role assignments with (optional)
# List role assignments
try {
Get-V2025RoleAssignments -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleAssignments -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental -RoleId $RoleId -RoleName $RoleName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleAssignments"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identities
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of identities.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **alias**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw* **email**: *eq, sw* **cloudStatus**: *eq* **processingState**: *eq* **correlated**: *eq* **protected**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, alias, cloudStatus**
Query | DefaultFilter | **String** | (optional) (default to "CORRELATED_ONLY") | Adds additional filter to filters query parameter. CORRELATED_ONLY adds correlated=true and returns only identities that are correlated. NONE does not add any and returns all identities that satisfy filters query parameter.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**Identity[]**](../models/identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identities. | Identity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'id eq "6c9079b270a266a60170a2779fcb0006" or correlated eq false' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **alias**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw* **email**: *eq, sw* **cloudStatus**: *eq* **processingState**: *eq* **correlated**: *eq* **protected**: *eq* (optional)
$Sorters = "name,-cloudStatus" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, alias, cloudStatus** (optional)
$DefaultFilter = "CORRELATED_ONLY" # String | Adds additional filter to filters query parameter. CORRELATED_ONLY adds correlated=true and returns only identities that are correlated. NONE does not add any and returns all identities that satisfy filters query parameter. (optional) (default to "CORRELATED_ONLY")
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List Identities
try {
Get-V2025Identities -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Identities -XSailPointExperimental $XSailPointExperimental -Filters $Filters -Sorters $Sorters -DefaultFilter $DefaultFilter -Count $Count -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Identities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## reset-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this endpoint to reset a user's identity if they have forgotten their authentication information like their answers to knowledge-based questions. Resetting an identity de-registers the user and removes any elevated user levels they have.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/reset-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | Identity Id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted. The reset request accepted and is in progress. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "ef38f94347e94562b5bb8424a56397d8" # String | Identity Id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Reset an identity
try {
Reset-V2025Identity -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Reset-V2025Identity -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Reset-V2025Identity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-identity-verification-account-token
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API sends an email with the link to start Password Reset. After selecting the link an identity will be able to set up a new password. Emails expire after 2 hours.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/send-identity-verification-account-token)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Path | Id | **String** | True | Identity ID
Body | SendAccountVerificationRequest | [**SendAccountVerificationRequest**](../models/send-account-verification-request) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The email was successfully sent |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Identity ID
$SendAccountVerificationRequest = @"{
"sourceName" : "Active Directory Source",
"via" : "EMAIL_WORK"
}"@
# Send password reset email
try {
$Result = ConvertFrom-JsonToSendAccountVerificationRequest -Json $SendAccountVerificationRequest
Send-V2025IdentityVerificationAccountToken -XSailPointExperimental $XSailPointExperimental -Id $Id -SendAccountVerificationRequest $Result
# Below is a request that includes all optional parameters
# Send-V2025IdentityVerificationAccountToken -XSailPointExperimental $XSailPointExperimental -Id $Id -SendAccountVerificationRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025IdentityVerificationAccountToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-identities-invite
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API submits a task for inviting given identities via email to complete registration. The invitation email will include the link. After selecting the link an identity will be able to set up password and log in into the system. Invitations expire after 7 days. By default invitations send to the work identity email. It can be changed in Admin > Identities > Identity Profiles by selecting corresponding profile and editing Invitation Options.
This task will send an invitation email only for unregistered identities.
The executed task status can be checked by Task Management > [Get task status by ID](https://developer.sailpoint.com/docs/api/beta/get-task-status).
[API Spec](https://developer.sailpoint.com/docs/api/v2025/start-identities-invite)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | InviteIdentitiesRequest | [**InviteIdentitiesRequest**](../models/invite-identities-request) | True |
### Return type
[**TaskStatus**](../models/task-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Responds with an initial TaskStatus for the executed task | TaskStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$InviteIdentitiesRequest = @"{
"ids" : [ "2b568c65bc3c4c57a43bd97e3a8e55", "2c9180867769897d01776ed5f125512f" ],
"uninvited" : false
}"@
# Invite identities to register
try {
$Result = ConvertFrom-JsonToInviteIdentitiesRequest -Json $InviteIdentitiesRequest
Start-V2025IdentitiesInvite -XSailPointExperimental $XSailPointExperimental -InviteIdentitiesRequest $Result
# Below is a request that includes all optional parameters
# Start-V2025IdentitiesInvite -XSailPointExperimental $XSailPointExperimental -InviteIdentitiesRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-V2025IdentitiesInvite"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-identity-processing
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized.
This endpoint will perform the following tasks:
1. Calculate identity attributes, including applying or running any rules or transforms (e.g. calculate Lifecycle State at a point-in-time it's expected to change).
2. Evaluate role assignments, leading to assignment of new roles and removal of existing roles.
3. Enforce provisioning for any assigned accesses that haven't been fulfilled (e.g. failure due to source health).
4. Recalculate manager relationships.
5. Potentially clean-up identity processing errors, assuming the error has been resolved.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/start-identity-processing)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | ProcessIdentitiesRequest | [**ProcessIdentitiesRequest**](../models/process-identities-request) | True |
### Return type
[**TaskResultResponse**](../models/task-result-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Object containing the DTO type TASK_RESULT and the job id for the task | TaskResultResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$ProcessIdentitiesRequest = @"{
"identityIds" : [ "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8" ]
}"@
# Process a list of identityIds
try {
$Result = ConvertFrom-JsonToProcessIdentitiesRequest -Json $ProcessIdentitiesRequest
Start-V2025IdentityProcessing -XSailPointExperimental $XSailPointExperimental -ProcessIdentitiesRequest $Result
# Below is a request that includes all optional parameters
# Start-V2025IdentityProcessing -XSailPointExperimental $XSailPointExperimental -ProcessIdentitiesRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-V2025IdentityProcessing"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## synchronize-attributes-for-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This end-point performs attribute synchronization for a selected identity. The endpoint can be called once in 10 seconds per identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/synchronize-attributes-for-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | The Identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**IdentitySyncJob**](../models/identity-sync-job)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | An Identity Sync job | IdentitySyncJob
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "MyIdentityId" # String | The Identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Attribute synchronization for single identity.
try {
Sync-V2025hronizeAttributesForIdentity -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Sync-V2025hronizeAttributesForIdentity -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Sync-V2025hronizeAttributesForIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

386
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IdentityAttributesApi.md Normal file
View File

@@ -0,0 +1,386 @@
---
id: v2025-identity-attributes
title: IdentityAttributes
pagination_label: IdentityAttributes
sidebar_label: IdentityAttributes
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityAttributes', 'V2025IdentityAttributes']
slug: /tools/sdk/powershell/v2025/methods/identity-attributes
tags: ['SDK', 'Software Development Kit', 'IdentityAttributes', 'V2025IdentityAttributes']
---
# IdentityAttributes
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025IdentityAttribute**](#create-identity-attribute) | **POST** `/identity-attributes` | Create Identity Attribute
[**Remove-V2025IdentityAttribute**](#delete-identity-attribute) | **DELETE** `/identity-attributes/{name}` | Delete Identity Attribute
[**Remove-V2025IdentityAttributesInBulk**](#delete-identity-attributes-in-bulk) | **DELETE** `/identity-attributes/bulk-delete` | Bulk delete Identity Attributes
[**Get-V2025IdentityAttribute**](#get-identity-attribute) | **GET** `/identity-attributes/{name}` | Get Identity Attribute
[**Get-V2025IdentityAttributes**](#list-identity-attributes) | **GET** `/identity-attributes` | List Identity Attributes
[**Send-V2025IdentityAttribute**](#put-identity-attribute) | **PUT** `/identity-attributes/{name}` | Update Identity Attribute
## create-identity-attribute
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to create a new identity attribute.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-identity-attribute)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentityAttribute | [**IdentityAttribute**](../models/identity-attribute) | True |
### Return type
[**IdentityAttribute**](../models/identity-attribute)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | The identity attribute was created successfully. | IdentityAttribute
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityAttribute = @"{
"standard" : false,
"system" : false,
"sources" : [ {
"type" : "rule",
"properties" : {
"ruleType" : "IdentityAttribute",
"ruleName" : "Cloud Promote Identity Attribute"
}
}, {
"type" : "rule",
"properties" : {
"ruleType" : "IdentityAttribute",
"ruleName" : "Cloud Promote Identity Attribute"
}
} ],
"displayName" : "Cost Center",
"name" : "costCenter",
"type" : "string",
"searchable" : false,
"multi" : false
}"@
# Create Identity Attribute
try {
$Result = ConvertFrom-JsonToIdentityAttribute -Json $IdentityAttribute
New-V2025IdentityAttribute -XSailPointExperimental $XSailPointExperimental -IdentityAttribute $Result
# Below is a request that includes all optional parameters
# New-V2025IdentityAttribute -XSailPointExperimental $XSailPointExperimental -IdentityAttribute $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025IdentityAttribute"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-identity-attribute
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This deletes an identity attribute with the given name. The `system` and `standard` properties must be set to false before you can delete an identity attribute.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-identity-attribute)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The attribute's technical name.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "displayName" # String | The attribute's technical name.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete Identity Attribute
try {
Remove-V2025IdentityAttribute -Name $Name -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025IdentityAttribute -Name $Name -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025IdentityAttribute"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-identity-attributes-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to bulk delete identity attributes for a given set of names. Attributes that are currently mapped in an identity profile cannot be deleted. The `system` and `standard` properties must be set to 'false' before you can delete an identity attribute.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-identity-attributes-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentityAttributeNames | [**IdentityAttributeNames**](../models/identity-attribute-names) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityAttributeNames = @"{
"ids" : [ "name", "displayName" ]
}"@
# Bulk delete Identity Attributes
try {
$Result = ConvertFrom-JsonToIdentityAttributeNames -Json $IdentityAttributeNames
Remove-V2025IdentityAttributesInBulk -XSailPointExperimental $XSailPointExperimental -IdentityAttributeNames $Result
# Below is a request that includes all optional parameters
# Remove-V2025IdentityAttributesInBulk -XSailPointExperimental $XSailPointExperimental -IdentityAttributeNames $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025IdentityAttributesInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-attribute
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This gets an identity attribute for a given technical name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-attribute)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The attribute's technical name.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**IdentityAttribute**](../models/identity-attribute)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The identity attribute with the given name | IdentityAttribute
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "displayName" # String | The attribute's technical name.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Identity Attribute
try {
Get-V2025IdentityAttribute -Name $Name -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityAttribute -Name $Name -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityAttribute"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-attributes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to get a collection of identity attributes.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-attributes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | IncludeSystem | **Boolean** | (optional) (default to $false) | Include 'system' attributes in the response.
Query | IncludeSilent | **Boolean** | (optional) (default to $false) | Include 'silent' attributes in the response.
Query | SearchableOnly | **Boolean** | (optional) (default to $false) | Include only 'searchable' attributes in the response.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**IdentityAttribute[]**](../models/identity-attribute)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identity attributes. | IdentityAttribute[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IncludeSystem = $false # Boolean | Include 'system' attributes in the response. (optional) (default to $false)
$IncludeSilent = $false # Boolean | Include 'silent' attributes in the response. (optional) (default to $false)
$SearchableOnly = $false # Boolean | Include only 'searchable' attributes in the response. (optional) (default to $false)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Identity Attributes
try {
Get-V2025IdentityAttributes -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityAttributes -XSailPointExperimental $XSailPointExperimental -IncludeSystem $IncludeSystem -IncludeSilent $IncludeSilent -SearchableOnly $SearchableOnly -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityAttributes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-identity-attribute
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This updates an existing identity attribute. Making an attribute searchable requires that the `system`, `standard`, and `multi` properties be set to false.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-identity-attribute)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | The attribute's technical name.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentityAttribute | [**IdentityAttribute**](../models/identity-attribute) | True |
### Return type
[**IdentityAttribute**](../models/identity-attribute)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The identity attribute was updated successfully | IdentityAttribute
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Name = "displayName" # String | The attribute's technical name.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityAttribute = @"{
"standard" : false,
"system" : false,
"sources" : [ {
"type" : "rule",
"properties" : {
"ruleType" : "IdentityAttribute",
"ruleName" : "Cloud Promote Identity Attribute"
}
}, {
"type" : "rule",
"properties" : {
"ruleType" : "IdentityAttribute",
"ruleName" : "Cloud Promote Identity Attribute"
}
} ],
"displayName" : "Cost Center",
"name" : "costCenter",
"type" : "string",
"searchable" : false,
"multi" : false
}"@
# Update Identity Attribute
try {
$Result = ConvertFrom-JsonToIdentityAttribute -Json $IdentityAttribute
Send-V2025IdentityAttribute -Name $Name -XSailPointExperimental $XSailPointExperimental -IdentityAttribute $Result
# Below is a request that includes all optional parameters
# Send-V2025IdentityAttribute -Name $Name -XSailPointExperimental $XSailPointExperimental -IdentityAttribute $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025IdentityAttribute"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

672
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IdentityHistoryApi.md Normal file
View File

@@ -0,0 +1,672 @@
---
id: v2025-identity-history
title: IdentityHistory
pagination_label: IdentityHistory
sidebar_label: IdentityHistory
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityHistory', 'V2025IdentityHistory']
slug: /tools/sdk/powershell/v2025/methods/identity-history
tags: ['SDK', 'Software Development Kit', 'IdentityHistory', 'V2025IdentityHistory']
---
# IdentityHistory
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Compare-V2025IdentitySnapshots**](#compare-identity-snapshots) | **GET** `/historical-identities/{id}/compare` | Gets a difference of count for each access item types for the given identity between 2 snapshots
[**Compare-V2025IdentitySnapshotsAccessType**](#compare-identity-snapshots-access-type) | **GET** `/historical-identities/{id}/compare/{access-type}` | Gets a list of differences of specific accessType for the given identity between 2 snapshots
[**Get-V2025HistoricalIdentity**](#get-historical-identity) | **GET** `/historical-identities/{id}` | Get latest snapshot of identity
[**Get-V2025HistoricalIdentityEvents**](#get-historical-identity-events) | **GET** `/historical-identities/{id}/events` | Lists all events for the given identity
[**Get-V2025IdentitySnapshot**](#get-identity-snapshot) | **GET** `/historical-identities/{id}/snapshots/{date}` | Gets an identity snapshot at a given date
[**Get-V2025IdentitySnapshotSummary**](#get-identity-snapshot-summary) | **GET** `/historical-identities/{id}/snapshot-summary` | Gets the summary for the event count for a specific identity
[**Get-V2025IdentityStartDate**](#get-identity-start-date) | **GET** `/historical-identities/{id}/start-date` | Gets the start date of the identity
[**Get-V2025HistoricalIdentities**](#list-historical-identities) | **GET** `/historical-identities` | Lists all the identities
[**Get-V2025IdentityAccessItems**](#list-identity-access-items) | **GET** `/historical-identities/{id}/access-items` | List Access Items by Identity
[**Get-V2025IdentitySnapshotAccessItems**](#list-identity-snapshot-access-items) | **GET** `/historical-identities/{id}/snapshots/{date}/access-items` | Gets the list of identity access items at a given date filterd by item type
[**Get-V2025IdentitySnapshots**](#list-identity-snapshots) | **GET** `/historical-identities/{id}/snapshots` | Lists all the snapshots for the identity
## compare-identity-snapshots
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method gets a difference of count for each access item types for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/compare-identity-snapshots)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Snapshot1 | **String** | (optional) | The snapshot 1 of identity
Query | Snapshot2 | **String** | (optional) | The snapshot 2 of identity
Query | AccessItemTypes | **[]String** | (optional) | An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**IdentityCompareResponse[]**](../models/identity-compare-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A IdentityCompare object with difference details for each access item type | IdentityCompareResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Snapshot1 = "2007-03-01T13:00:00Z" # String | The snapshot 1 of identity (optional)
$Snapshot2 = "2008-03-01T13:00:00Z" # String | The snapshot 2 of identity (optional)
$AccessItemTypes = "MyAccessItemTypes" # String[] | An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Gets a difference of count for each access item types for the given identity between 2 snapshots
try {
Compare-V2025IdentitySnapshots -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Compare-V2025IdentitySnapshots -Id $Id -XSailPointExperimental $XSailPointExperimental -Snapshot1 $Snapshot1 -Snapshot2 $Snapshot2 -AccessItemTypes $AccessItemTypes -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Compare-V2025IdentitySnapshots"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## compare-identity-snapshots-access-type
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method gets a list of differences of specific accessType for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/compare-identity-snapshots-access-type)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
Path | AccessType | **String** | True | The specific type which needs to be compared
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | AccessAssociated | **Boolean** | (optional) | Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed
Query | Snapshot1 | **String** | (optional) | The snapshot 1 of identity
Query | Snapshot2 | **String** | (optional) | The snapshot 2 of identity
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**AccessItemDiff[]**](../models/access-item-diff)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of events for the identity | AccessItemDiff[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$AccessType = "accessProfile" # String | The specific type which needs to be compared
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$AccessAssociated = $false # Boolean | Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed (optional)
$Snapshot1 = "2008-03-01T13:00:00Z" # String | The snapshot 1 of identity (optional)
$Snapshot2 = "2009-03-01T13:00:00Z" # String | The snapshot 2 of identity (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Gets a list of differences of specific accessType for the given identity between 2 snapshots
try {
Compare-V2025IdentitySnapshotsAccessType -Id $Id -AccessType $AccessType -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Compare-V2025IdentitySnapshotsAccessType -Id $Id -AccessType $AccessType -XSailPointExperimental $XSailPointExperimental -AccessAssociated $AccessAssociated -Snapshot1 $Snapshot1 -Snapshot2 $Snapshot2 -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Compare-V2025IdentitySnapshotsAccessType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-historical-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves a specified identity Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-historical-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**IdentityHistoryResponse**](../models/identity-history-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The identity object. | IdentityHistoryResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get latest snapshot of identity
try {
Get-V2025HistoricalIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025HistoricalIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025HistoricalIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-historical-identity-events
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves all access events for the identity Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-historical-identity-events)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | From | **String** | (optional) | The optional instant until which access events are returned
Query | EventTypes | **[]String** | (optional) | An optional list of event types to return. If null or empty, all events are returned
Query | AccessItemTypes | **[]String** | (optional) | An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**GetHistoricalIdentityEvents200ResponseInner[]**](../models/get-historical-identity-events200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of events for the identity | GetHistoricalIdentityEvents200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$From = "2024-03-01T13:00:00Z" # String | The optional instant until which access events are returned (optional)
$EventTypes = "MyEventTypes" # String[] | An optional list of event types to return. If null or empty, all events are returned (optional)
$EventTypes = @"[AccessAddedEvent, AccessRemovedEvent]"@ # String[] | An optional list of event types to return. If null or empty, all events are returned (optional)
$AccessItemTypes = "MyAccessItemTypes" # String[] | An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned (optional)
$AccessItemTypes = @"[entitlement, account]"@ # String[] | An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Lists all events for the given identity
try {
Get-V2025HistoricalIdentityEvents -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025HistoricalIdentityEvents -Id $Id -XSailPointExperimental $XSailPointExperimental -From $From -EventTypes $EventTypes -AccessItemTypes $AccessItemTypes -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025HistoricalIdentityEvents"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-snapshot
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves a specified identity snapshot at a given date Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-snapshot)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
Path | Date | **String** | True | The specified date
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**IdentityHistoryResponse**](../models/identity-history-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The identity object. | IdentityHistoryResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Date = "2007-03-01T13:00:00Z" # String | The specified date
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Gets an identity snapshot at a given date
try {
Get-V2025IdentitySnapshot -Id $Id -Date $Date -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentitySnapshot -Id $Id -Date $Date -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentitySnapshot"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-snapshot-summary
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method gets the summary for the event count for a specific identity by month/day Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-snapshot-summary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Before | **String** | (optional) | The date before which snapshot summary is required
Query | Interval | **String** | (optional) | The interval indicating day or month. Defaults to month if not specified
Query | TimeZone | **String** | (optional) | The time zone. Defaults to UTC if not provided
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**MetricResponse[]**](../models/metric-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A summary list of identity changes in date histogram format. | MetricResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Before = "2007-03-01T13:00:00Z" # String | The date before which snapshot summary is required (optional)
$Interval = "day" # String | The interval indicating day or month. Defaults to month if not specified (optional)
$TimeZone = "UTC" # String | The time zone. Defaults to UTC if not provided (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Gets the summary for the event count for a specific identity
try {
Get-V2025IdentitySnapshotSummary -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentitySnapshotSummary -Id $Id -XSailPointExperimental $XSailPointExperimental -Before $Before -Interval $Interval -TimeZone $TimeZone -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentitySnapshotSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-start-date
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves start date of the identity Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-start-date)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The start date of the identity | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Gets the start date of the identity
try {
Get-V2025IdentityStartDate -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityStartDate -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityStartDate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-historical-identities
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This gets the list of identities for the customer. This list end point does not support count=true request param. The total count of identities would never be returned even if the count param is specified in the request Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-historical-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | StartsWithQuery | **String** | (optional) | This param is used for starts-with search for first, last and display name of the identity
Query | IsDeleted | **Boolean** | (optional) | Indicates if we want to only list down deleted identities or not.
Query | IsActive | **Boolean** | (optional) | Indicates if we want to only list active or inactive identities.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**IdentityListItem[]**](../models/identity-list-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identities for the customer. | IdentityListItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$StartsWithQuery = "Ada" # String | This param is used for starts-with search for first, last and display name of the identity (optional)
$IsDeleted = $true # Boolean | Indicates if we want to only list down deleted identities or not. (optional)
$IsActive = $true # Boolean | Indicates if we want to only list active or inactive identities. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# Lists all the identities
try {
Get-V2025HistoricalIdentities -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025HistoricalIdentities -XSailPointExperimental $XSailPointExperimental -StartsWithQuery $StartsWithQuery -IsDeleted $IsDeleted -IsActive $IsActive -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025HistoricalIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-access-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves a list of access item for the identity filtered by the access item type
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-access-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Type | **String** | (optional) | The type of access item for the identity. If not provided, it defaults to account
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ListIdentityAccessItems200ResponseInner[]**](../models/list-identity-access-items200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of access items. | ListIdentityAccessItems200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Type = "account" # String | The type of access item for the identity. If not provided, it defaults to account (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List Access Items by Identity
try {
Get-V2025IdentityAccessItems -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentityAccessItems -Id $Id -XSailPointExperimental $XSailPointExperimental -Type $Type -Limit $Limit -Count $Count -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityAccessItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-snapshot-access-items
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves the list of identity access items at a given date filterd by item type Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-snapshot-access-items)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
Path | Date | **String** | True | The specified date
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Type | **String** | (optional) | The access item type
### Return type
[**ListIdentityAccessItems200ResponseInner[]**](../models/list-identity-access-items200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The identity object. | ListIdentityAccessItems200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Date = "2007-03-01T13:00:00Z" # String | The specified date
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Type = "account" # String | The access item type (optional)
# Gets the list of identity access items at a given date filterd by item type
try {
Get-V2025IdentitySnapshotAccessItems -Id $Id -Date $Date -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentitySnapshotAccessItems -Id $Id -Date $Date -XSailPointExperimental $XSailPointExperimental -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentitySnapshotAccessItems"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-snapshots
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method retrieves all the snapshots for the identity Requires authorization scope of 'idn:identity-history:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-snapshots)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The identity id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Start | **String** | (optional) | The specified start date
Query | Interval | **String** | (optional) | The interval indicating the range in day or month for the specified interval-name
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**IdentitySnapshotSummaryResponse[]**](../models/identity-snapshot-summary-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of identity summary for each snapshot. | IdentitySnapshotSummaryResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Start = "2007-03-01T13:00:00Z" # String | The specified start date (optional)
$Interval = "day" # String | The interval indicating the range in day or month for the specified interval-name (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Lists all the snapshots for the identity
try {
Get-V2025IdentitySnapshots -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025IdentitySnapshots -Id $Id -XSailPointExperimental $XSailPointExperimental -Start $Start -Interval $Interval -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentitySnapshots"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

729
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025IdentityProfilesApi.md Normal file
View File

@@ -0,0 +1,729 @@
---
id: v2025-identity-profiles
title: IdentityProfiles
pagination_label: IdentityProfiles
sidebar_label: IdentityProfiles
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityProfiles', 'V2025IdentityProfiles']
slug: /tools/sdk/powershell/v2025/methods/identity-profiles
tags: ['SDK', 'Software Development Kit', 'IdentityProfiles', 'V2025IdentityProfiles']
---
# IdentityProfiles
Use this API to implement identity profile functionality.
With this functionality in place, administrators can view identity profiles and their configurations.
Identity profiles represent the configurations that can be applied to identities as a way of granting them a set of security and access, as well as defining the mappings between their identity attributes and their source attributes.
In Identity Security Cloud, administrators can use the Identities drop-down menu and select Identity Profiles to view the list of identity profiles.
This list shows some details about each identity profile, along with its status.
They can select an identity profile to view its settings, its mappings between identity attributes and correlating source account attributes, and its provisioning settings.
Refer to [Creating Identity Profiles](https://documentation.sailpoint.com/saas/help/setup/identity_profiles.html) for more information about identity profiles.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025IdentityProfile**](#create-identity-profile) | **POST** `/identity-profiles` | Create Identity Profile
[**Remove-V2025IdentityProfile**](#delete-identity-profile) | **DELETE** `/identity-profiles/{identity-profile-id}` | Delete Identity Profile
[**Remove-V2025IdentityProfiles**](#delete-identity-profiles) | **POST** `/identity-profiles/bulk-delete` | Delete Identity Profiles
[**Export-V2025IdentityProfiles**](#export-identity-profiles) | **GET** `/identity-profiles/export` | Export Identity Profiles
[**New-V2025IdentityPreview**](#generate-identity-preview) | **POST** `/identity-profiles/identity-preview` | Generate Identity Profile Preview
[**Get-V2025DefaultIdentityAttributeConfig**](#get-default-identity-attribute-config) | **GET** `/identity-profiles/{identity-profile-id}/default-identity-attribute-config` | Get default Identity Attribute Config
[**Get-V2025IdentityProfile**](#get-identity-profile) | **GET** `/identity-profiles/{identity-profile-id}` | Get Identity Profile
[**Import-V2025IdentityProfiles**](#import-identity-profiles) | **POST** `/identity-profiles/import` | Import Identity Profiles
[**Get-V2025IdentityProfiles**](#list-identity-profiles) | **GET** `/identity-profiles` | List Identity Profiles
[**Sync-V2025IdentityProfile**](#sync-identity-profile) | **POST** `/identity-profiles/{identity-profile-id}/process-identities` | Process identities under profile
[**Update-V2025IdentityProfile**](#update-identity-profile) | **PATCH** `/identity-profiles/{identity-profile-id}` | Update Identity Profile
## create-identity-profile
Creates an identity profile.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-identity-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityProfile | [**IdentityProfile**](../models/identity-profile) | True |
### Return type
[**IdentityProfile**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created identity profile. | IdentityProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityProfile = @"{
"owner" : {
"name" : "William Wilson",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "IDENTITY"
},
"identityExceptionReportReference" : {
"reportName" : "My annual report",
"taskResultId" : "2b838de9-db9b-abcf-e646-d4f274ad4238"
},
"authoritativeSource" : {
"name" : "HR Active Directory",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "SOURCE"
},
"hasTimeBasedAttr" : true,
"created" : "2015-05-28T14:07:17Z",
"description" : "My custom flat file profile",
"identityRefreshRequired" : true,
"identityCount" : 8,
"priority" : 10,
"identityAttributeConfig" : {
"attributeTransforms" : [ {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
}, {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
} ],
"enabled" : true
},
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"id" : "id12345"
}"@
# Create Identity Profile
try {
$Result = ConvertFrom-JsonToIdentityProfile -Json $IdentityProfile
New-V2025IdentityProfile -IdentityProfile $Result
# Below is a request that includes all optional parameters
# New-V2025IdentityProfile -IdentityProfile $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-identity-profile
Delete an identity profile by ID.
On success, this endpoint will return a reference to the bulk delete task result.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-identity-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
### Return type
[**TaskResultSimplified**](../models/task-result-simplified)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returns a TaskResult object referencing the bulk delete job created. | TaskResultSimplified
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "ef38f94347e94562b5bb8424a56397d8" # String | Identity profile ID.
# Delete Identity Profile
try {
Remove-V2025IdentityProfile -IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Remove-V2025IdentityProfile -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-identity-profiles
This deletes multiple Identity Profiles via a list of supplied IDs.
On success, this endpoint will return a reference to the bulk delete task result.
The following rights are required to access this endpoint: idn:identity-profile:delete
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-identity-profiles)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | RequestBody | **[]String** | True | Identity Profile bulk delete request body.
### Return type
[**TaskResultSimplified**](../models/task-result-simplified)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returns a TaskResult object referencing the bulk delete job created. | TaskResultSimplified
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$RequestBody = "MyRequestBody" # String[] | Identity Profile bulk delete request body.
$RequestBody = @""@ # String[] | Identity Profile bulk delete request body.
# Delete Identity Profiles
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Remove-V2025IdentityProfiles -RequestBody $Result
# Below is a request that includes all optional parameters
# Remove-V2025IdentityProfiles -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## export-identity-profiles
This exports existing identity profiles in the format specified by the sp-config service.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/export-identity-profiles)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne* **name**: *eq, ne* **priority**: *eq, ne*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority**
### Return type
[**IdentityProfileExportedObject[]**](../models/identity-profile-exported-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of export objects with identity profiles. | IdentityProfileExportedObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne* **name**: *eq, ne* **priority**: *eq, ne* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority** (optional)
# Export Identity Profiles
try {
Export-V2025IdentityProfiles
# Below is a request that includes all optional parameters
# Export-V2025IdentityProfiles -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Export-V2025IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## generate-identity-preview
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This generates a non-persisted IdentityDetails object that will represent as the preview of the identities attribute when the given policy''s attribute config is applied.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/generate-identity-preview)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | IdentityPreviewRequest | [**IdentityPreviewRequest**](../models/identity-preview-request) | True | Identity Preview request body.
### Return type
[**IdentityPreviewResponse**](../models/identity-preview-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Object representing the preview object with all of the identity attributes using the current mappings. | IdentityPreviewResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$IdentityPreviewRequest = @"{
"identityId" : "046b6c7f-0b8a-43b9-b35d-6489e6daee91",
"identityAttributeConfig" : {
"attributeTransforms" : [ {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
}, {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
} ],
"enabled" : true
}
}"@
# Generate Identity Profile Preview
try {
$Result = ConvertFrom-JsonToIdentityPreviewRequest -Json $IdentityPreviewRequest
New-V2025IdentityPreview -XSailPointExperimental $XSailPointExperimental -IdentityPreviewRequest $Result
# Below is a request that includes all optional parameters
# New-V2025IdentityPreview -XSailPointExperimental $XSailPointExperimental -IdentityPreviewRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025IdentityPreview"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-default-identity-attribute-config
This returns the default identity attribute config.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-default-identity-attribute-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID.
### Return type
[**IdentityAttributeConfig**](../models/identity-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | An Identity Attribute Config object. | IdentityAttributeConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | The Identity Profile ID.
# Get default Identity Attribute Config
try {
Get-V2025DefaultIdentityAttributeConfig -IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Get-V2025DefaultIdentityAttributeConfig -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DefaultIdentityAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-identity-profile
Get a single identity profile by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-identity-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
### Return type
[**IdentityProfile**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Identity profile object. | IdentityProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
# Get Identity Profile
try {
Get-V2025IdentityProfile -IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Get-V2025IdentityProfile -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## import-identity-profiles
This imports previously exported identity profiles.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/import-identity-profiles)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityProfileExportedObject | [**[]IdentityProfileExportedObject**](../models/identity-profile-exported-object) | True | Previously exported Identity Profiles.
### Return type
[**ObjectImportResult**](../models/object-import-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The result of importing Identity Profiles. | ObjectImportResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileExportedObject = @"{
"self" : {
"name" : "HR Active Directory",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "SOURCE"
},
"version" : 1,
"object" : {
"owner" : {
"name" : "William Wilson",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "IDENTITY"
},
"identityExceptionReportReference" : {
"reportName" : "My annual report",
"taskResultId" : "2b838de9-db9b-abcf-e646-d4f274ad4238"
},
"authoritativeSource" : {
"name" : "HR Active Directory",
"id" : "2c9180835d191a86015d28455b4b232a",
"type" : "SOURCE"
},
"hasTimeBasedAttr" : true,
"created" : "2015-05-28T14:07:17Z",
"description" : "My custom flat file profile",
"identityRefreshRequired" : true,
"identityCount" : 8,
"priority" : 10,
"identityAttributeConfig" : {
"attributeTransforms" : [ {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
}, {
"transformDefinition" : {
"attributes" : {
"attributeName" : "e-mail",
"sourceName" : "MySource",
"sourceId" : "2c9180877a826e68017a8c0b03da1a53"
},
"type" : "accountAttribute"
},
"identityAttributeName" : "email"
} ],
"enabled" : true
},
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"id" : "id12345"
}
}"@ # IdentityProfileExportedObject[] | Previously exported Identity Profiles.
# Import Identity Profiles
try {
$Result = ConvertFrom-JsonToIdentityProfileExportedObject -Json $IdentityProfileExportedObject
Import-V2025IdentityProfiles -IdentityProfileExportedObject $Result
# Below is a request that includes all optional parameters
# Import-V2025IdentityProfiles -IdentityProfileExportedObject $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Import-V2025IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-identity-profiles
Get a list of identity profiles, based on the specified query parameters.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-identity-profiles)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne, ge, gt, in, le, sw* **name**: *eq, ne, ge, gt, in, le, sw* **priority**: *eq, ne*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name**
### Return type
[**IdentityProfile[]**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of identity profiles. | IdentityProfile[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "ef38f94347e94562b5bb8424a56397d8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ne, ge, gt, in, le, sw* **name**: *eq, ne, ge, gt, in, le, sw* **priority**: *eq, ne* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, priority, created, modified, owner.id, owner.name** (optional)
# List Identity Profiles
try {
Get-V2025IdentityProfiles
# Below is a request that includes all optional parameters
# Get-V2025IdentityProfiles -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025IdentityProfiles"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## sync-identity-profile
Process identities under the profile
This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of [event-based processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#event-based-processing) and [scheduled processing](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html?h=process#scheduled-processing) that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized.
This should only be run on identity profiles that have the `identityRefreshRequired` attribute set to `true`. If `identityRefreshRequired` is false, then there is no benefit to running this operation. Typically, this operation is performed when a change is made to the identity profile or its related lifecycle states that requires a refresh.
This operation will perform the following activities on all identities under the identity profile.
1. Updates identity attribute according to the identity profile mappings. 2. Determines the identity's correct manager through manager correlation. 3. Updates the identity's access according to their assigned lifecycle state. 4. Updates the identity's access based on role assignment criteria.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/sync-identity-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | The Identity Profile ID to be processed
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "ef38f94347e94562b5bb8424a56397d8" # String | The Identity Profile ID to be processed
# Process identities under profile
try {
Sync-V2025IdentityProfile -IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Sync-V2025IdentityProfile -IdentityProfileId $IdentityProfileId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Sync-V2025IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-identity-profile
Update a specified identity profile with this PATCH request.
You cannot update these fields:
* id
* created
* modified
* identityCount
* identityRefreshRequired
* Authoritative Source and Identity Attribute Configuration cannot be modified at the same time.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-identity-profile)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | List of identity profile update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**IdentityProfile**](../models/identity-profile)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated identity profile. | IdentityProfile
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "ef38f94347e94562b5bb8424a56397d8" # String | Identity profile ID.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | List of identity profile update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Update Identity Profile
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025IdentityProfile -IdentityProfileId $IdentityProfileId -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025IdentityProfile -IdentityProfileId $IdentityProfileId -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025IdentityProfile"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

390
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025LifecycleStatesApi.md Normal file
View File

@@ -0,0 +1,390 @@
---
id: v2025-lifecycle-states
title: LifecycleStates
pagination_label: LifecycleStates
sidebar_label: LifecycleStates
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'LifecycleStates', 'V2025LifecycleStates']
slug: /tools/sdk/powershell/v2025/methods/lifecycle-states
tags: ['SDK', 'Software Development Kit', 'LifecycleStates', 'V2025LifecycleStates']
---
# LifecycleStates
Use this API to implement and customize lifecycle state functionality.
With this functionality in place, administrators can create and configure custom lifecycle states for use across their organizations, which is key to controlling which users have access, when they have access, and the access they have.
A lifecycle state describes a user&#39;s status in a company. For example, two lifecycle states come by default with Identity Security Cloud: &#39;Active&#39; and &#39;Inactive.&#39;
When an active employee takes an extended leave of absence from a company, his or her lifecycle state may change to &#39;Inactive,&#39; for security purposes.
The inactive employee would lose access to all the applications, sources, and sensitive data during the leave of absence, but when the employee returns and becomes active again, all that access would be restored.
This saves administrators the time that would otherwise be spent provisioning the employee&#39;s access to each individual tool, reviewing the employee&#39;s certification history, etc.
Administrators can create a variety of custom lifecycle states. Refer to [Planning New Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#planning-new-lifecycle-states) for some custom lifecycle state ideas.
Administrators must define the criteria for being in each lifecycle state, and they must define how Identity Security Cloud manages users&#39; access to apps and sources for each lifecycle state.
In Identity Security Cloud, administrators can manage lifecycle states by going to Admin &gt; Identities &gt; Identity Profile, selecting the identity profile whose lifecycle states they want to manage, selecting the &#39;Provisioning&#39; tab, and using the left panel to either select the lifecycle state they want to modify or create a new lifecycle state.
In the &#39;Provisioning&#39; tab, administrators can make the following access changes to an identity profile&#39;s lifecycle state:
- Enable/disable the lifecycle state for the identity profile.
- Enable/disable source accounts for the identity profile&#39;s lifecycle state.
- Add existing access profiles to grant to the identity profiles in that lifecycle state.
- Create a new access profile to grant to the identity profile in that lifecycle state.
Access profiles granted in a previous lifecycle state are automatically revoked when the identity moves to a new lifecycle state.
To maintain access across multiple lifecycle states, administrators must grant the access profiles in each lifecycle state.
For example, if an administrator wants users with the &#39;HR Employee&#39; identity profile to maintain their building access in both the &#39;Active&#39; and &#39;Leave of Absence&#39; lifecycle states, the administrator must grant the access profile for that building access to both lifecycle states.
During scheduled refreshes, Identity Security Cloud evaluates lifecycle states to determine whether their assigned identities have the access defined in the lifecycle states&#39; access profiles.
If the identities are missing access, Identity Security Cloud provisions that access.
Administrators can also use the &#39;Provisioning&#39; tab to configure email notifications for Identity Security Cloud to send whenever an identity with that identity profile has a lifecycle state change.
Refer to [Configuring Lifecycle State Notifications](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#configuring-lifecycle-state-notifications) for more information on how to do so.
An identity&#39;s lifecycle state can have four different statuses: the lifecycle state&#39;s status can be &#39;Active,&#39; it can be &#39;Not Set,&#39; it can be &#39;Not Valid,&#39; or it &#39;Does Not Match Technical Name Case.&#39;
Refer to [Moving Identities into Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html#moving-identities-into-lifecycle-states) for more information about these different lifecycle state statuses.
Refer to [Setting Up Lifecycle States](https://documentation.sailpoint.com/saas/help/provisioning/lifecycle.html) for more information about lifecycle states.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025LifecycleState**](#create-lifecycle-state) | **POST** `/identity-profiles/{identity-profile-id}/lifecycle-states` | Create Lifecycle State
[**Remove-V2025LifecycleState**](#delete-lifecycle-state) | **DELETE** `/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}` | Delete Lifecycle State
[**Get-V2025LifecycleState**](#get-lifecycle-state) | **GET** `/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}` | Get Lifecycle State
[**Get-V2025LifecycleStates**](#get-lifecycle-states) | **GET** `/identity-profiles/{identity-profile-id}/lifecycle-states` | Lists LifecycleStates
[**Set-V2025LifecycleState**](#set-lifecycle-state) | **POST** `/identities/{identity-id}/set-lifecycle-state` | Set Lifecycle State
[**Update-V2025LifecycleStates**](#update-lifecycle-states) | **PATCH** `/identity-profiles/{identity-profile-id}/lifecycle-states/{lifecycle-state-id}` | Update Lifecycle State
## create-lifecycle-state
Use this endpoint to create a lifecycle state.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-lifecycle-state)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Body | LifecycleState | [**LifecycleState**](../models/lifecycle-state) | True | Lifecycle state to be created.
### Return type
[**LifecycleState**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created LifecycleState object. | LifecycleState
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleState = @"{
"accessProfileIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ],
"emailNotificationOption" : {
"notifyManagers" : true,
"notifySpecificUsers" : true,
"emailAddressList" : [ "test@test.com", "test2@test.com" ],
"notifyAllAdmins" : true
},
"created" : "2015-05-28T14:07:17Z",
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"description" : "Lifecycle description",
"accountActions" : [ {
"action" : "ENABLE",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
}, {
"action" : "ENABLE",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
} ],
"id" : "id12345",
"identityCount" : 42,
"technicalName" : "Technical Name",
"identityState" : "identityState",
"enabled" : true
}"@
# Create Lifecycle State
try {
$Result = ConvertFrom-JsonToLifecycleState -Json $LifecycleState
New-V2025LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleState $Result
# Below is a request that includes all optional parameters
# New-V2025LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleState $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-lifecycle-state
Use this endpoint to delete the lifecycle state by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-lifecycle-state)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Path | LifecycleStateId | **String** | True | Lifecycle state ID.
### Return type
[**LifecyclestateDeleted**](../models/lifecyclestate-deleted)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | The request was successfully accepted into the system. | LifecyclestateDeleted
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleStateId = "ef38f94347e94562b5bb8424a56397d8" # String | Lifecycle state ID.
# Delete Lifecycle State
try {
Remove-V2025LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
# Below is a request that includes all optional parameters
# Remove-V2025LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-lifecycle-state
Use this endpoint to get a lifecycle state by its ID and its associated identity profile ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-lifecycle-state)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Path | LifecycleStateId | **String** | True | Lifecycle state ID.
### Return type
[**LifecycleState**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested LifecycleState was successfully retrieved. | LifecycleState
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleStateId = "ef38f94347e94562b5bb8424a56397d8" # String | Lifecycle state ID.
# Get Lifecycle State
try {
Get-V2025LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
# Below is a request that includes all optional parameters
# Get-V2025LifecycleState -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-lifecycle-states
Use this endpoint to list all lifecycle states by their associated identity profiles.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-lifecycle-states)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified**
### Return type
[**LifecycleState[]**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of LifecycleState objects. | LifecycleState[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "created,modified" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created, modified** (optional)
# Lists LifecycleStates
try {
Get-V2025LifecycleStates -IdentityProfileId $IdentityProfileId
# Below is a request that includes all optional parameters
# Get-V2025LifecycleStates -IdentityProfileId $IdentityProfileId -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025LifecycleStates"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-lifecycle-state
Use this API to set/update an identity's lifecycle state to the one provided and update the corresponding identity profile.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-lifecycle-state)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityId | **String** | True | ID of the identity to update.
Body | SetLifecycleStateRequest | [**SetLifecycleStateRequest**](../models/set-lifecycle-state-request) | True |
### Return type
[**SetLifecycleState200Response**](../models/set-lifecycle-state200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The request was successfully accepted into the system. | SetLifecycleState200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityId = "2c9180857893f1290178944561990364" # String | ID of the identity to update.
$SetLifecycleStateRequest = @""@
# Set Lifecycle State
try {
$Result = ConvertFrom-JsonToSetLifecycleStateRequest -Json $SetLifecycleStateRequest
Set-V2025LifecycleState -IdentityId $IdentityId -SetLifecycleStateRequest $Result
# Below is a request that includes all optional parameters
# Set-V2025LifecycleState -IdentityId $IdentityId -SetLifecycleStateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025LifecycleState"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-lifecycle-states
Use this endpoint to update individual lifecycle state fields, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-lifecycle-states)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | IdentityProfileId | **String** | True | Identity profile ID.
Path | LifecycleStateId | **String** | True | Lifecycle state ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of lifecycle state update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields can be updated: * enabled * description * accountActions * accessProfileIds * emailNotificationOption
### Return type
[**LifecycleState**](../models/lifecycle-state)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The LifecycleState was successfully updated. | LifecycleState
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$IdentityProfileId = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | Identity profile ID.
$LifecycleStateId = "ef38f94347e94562b5bb8424a56397d8" # String | Lifecycle state ID.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of lifecycle state update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields can be updated: * enabled * description * accountActions * accessProfileIds * emailNotificationOption
# Update Lifecycle State
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025LifecycleStates -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025LifecycleStates -IdentityProfileId $IdentityProfileId -LifecycleStateId $LifecycleStateId -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025LifecycleStates"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

361
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025MFAConfigurationApi.md Normal file
View File

@@ -0,0 +1,361 @@
---
id: v2025-mfa-configuration
title: MFAConfiguration
pagination_label: MFAConfiguration
sidebar_label: MFAConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'MFAConfiguration', 'V2025MFAConfiguration']
slug: /tools/sdk/powershell/v2025/methods/mfa-configuration
tags: ['SDK', 'Software Development Kit', 'MFAConfiguration', 'V2025MFAConfiguration']
---
# MFAConfiguration
Configure and test multifactor authentication (MFA) methods
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025MFADuoConfig**](#get-mfa-duo-config) | **GET** `/mfa/duo-web/config` | Configuration of Duo MFA method
[**Get-V2025MFAKbaConfig**](#get-mfa-kba-config) | **GET** `/mfa/kba/config` | Configuration of KBA MFA method
[**Get-V2025MFAOktaConfig**](#get-mfa-okta-config) | **GET** `/mfa/okta-verify/config` | Configuration of Okta MFA method
[**Set-V2025MFADuoConfig**](#set-mfa-duo-config) | **PUT** `/mfa/duo-web/config` | Set Duo MFA configuration
[**Set-V2025MFAKBAConfig**](#set-mfakba-config) | **POST** `/mfa/kba/config/answers` | Set MFA KBA configuration
[**Set-V2025MFAOktaConfig**](#set-mfa-okta-config) | **PUT** `/mfa/okta-verify/config` | Set Okta MFA configuration
[**Test-V2025MFAConfig**](#test-mfa-config) | **GET** `/mfa/{method}/test` | MFA method&#39;s test configuration
## get-mfa-duo-config
This API returns the configuration of an Duo MFA method.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-mfa-duo-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**MfaDuoConfig**](../models/mfa-duo-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The configuration of an Duo MFA method. | MfaDuoConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Configuration of Duo MFA method
try {
Get-V2025MFADuoConfig
# Below is a request that includes all optional parameters
# Get-V2025MFADuoConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MFADuoConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-mfa-kba-config
This API returns the KBA configuration for MFA.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-mfa-kba-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | AllLanguages | **Boolean** | (optional) | Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false
### Return type
[**KbaQuestion[]**](../models/kba-question)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The configuration for KBA MFA method. | KbaQuestion[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$AllLanguages = $false # Boolean | Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false (optional)
# Configuration of KBA MFA method
try {
Get-V2025MFAKbaConfig
# Below is a request that includes all optional parameters
# Get-V2025MFAKbaConfig -AllLanguages $AllLanguages
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MFAKbaConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-mfa-okta-config
This API returns the configuration of an Okta MFA method.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-mfa-okta-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**MfaOktaConfig**](../models/mfa-okta-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The configuration of an Okta MFA method. | MfaOktaConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Configuration of Okta MFA method
try {
Get-V2025MFAOktaConfig
# Below is a request that includes all optional parameters
# Get-V2025MFAOktaConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MFAOktaConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-mfa-duo-config
This API sets the configuration of an Duo MFA method.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-mfa-duo-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | MfaDuoConfig | [**MfaDuoConfig**](../models/mfa-duo-config) | True |
### Return type
[**MfaDuoConfig**](../models/mfa-duo-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MFA configuration of an Duo MFA method. | MfaDuoConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MfaDuoConfig = @"{
"accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
"host" : "example.com",
"configProperties" : {
"skey" : "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x",
"ikey" : "Q123WE45R6TY7890ZXCV"
},
"mfaMethod" : "duo-web",
"enabled" : true,
"identityAttribute" : "email"
}"@
# Set Duo MFA configuration
try {
$Result = ConvertFrom-JsonToMfaDuoConfig -Json $MfaDuoConfig
Set-V2025MFADuoConfig -MfaDuoConfig $Result
# Below is a request that includes all optional parameters
# Set-V2025MFADuoConfig -MfaDuoConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025MFADuoConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-mfakba-config
This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-mfakba-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | KbaAnswerRequestItem | [**[]KbaAnswerRequestItem**](../models/kba-answer-request-item) | True |
### Return type
[**KbaAnswerResponseItem[]**](../models/kba-answer-response-item)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The new KBA configuration for the user. | KbaAnswerResponseItem[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$KbaAnswerRequestItem = @"{
"answer" : "Your answer",
"id" : "c54fee53-2d63-4fc5-9259-3e93b9994135"
}"@ # KbaAnswerRequestItem[] |
# Set MFA KBA configuration
try {
$Result = ConvertFrom-JsonToKbaAnswerRequestItem -Json $KbaAnswerRequestItem
Set-V2025MFAKBAConfig -KbaAnswerRequestItem $Result
# Below is a request that includes all optional parameters
# Set-V2025MFAKBAConfig -KbaAnswerRequestItem $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025MFAKBAConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-mfa-okta-config
This API sets the configuration of an Okta MFA method.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-mfa-okta-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | MfaOktaConfig | [**MfaOktaConfig**](../models/mfa-okta-config) | True |
### Return type
[**MfaOktaConfig**](../models/mfa-okta-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MFA configuration of an Okta MFA method. | MfaOktaConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MfaOktaConfig = @"{
"accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
"host" : "example.com",
"mfaMethod" : "okta-verify",
"enabled" : true,
"identityAttribute" : "email"
}"@
# Set Okta MFA configuration
try {
$Result = ConvertFrom-JsonToMfaOktaConfig -Json $MfaOktaConfig
Set-V2025MFAOktaConfig -MfaOktaConfig $Result
# Below is a request that includes all optional parameters
# Set-V2025MFAOktaConfig -MfaOktaConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025MFAOktaConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-mfa-config
This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/test-mfa-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Method | **String** | True | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
### Return type
[**MfaConfigTestResponse**](../models/mfa-config-test-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The result of configuration test for the MFA provider. | MfaConfigTestResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Method = "okta-verify" # String | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
# MFA method's test configuration
try {
Test-V2025MFAConfig -Method $Method
# Below is a request that includes all optional parameters
# Test-V2025MFAConfig -Method $Method
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-V2025MFAConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

190
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025MachineAccountsApi.md Normal file
View File

@@ -0,0 +1,190 @@
---
id: v2025-machine-accounts
title: MachineAccounts
pagination_label: MachineAccounts
sidebar_label: MachineAccounts
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'MachineAccounts', 'V2025MachineAccounts']
slug: /tools/sdk/powershell/v2025/methods/machine-accounts
tags: ['SDK', 'Software Development Kit', 'MachineAccounts', 'V2025MachineAccounts']
---
# MachineAccounts
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025MachineAccount**](#get-machine-account) | **GET** `/machine-accounts/{id}` | Machine Account Details
[**Get-V2025MachineAccounts**](#list-machine-accounts) | **GET** `/machine-accounts` | Machine Accounts List
[**Update-V2025MachineAccount**](#update-machine-account) | **PATCH** `/machine-accounts/{id}` | Update a Machine Account
## get-machine-account
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to return the details for a single machine account by its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-machine-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Machine Account ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**MachineAccount**](../models/machine-account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Machine Account object. | MachineAccount
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Account ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Machine Account Details
try {
Get-V2025MachineAccount -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025MachineAccount -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MachineAccount"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-machine-accounts
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This returns a list of machine accounts.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-machine-accounts)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **machineIdentity**: *eq, in, sw* **description**: *eq, in, sw* **ownerIdentity**: *eq, in, sw* **ownerIdentityId**: *eq, in, sw* **entitlements**: *eq* **accessType**: *eq, in, sw* **subType**: *eq, in, sw* **environment**: *eq, in, sw* **classificationMethod**: *eq, in, sw* **manuallyCorrelated**: *eq* **manuallyEdited**: *eq* **identity**: *eq, in, sw* **source**: *eq, in* **hasEntitlement**: *eq* **locked**: *eq* **connectorAttributes**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, machineIdentity, identity.id, nativeIdentity, uuid, manuallyCorrelated, connectorAttributes, entitlements, identity.name, identity.type, source.id, source.name, source.type**
### Return type
[**MachineAccount[]**](../models/machine-account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of machine account objects | MachineAccount[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'identityId eq "2c9180858082150f0180893dbaf44201"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **machineIdentity**: *eq, in, sw* **description**: *eq, in, sw* **ownerIdentity**: *eq, in, sw* **ownerIdentityId**: *eq, in, sw* **entitlements**: *eq* **accessType**: *eq, in, sw* **subType**: *eq, in, sw* **environment**: *eq, in, sw* **classificationMethod**: *eq, in, sw* **manuallyCorrelated**: *eq* **manuallyEdited**: *eq* **identity**: *eq, in, sw* **source**: *eq, in* **hasEntitlement**: *eq* **locked**: *eq* **connectorAttributes**: *eq* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, machineIdentity, identity.id, nativeIdentity, uuid, manuallyCorrelated, connectorAttributes, entitlements, identity.name, identity.type, source.id, source.name, source.type** (optional)
# Machine Accounts List
try {
Get-V2025MachineAccounts -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025MachineAccounts -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MachineAccounts"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-machine-account
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to update machine accounts details.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-machine-account)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Machine Account ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
### Return type
[**MachineAccount**](../models/machine-account)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Machine Account object. | MachineAccount
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Account ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
$RequestBody = @"{Add machine identity attribute={value=[{op=add, path=/environment, value=test}]}, Replace machine identity attribute={value=[{op=replace, path=/environment, value=test}]}, Remove machine identity attribute={value=[{op=remove, path=/environment}]}}"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * description * ownerIdentity * subType * accessType * environment * attributes * classificationMethod * manuallyEdited * nativeIdentity * uuid * source * manuallyCorrelated * enabled * locked * hasEntitlements * connectorAttributes
# Update a Machine Account
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-V2025MachineAccount -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-V2025MachineAccount -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025MachineAccount"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

305
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025MachineIdentitiesApi.md Normal file
View File

@@ -0,0 +1,305 @@
---
id: v2025-machine-identities
title: MachineIdentities
pagination_label: MachineIdentities
sidebar_label: MachineIdentities
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'MachineIdentities', 'V2025MachineIdentities']
slug: /tools/sdk/powershell/v2025/methods/machine-identities
tags: ['SDK', 'Software Development Kit', 'MachineIdentities', 'V2025MachineIdentities']
---
# MachineIdentities
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025MachineIdentity**](#create-machine-identity) | **POST** `/machine-identities` | Create Machine Identities
[**Remove-V2025MachineIdentity**](#delete-machine-identity) | **DELETE** `/machine-identities/{id}` | Delete machine identity
[**Get-V2025MachineIdentity**](#get-machine-identity) | **GET** `/machine-identities/{id}` | Machine Identity Details
[**Get-V2025MachineIdentities**](#list-machine-identities) | **GET** `/machine-identities` | List Machine Identities
[**Update-V2025MachineIdentity**](#update-machine-identity) | **PATCH** `/machine-identities/{id}` | Update a Machine Identity
## create-machine-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to create a machine identity.
The maximum supported length for the description field is 2000 characters.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-machine-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | MachineIdentity | [**MachineIdentity**](../models/machine-identity) | True |
### Return type
[**MachineIdentity**](../models/machine-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Machine Identity created. | MachineIdentity
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$MachineIdentity = @"{
"created" : "2015-05-28T14:07:17Z",
"businessApplication" : "ADService",
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"description" : "",
"attributes" : "{\"Region\":\"EU\"}",
"id" : "id12345",
"manuallyEdited" : true
}"@
# Create Machine Identities
try {
$Result = ConvertFrom-JsonToMachineIdentity -Json $MachineIdentity
New-V2025MachineIdentity -XSailPointExperimental $XSailPointExperimental -MachineIdentity $Result
# Below is a request that includes all optional parameters
# New-V2025MachineIdentity -XSailPointExperimental $XSailPointExperimental -MachineIdentity $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025MachineIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-machine-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
The API returns successful response if the requested machine identity was deleted.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-machine-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Machine Identity ID
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete machine identity
try {
Remove-V2025MachineIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025MachineIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025MachineIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-machine-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a single machine identity using the Machine Identity ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-machine-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Machine Identity ID
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**MachineIdentity**](../models/machine-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A machine identity object | MachineIdentity
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Machine Identity Details
try {
Get-V2025MachineIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025MachineIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MachineIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-machine-identities
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API returns a list of machine identities.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-machine-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **displayName**: *eq, in, sw* **cisIdentityId**: *eq, in, sw* **description**: *eq, in, sw* **businessApplication**: *eq, in, sw* **attributes**: *eq* **manuallyEdited**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **businessApplication, name**
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**MachineIdentity[]**](../models/machine-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of machine identities. | MachineIdentity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'identityId eq "2c9180858082150f0180893dbaf44201"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **displayName**: *eq, in, sw* **cisIdentityId**: *eq, in, sw* **description**: *eq, in, sw* **businessApplication**: *eq, in, sw* **attributes**: *eq* **manuallyEdited**: *eq* (optional)
$Sorters = "businessApplication" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **businessApplication, name** (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List Machine Identities
try {
Get-V2025MachineIdentities -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025MachineIdentities -XSailPointExperimental $XSailPointExperimental -Filters $Filters -Sorters $Sorters -Count $Count -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MachineIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-machine-identity
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this API to update machine identity details.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-machine-identity)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Machine Identity ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**MachineIdentity**](../models/machine-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated Machine Identity object. | MachineIdentity
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"{Add machine identity attribute={value=[{op=add, path=/attributes/securityRisk, value=medium}]}, Replace machine identity attribute={value=[{op=replace, path=/attributes/securityRisk, value=medium}]}, Remove machine identity attribute={value=[{op=remove, path=/attributes/securityRisk}]}}"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Update a Machine Identity
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-V2025MachineIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-V2025MachineIdentity -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025MachineIdentity"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

324
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ManagedClientsApi.md Normal file
View File

@@ -0,0 +1,324 @@
---
id: v2025-managed-clients
title: ManagedClients
pagination_label: ManagedClients
sidebar_label: ManagedClients
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ManagedClients', 'V2025ManagedClients']
slug: /tools/sdk/powershell/v2025/methods/managed-clients
tags: ['SDK', 'Software Development Kit', 'ManagedClients', 'V2025ManagedClients']
---
# ManagedClients
Use this API to implement managed client functionality.
With this functionality in place, administrators can modify and delete existing managed clients, create new ones, and view and make changes to their log configurations.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ManagedClient**](#create-managed-client) | **POST** `/managed-clients` | Create Managed Client
[**Remove-V2025ManagedClient**](#delete-managed-client) | **DELETE** `/managed-clients/{id}` | Delete Managed Client
[**Get-V2025ManagedClient**](#get-managed-client) | **GET** `/managed-clients/{id}` | Get Managed Client
[**Get-V2025ManagedClientStatus**](#get-managed-client-status) | **GET** `/managed-clients/{id}/status` | Get Managed Client Status
[**Get-V2025ManagedClients**](#get-managed-clients) | **GET** `/managed-clients` | Get Managed Clients
[**Update-V2025ManagedClient**](#update-managed-client) | **PATCH** `/managed-clients/{id}` | Update Managed Client
## create-managed-client
Create a new managed client.
The API returns a result that includes the managed client ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-managed-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ManagedClientRequest | [**ManagedClientRequest**](../models/managed-client-request) | True |
### Return type
[**ManagedClient**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created managed client. | ManagedClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ManagedClientRequest = @"{
"name" : "aName",
"description" : "A short description of the ManagedClient",
"clusterId" : "aClusterId",
"type" : "VA"
}"@
# Create Managed Client
try {
$Result = ConvertFrom-JsonToManagedClientRequest -Json $ManagedClientRequest
New-V2025ManagedClient -ManagedClientRequest $Result
# Below is a request that includes all optional parameters
# New-V2025ManagedClient -ManagedClientRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-managed-client
Delete an existing managed client.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-managed-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" # String | Managed client ID.
# Delete Managed Client
try {
Remove-V2025ManagedClient -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ManagedClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-client
Get managed client by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID.
### Return type
[**ManagedClient**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Managed client response. | ManagedClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" # String | Managed client ID.
# Get Managed Client
try {
Get-V2025ManagedClient -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ManagedClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-client-status
Get a managed client's status, using its ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-client-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID to get status for.
Query | Type | [**ManagedClientType**](../models/managed-client-type) | True | Managed client type to get status for.
### Return type
[**ManagedClientStatus**](../models/managed-client-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with the managed client status, with the given ID and type. | ManagedClientStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "aClientId" # String | Managed client ID to get status for.
$Type = "CCG" # ManagedClientType | Managed client type to get status for.
# Get Managed Client Status
try {
Get-V2025ManagedClientStatus -Id $Id -Type $Type
# Below is a request that includes all optional parameters
# Get-V2025ManagedClientStatus -Id $Id -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedClientStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-clients
List managed clients.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-clients)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **name**: *eq* **clientId**: *eq* **clusterId**: *eq*
### Return type
[**ManagedClient[]**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with a list of managed clients, based on the specified query parameters. | ManagedClient[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "client name"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **name**: *eq* **clientId**: *eq* **clusterId**: *eq* (optional)
# Get Managed Clients
try {
Get-V2025ManagedClients
# Below is a request that includes all optional parameters
# Get-V2025ManagedClients -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedClients"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-managed-client
Update an existing managed client.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-managed-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed client ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | JSONPatch payload used to update the object.
### Return type
[**ManagedClient**](../models/managed-client)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated managed client. | ManagedClient
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "4440278c-0ce2-41ee-a0a9-f5cfd5e8d3b7" # String | Managed client ID.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | JSONPatch payload used to update the object.
# Update Managed Client
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025ManagedClient -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025ManagedClient -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ManagedClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

286
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ManagedClusterTypesApi.md Normal file
View File

@@ -0,0 +1,286 @@
---
id: v2025-managed-cluster-types
title: ManagedClusterTypes
pagination_label: ManagedClusterTypes
sidebar_label: ManagedClusterTypes
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ManagedClusterTypes', 'V2025ManagedClusterTypes']
slug: /tools/sdk/powershell/v2025/methods/managed-cluster-types
tags: ['SDK', 'Software Development Kit', 'ManagedClusterTypes', 'V2025ManagedClusterTypes']
---
# ManagedClusterTypes
Use this API to implement managed cluster types functionality.
With this functionality in place, administrators can modify and delete existing managed cluster types and create new ones.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ManagedClusterType**](#create-managed-cluster-type) | **POST** `/managed-cluster-types` | Create new Managed Cluster Type
[**Remove-V2025ManagedClusterType**](#delete-managed-cluster-type) | **DELETE** `/managed-cluster-types/{id}` | Delete a Managed Cluster Type
[**Get-V2025ManagedClusterType**](#get-managed-cluster-type) | **GET** `/managed-cluster-types/{id}` | Get a Managed Cluster Type
[**Get-V2025ManagedClusterTypes**](#get-managed-cluster-types) | **GET** `/managed-cluster-types` | List Managed Cluster Types
[**Update-V2025ManagedClusterType**](#update-managed-cluster-type) | **PATCH** `/managed-cluster-types/{id}` | Update a Managed Cluster Type
## create-managed-cluster-type
Create a new Managed Cluster Type.
The API returns a result that includes the Managed Cluster Type ID
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-managed-cluster-type)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ManagedClusterType | [**ManagedClusterType**](../models/managed-cluster-type) | True |
### Return type
[**ManagedClusterType**](../models/managed-cluster-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The created ManagedClusterType | ManagedClusterType
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ManagedClusterType = @"{
"managedProcessIds" : [ "someId", "someId2" ],
"pod" : "megapod-useast1",
"org" : "denali-cjh",
"id" : "aClusterTypeId",
"type" : "idn"
}"@
# Create new Managed Cluster Type
try {
$Result = ConvertFrom-JsonToManagedClusterType -Json $ManagedClusterType
New-V2025ManagedClusterType -ManagedClusterType $Result
# Below is a request that includes all optional parameters
# New-V2025ManagedClusterType -ManagedClusterType $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ManagedClusterType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-managed-cluster-type
Delete an existing Managed Cluster Type.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-managed-cluster-type)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The Managed Cluster Type ID
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "aClusterTypeId" # String | The Managed Cluster Type ID
# Delete a Managed Cluster Type
try {
Remove-V2025ManagedClusterType -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ManagedClusterType -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ManagedClusterType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-cluster-type
Get a Managed Cluster Type.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-cluster-type)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The Managed Cluster Type ID
### Return type
[**ManagedClusterType**](../models/managed-cluster-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with a ManagedClusterType | ManagedClusterType
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "aClusterTypeId" # String | The Managed Cluster Type ID
# Get a Managed Cluster Type
try {
Get-V2025ManagedClusterType -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ManagedClusterType -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedClusterType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-cluster-types
Get a list of Managed Cluster Types.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-cluster-types)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Type | **String** | (optional) | Type descriptor
Query | Pod | **String** | (optional) | Pinned pod (or default)
Query | Org | **String** | (optional) | Pinned org (or default)
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ManagedClusterType[]**](../models/managed-cluster-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with a list of ManagedClusterType based on the query params provided | ManagedClusterType[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "IDN" # String | Type descriptor (optional)
$Pod = "megapod-useast1" # String | Pinned pod (or default) (optional)
$Org = "denali-xyz" # String | Pinned org (or default) (optional)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
# List Managed Cluster Types
try {
Get-V2025ManagedClusterTypes
# Below is a request that includes all optional parameters
# Get-V2025ManagedClusterTypes -Type $Type -Pod $Pod -Org $Org -Offset $Offset -Limit $Limit
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedClusterTypes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-managed-cluster-type
Update an existing Managed Cluster Type.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-managed-cluster-type)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The Managed Cluster Type ID
Body | JsonPatch | [**JsonPatch**](../models/json-patch) | True | The JSONPatch payload used to update the schema.
### Return type
[**ManagedClusterType**](../models/managed-cluster-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The updated ManagedClusterType | ManagedClusterType
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "aClusterTypeId" # String | The Managed Cluster Type ID
$JsonPatch = @"{
"operations" : [ {
"op" : "replace",
"path" : "/description",
"value" : "New description"
}, {
"op" : "replace",
"path" : "/description",
"value" : "New description"
} ]
}"@
# Update a Managed Cluster Type
try {
$Result = ConvertFrom-JsonToJsonPatch -Json $JsonPatch
Update-V2025ManagedClusterType -Id $Id -JsonPatch $Result
# Below is a request that includes all optional parameters
# Update-V2025ManagedClusterType -Id $Id -JsonPatch $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ManagedClusterType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

426
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ManagedClustersApi.md Normal file
View File

@@ -0,0 +1,426 @@
---
id: v2025-managed-clusters
title: ManagedClusters
pagination_label: ManagedClusters
sidebar_label: ManagedClusters
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ManagedClusters', 'V2025ManagedClusters']
slug: /tools/sdk/powershell/v2025/methods/managed-clusters
tags: ['SDK', 'Software Development Kit', 'ManagedClusters', 'V2025ManagedClusters']
---
# ManagedClusters
Use this API to implement managed cluster functionality.
With this functionality in place, administrators can modify and delete existing managed clients, get their statuses, and create new ones.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ManagedCluster**](#create-managed-cluster) | **POST** `/managed-clusters` | Create Create Managed Cluster
[**Remove-V2025ManagedCluster**](#delete-managed-cluster) | **DELETE** `/managed-clusters/{id}` | Delete Managed Cluster
[**Get-V2025ClientLogConfiguration**](#get-client-log-configuration) | **GET** `/managed-clusters/{id}/log-config` | Get Managed Cluster Log Configuration
[**Get-V2025ManagedCluster**](#get-managed-cluster) | **GET** `/managed-clusters/{id}` | Get Managed Cluster
[**Get-V2025ManagedClusters**](#get-managed-clusters) | **GET** `/managed-clusters` | Get Managed Clusters
[**Send-V2025ClientLogConfiguration**](#put-client-log-configuration) | **PUT** `/managed-clusters/{id}/log-config` | Update Managed Cluster Log Configuration
[**Update-V2025**](#update) | **POST** `/managed-clusters/{id}/manualUpgrade` | Trigger Manual Upgrade for Managed Cluster
[**Update-V2025ManagedCluster**](#update-managed-cluster) | **PATCH** `/managed-clusters/{id}` | Update Managed Cluster
## create-managed-cluster
Create a new Managed Cluster.
The API returns a result that includes the managed cluster ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-managed-cluster)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ManagedClusterRequest | [**ManagedClusterRequest**](../models/managed-cluster-request) | True |
### Return type
[**ManagedCluster**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created managed cluster. | ManagedCluster
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ManagedClusterRequest = @"{
"configuration" : {
"clusterExternalId" : "externalId",
"ccgVersion" : "77.0.0"
},
"name" : "Managed Cluster Name",
"description" : "A short description of the managed cluster.",
"type" : "idn"
}"@
# Create Create Managed Cluster
try {
$Result = ConvertFrom-JsonToManagedClusterRequest -Json $ManagedClusterRequest
New-V2025ManagedCluster -ManagedClusterRequest $Result
# Below is a request that includes all optional parameters
# New-V2025ManagedCluster -ManagedClusterRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-managed-cluster
Delete an existing managed cluster.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-managed-cluster)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed cluster ID.
Query | RemoveClients | **Boolean** | (optional) (default to $false) | Flag to determine the need to delete a cluster with clients.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180897de347a2017de8859e8c5039" # String | Managed cluster ID.
$RemoveClients = $false # Boolean | Flag to determine the need to delete a cluster with clients. (optional) (default to $false)
# Delete Managed Cluster
try {
Remove-V2025ManagedCluster -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ManagedCluster -Id $Id -RemoveClients $RemoveClients
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-client-log-configuration
Get a managed cluster's log configuration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-client-log-configuration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of managed cluster to get log configuration for.
### Return type
[**ClientLogConfiguration**](../models/client-log-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Log configuration of managed cluster for given cluster ID. | ClientLogConfiguration
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | ID of managed cluster to get log configuration for.
# Get Managed Cluster Log Configuration
try {
Get-V2025ClientLogConfiguration -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ClientLogConfiguration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ClientLogConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-cluster
Get a managed cluster by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-cluster)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed cluster ID.
### Return type
[**ManagedCluster**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with managed cluster for the given ID. | ManagedCluster
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180897de347a2017de8859e8c5039" # String | Managed cluster ID.
# Get Managed Cluster
try {
Get-V2025ManagedCluster -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ManagedCluster -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-managed-clusters
List current organization's managed clusters, based on request context.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-managed-clusters)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq*
### Return type
[**ManagedCluster[]**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with a list of managed clusters. | ManagedCluster[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'operational eq "operation"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **operational**: *eq* (optional)
# Get Managed Clusters
try {
Get-V2025ManagedClusters
# Below is a request that includes all optional parameters
# Get-V2025ManagedClusters -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ManagedClusters"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-client-log-configuration
Update a managed cluster's log configuration. You may only specify one of `durationMinutes` or `expiration`, up to 1440 minutes (24 hours) in the future. If neither is specified, the default value for `durationMinutes` is 240.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-client-log-configuration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the managed cluster to update the log configuration for.
Body | PutClientLogConfigurationRequest | [**PutClientLogConfigurationRequest**](../models/put-client-log-configuration-request) | True | Client log configuration for the given managed cluster.
### Return type
[**ClientLogConfiguration**](../models/client-log-configuration)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Response with updated client log configuration for the given managed cluster. | ClientLogConfiguration
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | ID of the managed cluster to update the log configuration for.
$PutClientLogConfigurationRequest = @""@
# Update Managed Cluster Log Configuration
try {
$Result = ConvertFrom-JsonToPutClientLogConfigurationRequest -Json $PutClientLogConfigurationRequest
Send-V2025ClientLogConfiguration -Id $Id -PutClientLogConfigurationRequest $Result
# Below is a request that includes all optional parameters
# Send-V2025ClientLogConfiguration -Id $Id -PutClientLogConfigurationRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ClientLogConfiguration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update
Trigger Manual Upgrade for Managed Cluster.
AMS Security: API, Internal A token with SYSTEM_ADMINISTRATOR authority is required to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of managed cluster to trigger manual upgrade.
### Return type
[**ClusterManualUpgrade**](../models/cluster-manual-upgrade)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Manual upgrade of managed cluster for given cluster ID. | ClusterManualUpgrade
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2b838de9-db9b-abcf-e646-d4f274ad4238" # String | ID of managed cluster to trigger manual upgrade.
# Trigger Manual Upgrade for Managed Cluster
try {
Update-V2025 -Id $Id
# Below is a request that includes all optional parameters
# Update-V2025 -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-managed-cluster
Update an existing managed cluster.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-managed-cluster)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Managed cluster ID.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | JSONPatch payload used to update the object.
### Return type
[**ManagedCluster**](../models/managed-cluster)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated managed cluster. | ManagedCluster
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c9180897de347a2017de8859e8c5039" # String | Managed cluster ID.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | JSONPatch payload used to update the object.
# Update Managed Cluster
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025ManagedCluster -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025ManagedCluster -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ManagedCluster"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

732
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025MultiHostIntegrationApi.md Normal file
View File

@@ -0,0 +1,732 @@
---
id: v2025-multi-host-integration
title: MultiHostIntegration
pagination_label: MultiHostIntegration
sidebar_label: MultiHostIntegration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'MultiHostIntegration', 'V2025MultiHostIntegration']
slug: /tools/sdk/powershell/v2025/methods/multi-host-integration
tags: ['SDK', 'Software Development Kit', 'MultiHostIntegration', 'V2025MultiHostIntegration']
---
# MultiHostIntegration
Use this API to build a Multi-Host Integration.
Multi-Host Integration will help customers to configure and manage similar type of target system in Identity Security Cloud.
In Identity Security Cloud, administrators can create a Multi-Host Integration by going to Admin &gt; Connections &gt; Multi-Host Sources and selecting &#39;Create.&#39;
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025MultiHostIntegration**](#create-multi-host-integration) | **POST** `/multihosts` | Create Multi-Host Integration
[**New-V2025SourcesWithinMultiHost**](#create-sources-within-multi-host) | **POST** `/multihosts/{multihostId}` | Create Sources Within Multi-Host Integration
[**Remove-V2025MultiHost**](#delete-multi-host) | **DELETE** `/multihosts/{multihostId}` | Delete Multi-Host Integration
[**Get-V2025AcctAggregationGroups**](#get-acct-aggregation-groups) | **GET** `/multihosts/{multihostId}/acctAggregationGroups` | List Account-Aggregation-Groups by Multi-Host ID
[**Get-V2025EntitlementAggregationGroups**](#get-entitlement-aggregation-groups) | **GET** `/multihosts/{multiHostId}/entitlementAggregationGroups` | List Entitlement-Aggregation-Groups by Integration ID
[**Get-V2025MultiHostIntegrations**](#get-multi-host-integrations) | **GET** `/multihosts/{multihostId}` | Get Multi-Host Integration By ID
[**Get-V2025MultiHostIntegrationsList**](#get-multi-host-integrations-list) | **GET** `/multihosts` | List All Existing Multi-Host Integrations
[**Get-V2025MultiHostSourceCreationErrors**](#get-multi-host-source-creation-errors) | **GET** `/multihosts/{multiHostId}/sources/errors` | List Multi-Host Source Creation Errors
[**Get-V2025MultihostIntegrationTypes**](#get-multihost-integration-types) | **GET** `/multihosts/types` | List Multi-Host Integration Types
[**Get-V2025SourcesWithinMultiHost**](#get-sources-within-multi-host) | **GET** `/multihosts/{multihostId}/sources` | List Sources Within Multi-Host Integration
[**Test-V2025ConnectionMultiHostSources**](#test-connection-multi-host-sources) | **POST** `/multihosts/{multihostId}/sources/testConnection` | Test Configuration For Multi-Host Integration
[**Test-V2025SourceConnectionMultihost**](#test-source-connection-multihost) | **GET** `/multihosts/{multihostId}/sources/{sourceId}/testConnection` | Test Configuration For Multi-Host Integration&#39;s Single Source
[**Update-V2025MultiHostSources**](#update-multi-host-sources) | **PATCH** `/multihosts/{multihostId}` | Update Multi-Host Integration
## create-multi-host-integration
This API is used to create Multi-Host Integration. Multi-host Integration holds similar types of sources.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-multi-host-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | MultiHostIntegrationsCreate | [**MultiHostIntegrationsCreate**](../models/multi-host-integrations-create) | True | The specifics of the Multi-Host Integration to create
### Return type
[**MultiHostIntegrations**](../models/multi-host-integrations)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | OK. Returned if the request was successfully accepted into the system. | MultiHostIntegrations
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MultiHostIntegrationsCreate = @"{
"owner" : {
"name" : "MyName",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"managementWorkgroup" : {
"name" : "My Management Workgroup",
"id" : "2c91808568c529c60168cca6f90c2222",
"type" : "GOVERNANCE_GROUP"
},
"cluster" : {
"name" : "Corporate Cluster",
"id" : "2c9180866166b5b0016167c32ef31a66",
"type" : "CLUSTER"
},
"connector" : "multihost-microsoft-sql-server",
"connectorAttributes" : {
"maxSourcesPerAggGroup" : 10,
"maxAllowedSources" : 300
},
"created" : "2022-02-08T14:50:03.827Z",
"name" : "My Multi-Host Integration",
"description" : "This is the Multi-Host Integration.",
"modified" : "2024-01-23T18:08:50.897Z"
}"@
# Create Multi-Host Integration
try {
$Result = ConvertFrom-JsonToMultiHostIntegrationsCreate -Json $MultiHostIntegrationsCreate
New-V2025MultiHostIntegration -MultiHostIntegrationsCreate $Result
# Below is a request that includes all optional parameters
# New-V2025MultiHostIntegration -MultiHostIntegrationsCreate $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025MultiHostIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-sources-within-multi-host
This API is used to create sources within Multi-Host Integration. Multi-Host Integration holds similar types of sources.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-sources-within-multi-host)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration.
Body | MultiHostIntegrationsCreateSources | [**[]MultiHostIntegrationsCreateSources**](../models/multi-host-integrations-create-sources) | True | The specifics of the sources to create within Multi-Host Integration.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$MultihostId = "2c91808568c529c60168cca6f90c1326" # String | ID of the Multi-Host Integration.
$MultiHostIntegrationsCreateSources = @"{
"connectorAttributes" : {
"authType" : "SQLAuthentication",
"url" : "jdbc:sqlserver://178.18.41.118:1433",
"user" : "username",
"driverClass" : "com.microsoft.sqlserver.jdbc.SQLServerDriver",
"maxSourcesPerAggGroup" : 10,
"maxAllowedSources" : 300
},
"name" : "My Source",
"description" : "This is the corporate directory."
}"@ # MultiHostIntegrationsCreateSources[] | The specifics of the sources to create within Multi-Host Integration.
# Create Sources Within Multi-Host Integration
try {
$Result = ConvertFrom-JsonToMultiHostIntegrationsCreateSources -Json $MultiHostIntegrationsCreateSources
New-V2025SourcesWithinMultiHost -MultihostId $MultihostId -MultiHostIntegrationsCreateSources $Result
# Below is a request that includes all optional parameters
# New-V2025SourcesWithinMultiHost -MultihostId $MultihostId -MultiHostIntegrationsCreateSources $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025SourcesWithinMultiHost"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-multi-host
Delete an existing Multi-Host Integration by ID.
A token with Org Admin or Multi Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-multi-host)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of Multi-Host Integration to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultihostId = "2c91808568c529c60168cca6f90c1326" # String | ID of Multi-Host Integration to delete.
# Delete Multi-Host Integration
try {
Remove-V2025MultiHost -MultihostId $MultihostId
# Below is a request that includes all optional parameters
# Remove-V2025MultiHost -MultihostId $MultihostId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025MultiHost"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-acct-aggregation-groups
This API will return array of account aggregation groups within provided Multi-Host Integration ID.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-acct-aggregation-groups)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration to update
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**MultiHostIntegrationsAggScheduleUpdate[]**](../models/multi-host-integrations-agg-schedule-update)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | MultiHostIntegrationsAggScheduleUpdate[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultihostId = "aMultiHostId" # String | ID of the Multi-Host Integration to update
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
# List Account-Aggregation-Groups by Multi-Host ID
try {
Get-V2025AcctAggregationGroups -MultihostId $MultihostId
# Below is a request that includes all optional parameters
# Get-V2025AcctAggregationGroups -MultihostId $MultihostId -Offset $Offset -Limit $Limit
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025AcctAggregationGroups"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-entitlement-aggregation-groups
This API will return array of aggregation groups within provided Multi-Host Integration ID.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-aggregation-groups)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultiHostId | **String** | True | ID of the Multi-Host Integration to update
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**MultiHostIntegrationsAggScheduleUpdate[]**](../models/multi-host-integrations-agg-schedule-update)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | MultiHostIntegrationsAggScheduleUpdate[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultiHostId = "aMultiHostId" # String | ID of the Multi-Host Integration to update
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
# List Entitlement-Aggregation-Groups by Integration ID
try {
Get-V2025EntitlementAggregationGroups -MultiHostId $MultiHostId
# Below is a request that includes all optional parameters
# Get-V2025EntitlementAggregationGroups -MultiHostId $MultiHostId -Offset $Offset -Limit $Limit
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementAggregationGroups"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-multi-host-integrations
Get an existing Multi-Host Integration.
A token with Org Admin or Multi-Host Integration Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-multi-host-integrations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration.
### Return type
[**MultiHostIntegrations**](../models/multi-host-integrations)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | MultiHostIntegrations
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultihostId = "2c91808568c529c60168cca6f90c1326" # String | ID of the Multi-Host Integration.
# Get Multi-Host Integration By ID
try {
Get-V2025MultiHostIntegrations -MultihostId $MultihostId
# Below is a request that includes all optional parameters
# Get-V2025MultiHostIntegrations -MultihostId $MultihostId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MultiHostIntegrations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-multi-host-integrations-list
Get a list of Multi-Host Integrations.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-multi-host-integrations-list)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **type**: *in* **forSubAdminId**: *in*
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | ForSubadmin | **String** | (optional) | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity or SOURCE_SUBADMIN identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin.
### Return type
[**MultiHostIntegrations[]**](../models/multi-host-integrations)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | MultiHostIntegrations[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
$Filters = 'id eq 2c91808b6ef1d43e016efba0ce470904' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **type**: *in* **forSubAdminId**: *in* (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$ForSubadmin = "5168015d32f890ca15812c9180835d2e" # String | If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN Identity or SOURCE_SUBADMIN identity. The value of the parameter is either an Identity ID, or the special value **me**, which is shorthand for the calling Identity's ID. A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not a subadmin. (optional)
# List All Existing Multi-Host Integrations
try {
Get-V2025MultiHostIntegrationsList
# Below is a request that includes all optional parameters
# Get-V2025MultiHostIntegrationsList -Offset $Offset -Limit $Limit -Sorters $Sorters -Filters $Filters -Count $Count -ForSubadmin $ForSubadmin
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MultiHostIntegrationsList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-multi-host-source-creation-errors
Get a list of sources creation errors within Multi-Host Integration ID.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-multi-host-source-creation-errors)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultiHostId | **String** | True | ID of the Multi-Host Integration
### Return type
[**SourceCreationErrors[]**](../models/source-creation-errors)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | SourceCreationErrors[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultiHostId = "004091cb79b04636b88662afa50a4440" # String | ID of the Multi-Host Integration
# List Multi-Host Source Creation Errors
try {
Get-V2025MultiHostSourceCreationErrors -MultiHostId $MultiHostId
# Below is a request that includes all optional parameters
# Get-V2025MultiHostSourceCreationErrors -MultiHostId $MultiHostId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MultiHostSourceCreationErrors"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-multihost-integration-types
This API endpoint returns the current list of supported Multi-Host Integration types.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-multihost-integration-types)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**MultiHostIntegrationTemplateType[]**](../models/multi-host-integration-template-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | MultiHostIntegrationTemplateType[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Multi-Host Integration Types
try {
Get-V2025MultihostIntegrationTypes
# Below is a request that includes all optional parameters
# Get-V2025MultihostIntegrationTypes
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MultihostIntegrationTypes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sources-within-multi-host
Get a list of sources within Multi-Host Integration ID.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sources-within-multi-host)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration to update
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *in*
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**MultiHostSources[]**](../models/multi-host-sources)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | MultiHostSources[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultihostId = "aMultiHostId" # String | ID of the Multi-Host Integration to update
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
$Filters = 'id eq 2c91808b6ef1d43e016efba0ce470904' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *in* (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Sources Within Multi-Host Integration
try {
Get-V2025SourcesWithinMultiHost -MultihostId $MultihostId
# Below is a request that includes all optional parameters
# Get-V2025SourcesWithinMultiHost -MultihostId $MultihostId -Offset $Offset -Limit $Limit -Sorters $Sorters -Filters $Filters -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SourcesWithinMultiHost"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-connection-multi-host-sources
This endpoint performs a more detailed validation of the Multi-Host Integration's configuration.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/test-connection-multi-host-sources)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultihostId = "2c91808568c529c60168cca6f90c1324" # String | ID of the Multi-Host Integration
# Test Configuration For Multi-Host Integration
try {
Test-V2025ConnectionMultiHostSources -MultihostId $MultihostId
# Below is a request that includes all optional parameters
# Test-V2025ConnectionMultiHostSources -MultihostId $MultihostId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-V2025ConnectionMultiHostSources"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-source-connection-multihost
This endpoint performs a more detailed validation of the source's configuration.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/test-source-connection-multihost)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration
Path | SourceId | **String** | True | ID of the source within the Multi-Host Integration
### Return type
[**TestSourceConnectionMultihost200Response**](../models/test-source-connection-multihost200-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. | TestSourceConnectionMultihost200Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$MultihostId = "2c91808568c529c60168cca6f90c1326" # String | ID of the Multi-Host Integration
$SourceId = "2c91808568c529f60168cca6f90c1324" # String | ID of the source within the Multi-Host Integration
# Test Configuration For Multi-Host Integration's Single Source
try {
Test-V2025SourceConnectionMultihost -MultihostId $MultihostId -SourceId $SourceId
# Below is a request that includes all optional parameters
# Test-V2025SourceConnectionMultihost -MultihostId $MultihostId -SourceId $SourceId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-V2025SourceConnectionMultihost"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-multi-host-sources
Update existing sources within Multi-Host Integration.
A token with Org Admin or Multi-Host Admin authority is required to access this endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-multi-host-sources)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | MultihostId | **String** | True | ID of the Multi-Host Integration to update.
Body | UpdateMultiHostSourcesRequestInner | [**[]UpdateMultiHostSourcesRequestInner**](../models/update-multi-host-sources-request-inner) | True | This endpoint allows you to update a Multi-Host Integration.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | OK. Returned if the request was successfully accepted into the system. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$MultihostId = "anId" # String | ID of the Multi-Host Integration to update.
$UpdateMultiHostSourcesRequestInner = @"[{op=add, path=/description, value=MDK Multi-Host Integration 222 description}]"@ # UpdateMultiHostSourcesRequestInner[] | This endpoint allows you to update a Multi-Host Integration.
# Update Multi-Host Integration
try {
$Result = ConvertFrom-JsonToUpdateMultiHostSourcesRequestInner -Json $UpdateMultiHostSourcesRequestInner
Update-V2025MultiHostSources -MultihostId $MultihostId -UpdateMultiHostSourcesRequestInner $Result
# Below is a request that includes all optional parameters
# Update-V2025MultiHostSources -MultihostId $MultihostId -UpdateMultiHostSourcesRequestInner $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025MultiHostSources"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1746
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025NonEmployeeLifecycleManagementApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

843
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025NotificationsApi.md Normal file
View File

@@ -0,0 +1,843 @@
---
id: v2025-notifications
title: Notifications
pagination_label: Notifications
sidebar_label: Notifications
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Notifications', 'V2025Notifications']
slug: /tools/sdk/powershell/v2025/methods/notifications
tags: ['SDK', 'Software Development Kit', 'Notifications', 'V2025Notifications']
---
# Notifications
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025DomainDkim**](#create-domain-dkim) | **POST** `/verified-domains` | Verify domain address via DKIM
[**New-V2025NotificationTemplate**](#create-notification-template) | **POST** `/notification-templates` | Create Notification Template
[**New-V2025VerifiedFromAddress**](#create-verified-from-address) | **POST** `/verified-from-addresses` | Create Verified From Address
[**Remove-V2025NotificationTemplatesInBulk**](#delete-notification-templates-in-bulk) | **POST** `/notification-templates/bulk-delete` | Bulk Delete Notification Templates
[**Remove-V2025VerifiedFromAddress**](#delete-verified-from-address) | **DELETE** `/verified-from-addresses/{id}` | Delete Verified From Address
[**Get-V2025DkimAttributes**](#get-dkim-attributes) | **GET** `/verified-domains` | Get DKIM Attributes
[**Get-V2025MailFromAttributes**](#get-mail-from-attributes) | **GET** `/mail-from-attributes/{identity}` | Get MAIL FROM Attributes
[**Get-V2025NotificationTemplate**](#get-notification-template) | **GET** `/notification-templates/{id}` | Get Notification Template By Id
[**Get-V2025NotificationsTemplateContext**](#get-notifications-template-context) | **GET** `/notification-template-context` | Get Notification Template Context
[**Get-V2025FromAddresses**](#list-from-addresses) | **GET** `/verified-from-addresses` | List From Addresses
[**Get-V2025NotificationPreferences**](#list-notification-preferences) | **GET** `/notification-preferences/{key}` | List Notification Preferences for tenant.
[**Get-V2025NotificationTemplateDefaults**](#list-notification-template-defaults) | **GET** `/notification-template-defaults` | List Notification Template Defaults
[**Get-V2025NotificationTemplates**](#list-notification-templates) | **GET** `/notification-templates` | List Notification Templates
[**Send-V2025MailFromAttributes**](#put-mail-from-attributes) | **PUT** `/mail-from-attributes` | Change MAIL FROM domain
[**Send-V2025TestNotification**](#send-test-notification) | **POST** `/send-test-notification` | Send Test Notification
## create-domain-dkim
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Create a domain to be verified via DKIM (DomainKeys Identified Mail)
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-domain-dkim)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | DomainAddress | [**DomainAddress**](../models/domain-address) | True |
### Return type
[**DomainStatusDto**](../models/domain-status-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of DKIM tokens required for the verification process. | DomainStatusDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
405 | Method Not Allowed - indicates that the server knows the request method, but the target resource doesn&#39;t support this method. | CreateDomainDkim405Response
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$DomainAddress = @"{
"domain" : "sailpoint.com"
}"@
# Verify domain address via DKIM
try {
$Result = ConvertFrom-JsonToDomainAddress -Json $DomainAddress
New-V2025DomainDkim -XSailPointExperimental $XSailPointExperimental -DomainAddress $Result
# Below is a request that includes all optional parameters
# New-V2025DomainDkim -XSailPointExperimental $XSailPointExperimental -DomainAddress $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025DomainDkim"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-notification-template
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This creates a template for your site.
You can also use this endpoint to update a template. First, copy the response body from the [get notification template endpoint](https://developer.sailpoint.com/idn/api/beta/get-notification-template) for a template you wish to update and paste it into the request body for this endpoint. Modify the fields you want to change and submit the POST request when ready.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-notification-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | TemplateDto | [**TemplateDto**](../models/template-dto) | True |
### Return type
[**TemplateDto**](../models/template-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A template object for your site | TemplateDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$TemplateDto = @"{
"slackTemplate" : "slackTemplate",
"footer" : "footer",
"teamsTemplate" : "teamsTemplate",
"subject" : "You have $numberOfPendingTasks $taskTasks to complete in ${__global.productName}.",
"created" : "2020-01-01T00:00:00Z",
"description" : "Daily digest - sent if number of outstanding tasks for task owner > 0",
"medium" : "EMAIL",
"locale" : "en",
"body" : "Please go to the task manager",
"name" : "Task Manager Subscription",
"replyTo" : "$__global.emailFromAddress",
"header" : "header",
"modified" : "2020-01-01T00:00:00Z",
"from" : "$__global.emailFromAddress",
"id" : "c17bea3a-574d-453c-9e04-4365fbf5af0b",
"key" : "cloud_manual_work_item_summary"
}"@
# Create Notification Template
try {
$Result = ConvertFrom-JsonToTemplateDto -Json $TemplateDto
New-V2025NotificationTemplate -XSailPointExperimental $XSailPointExperimental -TemplateDto $Result
# Below is a request that includes all optional parameters
# New-V2025NotificationTemplate -XSailPointExperimental $XSailPointExperimental -TemplateDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025NotificationTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-verified-from-address
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Create a new sender email address and initiate verification process.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-verified-from-address)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | EmailStatusDto | [**EmailStatusDto**](../models/email-status-dto) | True |
### Return type
[**EmailStatusDto**](../models/email-status-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | New Verified Email Status | EmailStatusDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$EmailStatusDto = @"{
"isVerifiedByDomain" : false,
"verificationStatus" : "PENDING",
"id" : "id",
"email" : "sender@example.com"
}"@
# Create Verified From Address
try {
$Result = ConvertFrom-JsonToEmailStatusDto -Json $EmailStatusDto
New-V2025VerifiedFromAddress -XSailPointExperimental $XSailPointExperimental -EmailStatusDto $Result
# Below is a request that includes all optional parameters
# New-V2025VerifiedFromAddress -XSailPointExperimental $XSailPointExperimental -EmailStatusDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025VerifiedFromAddress"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-notification-templates-in-bulk
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This lets you bulk delete templates that you previously created for your site. Since this is a beta feature, please contact support to enable usage.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-notification-templates-in-bulk)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | TemplateBulkDeleteDto | [**[]TemplateBulkDeleteDto**](../models/template-bulk-delete-dto) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$TemplateBulkDeleteDto = @"{
"medium" : "EMAIL",
"locale" : "en",
"key" : "cloud_manual_work_item_summary"
}"@ # TemplateBulkDeleteDto[] |
# Bulk Delete Notification Templates
try {
$Result = ConvertFrom-JsonToTemplateBulkDeleteDto -Json $TemplateBulkDeleteDto
Remove-V2025NotificationTemplatesInBulk -XSailPointExperimental $XSailPointExperimental -TemplateBulkDeleteDto $Result
# Below is a request that includes all optional parameters
# Remove-V2025NotificationTemplatesInBulk -XSailPointExperimental $XSailPointExperimental -TemplateBulkDeleteDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025NotificationTemplatesInBulk"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-verified-from-address
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Delete a verified sender email address
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-verified-from-address)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True |
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "MyId" # String |
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete Verified From Address
try {
Remove-V2025VerifiedFromAddress -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025VerifiedFromAddress -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025VerifiedFromAddress"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-dkim-attributes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieve DKIM (DomainKeys Identified Mail) attributes for all your tenants' AWS SES identities. Limits retrieval to 100 identities per call.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-dkim-attributes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**DkimAttributes[]**](../models/dkim-attributes)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of DKIM Attributes | DkimAttributes[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get DKIM Attributes
try {
Get-V2025DkimAttributes -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025DkimAttributes -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025DkimAttributes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-mail-from-attributes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieve MAIL FROM attributes for a given AWS SES identity.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-mail-from-attributes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Id | **String** | True | Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**MailFromAttributes**](../models/mail-from-attributes)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MAIL FROM Attributes object | MailFromAttributes
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "bobsmith@sailpoint.com" # String | Returns the MX and TXT record to be put in your DNS, as well as the MAIL FROM domain status
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get MAIL FROM Attributes
try {
Get-V2025MailFromAttributes -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025MailFromAttributes -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025MailFromAttributes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-notification-template
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This gets a template that you have modified for your site by Id.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-notification-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Id of the Notification Template
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**TemplateDto**](../models/template-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A template object for your site | TemplateDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "c17bea3a-574d-453c-9e04-4365fbf5af0b" # String | Id of the Notification Template
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Notification Template By Id
try {
Get-V2025NotificationTemplate -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025NotificationTemplate -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025NotificationTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-notifications-template-context
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
The notification service maintains metadata to construct the notification templates or supply any information during the event propagation. The data-store where this information is retrieved is called "Global Context" (a.k.a. notification template context). It defines a set of attributes
that will be available per tenant (organization).
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-notifications-template-context)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**NotificationTemplateContext**](../models/notification-template-context)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Notification template context attributes for a specific tenant. | NotificationTemplateContext
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Notification Template Context
try {
Get-V2025NotificationsTemplateContext -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025NotificationsTemplateContext -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025NotificationsTemplateContext"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-from-addresses
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieve a list of sender email addresses and their verification statuses
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-from-addresses)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **email**: *eq, ge, le, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **email**
### Return type
[**EmailStatusDto[]**](../models/email-status-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Email Status | EmailStatusDto[]
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'email eq "john.doe@company.com"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **email**: *eq, ge, le, sw* (optional)
$Sorters = "email" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **email** (optional)
# List From Addresses
try {
Get-V2025FromAddresses -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025FromAddresses -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025FromAddresses"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-notification-preferences
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Returns a list of notification preferences for tenant.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-notification-preferences)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**PreferencesDto**](../models/preferences-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Return preference for the given notification key. | PreferencesDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# List Notification Preferences for tenant.
try {
Get-V2025NotificationPreferences -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025NotificationPreferences -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025NotificationPreferences"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-notification-template-defaults
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This lists the default templates used for notifications, such as emails from IdentityNow.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-notification-template-defaults)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **key**: *eq, in, sw* **medium**: *eq, sw* **locale**: *eq, sw*
### Return type
[**TemplateDtoDefault[]**](../models/template-dto-default)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of the default template objects | TemplateDtoDefault[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Filters = 'key eq "cloud_manual_work_item_summary"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **key**: *eq, in, sw* **medium**: *eq, sw* **locale**: *eq, sw* (optional)
# List Notification Template Defaults
try {
Get-V2025NotificationTemplateDefaults -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025NotificationTemplateDefaults -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025NotificationTemplateDefaults"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-notification-templates
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This lists the templates that you have modified for your site.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-notification-templates)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **key**: *eq, in, sw* **medium**: *eq, sw* **locale**: *eq, sw*
### Return type
[**TemplateDto[]**](../models/template-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of template objects for your site | TemplateDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Filters = 'medium eq "EMAIL"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **key**: *eq, in, sw* **medium**: *eq, sw* **locale**: *eq, sw* (optional)
# List Notification Templates
try {
Get-V2025NotificationTemplates -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025NotificationTemplates -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025NotificationTemplates"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-mail-from-attributes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Change the MAIL FROM domain of an AWS SES email identity and provide the MX and TXT records to be placed in the caller's DNS
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-mail-from-attributes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | MailFromAttributesDto | [**MailFromAttributesDto**](../models/mail-from-attributes-dto) | True |
### Return type
[**MailFromAttributes**](../models/mail-from-attributes)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | MAIL FROM Attributes required to verify the change | MailFromAttributes
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$MailFromAttributesDto = @"{
"identity" : "BobSmith@sailpoint.com",
"mailFromDomain" : "example.sailpoint.com"
}"@
# Change MAIL FROM domain
try {
$Result = ConvertFrom-JsonToMailFromAttributesDto -Json $MailFromAttributesDto
Send-V2025MailFromAttributes -XSailPointExperimental $XSailPointExperimental -MailFromAttributesDto $Result
# Below is a request that includes all optional parameters
# Send-V2025MailFromAttributes -XSailPointExperimental $XSailPointExperimental -MailFromAttributesDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025MailFromAttributes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## send-test-notification
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Send a Test Notification
[API Spec](https://developer.sailpoint.com/docs/api/v2025/send-test-notification)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SendTestNotificationRequestDto | [**SendTestNotificationRequestDto**](../models/send-test-notification-request-dto) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SendTestNotificationRequestDto = @"{
"context" : "{}",
"medium" : "EMAIL",
"key" : "cloud_manual_work_item_summary"
}"@
# Send Test Notification
try {
$Result = ConvertFrom-JsonToSendTestNotificationRequestDto -Json $SendTestNotificationRequestDto
Send-V2025TestNotification -XSailPointExperimental $XSailPointExperimental -SendTestNotificationRequestDto $Result
# Below is a request that includes all optional parameters
# Send-V2025TestNotification -XSailPointExperimental $XSailPointExperimental -SendTestNotificationRequestDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025TestNotification"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

281
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025OAuthClientsApi.md Normal file
View File

@@ -0,0 +1,281 @@
---
id: v2025-o-auth-clients
title: OAuthClients
pagination_label: OAuthClients
sidebar_label: OAuthClients
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'OAuthClients', 'V2025OAuthClients']
slug: /tools/sdk/powershell/v2025/methods/o-auth-clients
tags: ['SDK', 'Software Development Kit', 'OAuthClients', 'V2025OAuthClients']
---
# OAuthClients
Use this API to implement OAuth client functionality.
With this functionality in place, users with the appropriate security scopes can create and configure OAuth clients to use as a way to obtain authorization to use the Identity Security Cloud REST API.
Refer to [Authentication](https://developer.sailpoint.com/docs/api/authentication/) for more information about OAuth and how it works with the Identity Security Cloud REST API.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025OauthClient**](#create-oauth-client) | **POST** `/oauth-clients` | Create OAuth Client
[**Remove-V2025OauthClient**](#delete-oauth-client) | **DELETE** `/oauth-clients/{id}` | Delete OAuth Client
[**Get-V2025OauthClient**](#get-oauth-client) | **GET** `/oauth-clients/{id}` | Get OAuth Client
[**Get-V2025OauthClients**](#list-oauth-clients) | **GET** `/oauth-clients` | List OAuth Clients
[**Update-V2025OauthClient**](#patch-oauth-client) | **PATCH** `/oauth-clients/{id}` | Patch OAuth Client
## create-oauth-client
This creates an OAuth client.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-oauth-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateOAuthClientRequest | [**CreateOAuthClientRequest**](../models/create-o-auth-client-request) | True |
### Return type
[**CreateOAuthClientResponse**](../models/create-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | CreateOAuthClientResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateOAuthClientRequest = @"{
"internal" : false,
"businessName" : "Acme-Solar",
"description" : "An API client used for the authorization_code, refresh_token, and client_credentials flows",
"refreshTokenValiditySeconds" : 86400,
"type" : "CONFIDENTIAL",
"redirectUris" : [ "http://localhost:12345" ],
"enabled" : true,
"accessType" : "OFFLINE",
"grantTypes" : [ "AUTHORIZATION_CODE", "CLIENT_CREDENTIALS", "REFRESH_TOKEN" ],
"strongAuthSupported" : false,
"homepageUrl" : "http://localhost:12345",
"accessTokenValiditySeconds" : 750,
"scope" : [ "demo:api-client-scope:first", "demo:api-client-scope:second" ],
"name" : "Demo API Client",
"claimsSupported" : false
}"@
# Create OAuth Client
try {
$Result = ConvertFrom-JsonToCreateOAuthClientRequest -Json $CreateOAuthClientRequest
New-V2025OauthClient -CreateOAuthClientRequest $Result
# Below is a request that includes all optional parameters
# New-V2025OauthClient -CreateOAuthClientRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-oauth-client
This deletes an OAuth client.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-oauth-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The OAuth client id
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The OAuth client id
# Delete OAuth Client
try {
Remove-V2025OauthClient -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025OauthClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-oauth-client
This gets details of an OAuth client.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-oauth-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The OAuth client id
### Return type
[**GetOAuthClientResponse**](../models/get-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | GetOAuthClientResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The OAuth client id
# Get OAuth Client
try {
Get-V2025OauthClient -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025OauthClient -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-oauth-clients
This gets a list of OAuth clients.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-oauth-clients)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull*
### Return type
[**GetOAuthClientResponse[]**](../models/get-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of OAuth clients. | GetOAuthClientResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Filters = 'lastUsed le 2023-02-05T10:59:27.214Z' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull* (optional)
# List OAuth Clients
try {
Get-V2025OauthClients
# Below is a request that includes all optional parameters
# Get-V2025OauthClients -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025OauthClients"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-oauth-client
This performs a targeted update to the field(s) of an OAuth client.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-oauth-client)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The OAuth client id
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * tenant * businessName * homepageUrl * name * description * accessTokenValiditySeconds * refreshTokenValiditySeconds * redirectUris * grantTypes * accessType * enabled * strongAuthSupported * claimsSupported
### Return type
[**GetOAuthClientResponse**](../models/get-o-auth-client-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the OAuth client&#39;s new representation. | GetOAuthClientResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The OAuth client id
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * tenant * businessName * homepageUrl * name * description * accessTokenValiditySeconds * refreshTokenValiditySeconds * redirectUris * grantTypes * accessType * enabled * strongAuthSupported * claimsSupported
# Patch OAuth Client
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025OauthClient -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025OauthClient -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025OauthClient"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

185
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025OrgConfigApi.md Normal file
View File

@@ -0,0 +1,185 @@
---
id: v2025-org-config
title: OrgConfig
pagination_label: OrgConfig
sidebar_label: OrgConfig
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'OrgConfig', 'V2025OrgConfig']
slug: /tools/sdk/powershell/v2025/methods/org-config
tags: ['SDK', 'Software Development Kit', 'OrgConfig', 'V2025OrgConfig']
---
# OrgConfig
Use this API to implement organization configuration functionality.
Administrators can use this functionality to manage organization settings, such as time zones.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025OrgConfig**](#get-org-config) | **GET** `/org-config` | Get Org Config Settings
[**Get-V2025ValidTimeZones**](#get-valid-time-zones) | **GET** `/org-config/valid-time-zones` | Get Valid Time Zones
[**Update-V2025OrgConfig**](#patch-org-config) | **PATCH** `/org-config` | Patch Org Config
## get-org-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get the current organization's configuration settings, only external accessible properties.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-org-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**OrgConfig**](../models/org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | OrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Org Config Settings
try {
Get-V2025OrgConfig -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025OrgConfig -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025OrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-valid-time-zones
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
List the valid time zones that can be set in organization configurations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-valid-time-zones)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 50) | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
**String[]**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request successful. | String[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 50 # Int32 | Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 50)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Get Valid Time Zones
try {
Get-V2025ValidTimeZones -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025ValidTimeZones -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ValidTimeZones"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-org-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Patch the current organization's configuration, using http://jsonpatch.com/ syntax. This is commonly used to changing an organization's time zone.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-org-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
### Return type
[**OrgConfig**](../models/org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully patched org config. | OrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of schema attribute update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Patch Org Config
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025OrgConfig -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025OrgConfig -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025OrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

178
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PasswordConfigurationApi.md Normal file
View File

@@ -0,0 +1,178 @@
---
id: v2025-password-configuration
title: PasswordConfiguration
pagination_label: PasswordConfiguration
sidebar_label: PasswordConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordConfiguration', 'V2025PasswordConfiguration']
slug: /tools/sdk/powershell/v2025/methods/password-configuration
tags: ['SDK', 'Software Development Kit', 'PasswordConfiguration', 'V2025PasswordConfiguration']
---
# PasswordConfiguration
Use this API to implement organization password configuration functionality.
With this functionality in place, organization administrators can create organization-specific password configurations.
These configurations include details like custom password instructions, as well as digit token length and duration.
Refer to [Configuring User Authentication for Password Resets](https://documentation.sailpoint.com/saas/help/pwd/pwd_reset.html) for more information about organization password configuration functionality.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025PasswordOrgConfig**](#create-password-org-config) | **POST** `/password-org-config` | Create Password Org Config
[**Get-V2025PasswordOrgConfig**](#get-password-org-config) | **GET** `/password-org-config` | Get Password Org Config
[**Send-V2025PasswordOrgConfig**](#put-password-org-config) | **PUT** `/password-org-config` | Update Password Org Config
## create-password-org-config
This API creates the password org config. Unspecified fields will use default value.
To be able to use the custom password instructions, you must set the `customInstructionsEnabled` field to "true".
Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-password-org-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordOrgConfig | [**PasswordOrgConfig**](../models/password-org-config) | True |
### Return type
[**PasswordOrgConfig**](../models/password-org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password org config. | PasswordOrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordOrgConfig = @"{
"digitTokenLength" : 9,
"digitTokenEnabled" : true,
"digitTokenDurationMinutes" : 10,
"customInstructionsEnabled" : true
}"@
# Create Password Org Config
try {
$Result = ConvertFrom-JsonToPasswordOrgConfig -Json $PasswordOrgConfig
New-V2025PasswordOrgConfig -PasswordOrgConfig $Result
# Below is a request that includes all optional parameters
# New-V2025PasswordOrgConfig -PasswordOrgConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025PasswordOrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-org-config
This API returns the password org config . Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:read'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-password-org-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**PasswordOrgConfig**](../models/password-org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password org config. | PasswordOrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Password Org Config
try {
Get-V2025PasswordOrgConfig
# Below is a request that includes all optional parameters
# Get-V2025PasswordOrgConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordOrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-password-org-config
This API updates the password org config for specified fields. Other fields will keep original value.
You must set the `customInstructionsEnabled` field to "true" to be able to use custom password instructions.
Requires ORG_ADMIN, API role or authorization scope of 'idn:password-org-config:write'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-password-org-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordOrgConfig | [**PasswordOrgConfig**](../models/password-org-config) | True |
### Return type
[**PasswordOrgConfig**](../models/password-org-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password org config. | PasswordOrgConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordOrgConfig = @"{
"digitTokenLength" : 9,
"digitTokenEnabled" : true,
"digitTokenDurationMinutes" : 10,
"customInstructionsEnabled" : true
}"@
# Update Password Org Config
try {
$Result = ConvertFrom-JsonToPasswordOrgConfig -Json $PasswordOrgConfig
Send-V2025PasswordOrgConfig -PasswordOrgConfig $Result
# Below is a request that includes all optional parameters
# Send-V2025PasswordOrgConfig -PasswordOrgConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025PasswordOrgConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

216
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PasswordDictionaryApi.md Normal file
View File

@@ -0,0 +1,216 @@
---
id: v2025-password-dictionary
title: PasswordDictionary
pagination_label: PasswordDictionary
sidebar_label: PasswordDictionary
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordDictionary', 'V2025PasswordDictionary']
slug: /tools/sdk/powershell/v2025/methods/password-dictionary
tags: ['SDK', 'Software Development Kit', 'PasswordDictionary', 'V2025PasswordDictionary']
---
# PasswordDictionary
Use this API to implement password dictionary functionality.
With this functionality in place, administrators can create password dictionaries to prevent users from using certain words or characters in their passwords.
A password dictionary is a list of words or characters that users are prevented from including in their passwords.
This can help protect users from themselves and force them to create passwords that are not easy to break.
A password dictionary must meet the following requirements to for the API to handle them correctly:
- It must be in .txt format.
- All characters must be UTF-8 characters.
- Each line must contain a single word or character with no spaces or whitespace characters.
- It must contain at least one line other than the locale string.
- Each line must not exceed 128 characters.
- The file must not exceed 2500 lines.
Administrators should also consider the following when they create their dictionaries:
- Lines starting with a # represent comments.
- All words in the password dictionary are case-insensitive.
For example, adding the word &quot;password&quot; to the dictionary also disallows the following: PASSWORD, Password, and PassWord.
- The dictionary uses substring matching.
For example, adding the word &quot;spring&quot; to the dictionary also disallows the following: Spring124, 345SprinG, and 8spring.
Users can then select &#39;Change Password&#39; to update their passwords.
Administrators must do the following to create a password dictionary:
- Create the text file that will contain the prohibited password values.
- If the dictionary is not in English, they must add a locale string to the top line: locale:&#x60;languageCode&#x60;_&#x60;countryCode&#x60;
The languageCode value refers to the language&#39;s 2-letter ISO 639-1 code.
The countryCode value refers to the country&#39;s 2-letter ISO 3166-1 code.
Refer to this list https://docs.oracle.com/cd/E13214_01/wli/docs92/xref/xqisocodes.html to see all the available ISO 639-1 language codes and ISO 3166-1 country codes.
- Upload the .txt file to Identity Security Cloud with [Update Password Dictionary](https://developer.sailpoint.com/docs/api/v2025/put-password-dictionary). Uploading a new file always overwrites the previous dictionary file.
Administrators can then specify which password policies check new passwords against the password dictionary by doing the following: In the Admin panel, they can use the Password Mgmt dropdown menu to select Policies, select the policy, and select the &#39;Prevent use of words in this site&#39;s password dictionary&#39; checkbox beside it.
Refer to [Configuring Advanced Password Management Options](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html) for more information about password dictionaries.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025PasswordDictionary**](#get-password-dictionary) | **GET** `/password-dictionary` | Get Password Dictionary
[**Send-V2025PasswordDictionary**](#put-password-dictionary) | **PUT** `/password-dictionary` | Update Password Dictionary
## get-password-dictionary
This gets password dictionary for the organization.
The password dictionary file can contain lines that are:
1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing
2. empty lines
3. locale line - the first line that starts with "locale=" is considered to be locale line, the rest are treated as normal content lines
4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;
maximum length of the line is 128 Unicode codepoints
Password dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).
Password dict file must contain UTF-8 characters only.
# Sample password text file
```
# Password dictionary small test file
locale=en_US
# Password dictionary prohibited words
qwerty
abcd
aaaaa
password
qazxsws
```
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-password-dictionary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A password dictionary response | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/plain, application/json
### Example
```powershell
# Get Password Dictionary
try {
Get-V2025PasswordDictionary
# Below is a request that includes all optional parameters
# Get-V2025PasswordDictionary
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordDictionary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-password-dictionary
This updates password dictionary for the organization.
The password dictionary file can contain lines that are:
1. comment lines - the first character is '#', can be 128 Unicode codepoints in length, and are ignored during processing
2. empty lines
3. locale line - the first line that starts with "locale=" is considered to be locale line, the rest are treated as normal content lines
4. line containing the password dictionary word - it must start with non-whitespace character and only non-whitespace characters are allowed;
maximum length of the line is 128 Unicode codepoints
Password dictionary file may not contain more than 2,500 lines (not counting whitespace lines, comment lines and locale line).
Password dict file must contain UTF-8 characters only.
# Sample password text file
```
# Password dictionary small test file
locale=en_US
# Password dictionary prohibited words
qwerty
abcd
aaaaa
password
qazxsws
```
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-password-dictionary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| File | **System.IO.FileInfo** | (optional) |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully updated. |
201 | Created. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$File = # System.IO.FileInfo | (optional)
# Update Password Dictionary
try {
Send-V2025PasswordDictionary
# Below is a request that includes all optional parameters
# Send-V2025PasswordDictionary -File $File
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025PasswordDictionary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

270
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PasswordManagementApi.md Normal file
View File

@@ -0,0 +1,270 @@
---
id: v2025-password-management
title: PasswordManagement
pagination_label: PasswordManagement
sidebar_label: PasswordManagement
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordManagement', 'V2025PasswordManagement']
slug: /tools/sdk/powershell/v2025/methods/password-management
tags: ['SDK', 'Software Development Kit', 'PasswordManagement', 'V2025PasswordManagement']
---
# PasswordManagement
Use this API to implement password management functionality.
With this functionality in place, users can manage their identity passwords for all their applications.
In Identity Security Cloud, users can select their names in the upper right corner of the page and use the drop-down menu to select Password Manager.
Password Manager lists the user&#39;s identity&#39;s applications, possibly grouped to share passwords.
Users can then select &#39;Change Password&#39; to update their passwords.
Grouping passwords allows users to update their passwords more broadly, rather than requiring them to update each password individually.
Password Manager may list the applications and sources in the following groups:
- Password Group: This refers to a group of applications that share a password.
For example, a user can use the same password for Google Drive, Google Mail, and YouTube.
Updating the password for the password group updates the password for all its included applications.
- Multi-Application Source: This refers to a source with multiple applications that share a password.
For example, a user can have a source, G Suite, that includes the Google Calendar, Google Drive, and Google Mail applications.
Updating the password for the multi-application source updates the password for all its included applications.
- Applications: These are applications that do not share passwords with other applications.
An organization may require some authentication for users to update their passwords.
Users may be required to answer security questions or use a third-party authenticator before they can confirm their updates.
Refer to [Managing Passwords](https://documentation.sailpoint.com/saas/user-help/accounts/passwords.html) for more information about password management.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025DigitToken**](#create-digit-token) | **POST** `/generate-password-reset-token/digit` | Generate a digit token
[**Get-V2025PasswordChangeStatus**](#get-password-change-status) | **GET** `/password-change-status/{id}` | Get Password Change Request Status
[**Search-V2025PasswordInfo**](#query-password-info) | **POST** `/query-password-info` | Query Password Info
[**Set-V2025Password**](#set-password) | **POST** `/set-password` | Set Identity&#39;s Password
## create-digit-token
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API is used to generate a digit token for password management. Requires authorization scope of "idn:password-digit-token:create".
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-digit-token)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | PasswordDigitTokenReset | [**PasswordDigitTokenReset**](../models/password-digit-token-reset) | True |
### Return type
[**PasswordDigitToken**](../models/password-digit-token)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The digit token for password management. | PasswordDigitToken
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$PasswordDigitTokenReset = @"{
"durationMinutes" : 5,
"length" : 8,
"userId" : "Abby.Smith"
}"@
# Generate a digit token
try {
$Result = ConvertFrom-JsonToPasswordDigitTokenReset -Json $PasswordDigitTokenReset
New-V2025DigitToken -XSailPointExperimental $XSailPointExperimental -PasswordDigitTokenReset $Result
# Below is a request that includes all optional parameters
# New-V2025DigitToken -XSailPointExperimental $XSailPointExperimental -PasswordDigitTokenReset $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025DigitToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-change-status
This API returns the status of a password change request.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-password-change-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Password change request ID
### Return type
[**PasswordStatus**](../models/password-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the password change request | PasswordStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "089899f13a8f4da7824996191587bab9" # String | Password change request ID
# Get Password Change Request Status
try {
Get-V2025PasswordChangeStatus -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025PasswordChangeStatus -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordChangeStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## query-password-info
This API is used to query password related information.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/query-password-info)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordInfoQueryDTO | [**PasswordInfoQueryDTO**](../models/password-info-query-dto) | True |
### Return type
[**PasswordInfo**](../models/password-info)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password info. | PasswordInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordInfoQueryDTO = @"{
"sourceName" : "My-AD",
"userName" : "Abby.Smith"
}"@
# Query Password Info
try {
$Result = ConvertFrom-JsonToPasswordInfoQueryDTO -Json $PasswordInfoQueryDTO
Search-V2025PasswordInfo -PasswordInfoQueryDTO $Result
# Below is a request that includes all optional parameters
# Search-V2025PasswordInfo -PasswordInfoQueryDTO $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-V2025PasswordInfo"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-password
This API is used to set a password for an identity.
An identity can change their own password (as well as any of their accounts' passwords) if they use a token generated by their ISC user, such as a [personal access token](https://developer.sailpoint.com/idn/api/authentication#personal-access-tokens) or ["authorization_code" derived OAuth token](https://developer.sailpoint.com/idn/api/authentication#authorization-code-grant-flow).
>**Note: If you want to set an identity's source account password, you must enable `PASSWORD` as one of the source's features. You can use the [PATCH Source endpoint](https://developer.sailpoint.com/docs/api/v3/update-source) to add the `PASSWORD` feature.**
To generate the encryptedPassword (RSA encrypted using publicKey) for the request body, run the following command:
```bash
echo -n "myPassword" | openssl pkeyutl -encrypt -inkey public_key.pem -pubin | base64
```
In this example, myPassword is the plain text password being set and encrypted, and public_key.pem is the path to the public key file. You can retrieve the required publicKey, along with other information like identityId, sourceId, publicKeyId, accounts, and policies, using the Query Password Info endpoint.
To successfully run this command, you must have OpenSSL installed on your machine. If OpenSSL is unavailable, consider using the Virtual Appliance (VA), which has OpenSSL pre-installed and configured.
If you are using a Windows machine, refer to this [guide](https://tecadmin.net/install-openssl-on-windows/) for instructions on installing OpenSSL.
You can then use [Get Password Change Request Status](https://developer.sailpoint.com/idn/api/v3/get-password-change-status) to check the password change request status. To do so, you must provide the `requestId` from your earlier request to set the password.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-password)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordChangeRequest | [**PasswordChangeRequest**](../models/password-change-request) | True |
### Return type
[**PasswordChangeResponse**](../models/password-change-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Reference to the password change. | PasswordChangeResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordChangeRequest = @"{
"sourceId" : "8a807d4c73c545510173c545d4b60246",
"accountId" : "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com",
"identityId" : "8a807d4c73c545510173c545f0a002ff",
"publicKeyId" : "YWQ2NjQ4MTItZjY0NC00MWExLWFjMjktOGNmMzU3Y2VlNjk2",
"encryptedPassword" : "XzN+YwKgr2C+InkMYFMBG3UtjMEw5ZIql/XFlXo8cJNeslmkplx6vn4kd4/43IF9STBk5RnzR6XmjpEO+FwHDoiBwYZAkAZK/Iswxk4OdybG6Y4MStJCOCiK8osKr35IMMSV/mbO4wAeltoCk7daTWzTGLiI6UaT5tf+F2EgdjJZ7YqM8W8r7aUWsm3p2Xt01Y46ZRx0QaM91QruiIx2rECFT2pUO0wr+7oQ77jypATyGWRtADsu3YcvCk/6U5MqCnXMzKBcRas7NnZdSL/d5H1GglVGz3VLPMaivG4/oL4chOMmFCRl/zVsGxZ9RhN8rxsRGFFKn+rhExTi+bax3A=="
}"@
# Set Identity's Password
try {
$Result = ConvertFrom-JsonToPasswordChangeRequest -Json $PasswordChangeRequest
Set-V2025Password -PasswordChangeRequest $Result
# Below is a request that includes all optional parameters
# Set-V2025Password -PasswordChangeRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025Password"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

335
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PasswordPoliciesApi.md Normal file
View File

@@ -0,0 +1,335 @@
---
id: v2025-password-policies
title: PasswordPolicies
pagination_label: PasswordPolicies
sidebar_label: PasswordPolicies
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordPolicies', 'V2025PasswordPolicies']
slug: /tools/sdk/powershell/v2025/methods/password-policies
tags: ['SDK', 'Software Development Kit', 'PasswordPolicies', 'V2025PasswordPolicies']
---
# PasswordPolicies
Use these APIs to implement password policies functionality.
These APIs allow you to define the policy parameters for choosing passwords.
IdentityNow comes with a default policy that you can modify to define the password requirements your users must meet to log in to IdentityNow, such as requiring a minimum password length, including special characters, and disallowing certain patterns.
If you have licensed Password Management, you can create additional password policies beyond the default one to manage passwords for supported sources in your org.
In the Identity Security Cloud Admin panel, administrators can use the Password Mgmt dropdown menu to select Sync Groups.
Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/pwd_policies/pwd_policies.html) for more information about password policies.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025PasswordPolicy**](#create-password-policy) | **POST** `/password-policies` | Create Password Policy
[**Remove-V2025PasswordPolicy**](#delete-password-policy) | **DELETE** `/password-policies/{id}` | Delete Password Policy by ID
[**Get-V2025PasswordPolicyById**](#get-password-policy-by-id) | **GET** `/password-policies/{id}` | Get Password Policy by ID
[**Get-V2025PasswordPolicies**](#list-password-policies) | **GET** `/password-policies` | List Password Policies
[**Set-V2025PasswordPolicy**](#set-password-policy) | **PUT** `/password-policies/{id}` | Update Password Policy by ID
## create-password-policy
This API creates the specified password policy.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-password-policy)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordPolicyV3Dto | [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) | True |
### Return type
[**PasswordPolicyV3Dto**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password policy. | PasswordPolicyV3Dto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordPolicyV3Dto = @"{
"validateAgainstAccountName" : true,
"minLength" : 8,
"description" : "Information about the Password Policy",
"requireStrongAuthUntrustedGeographies" : true,
"enablePasswdExpiration" : true,
"minNumeric" : 8,
"lastUpdated" : 1939056206564,
"validateAgainstAccountId" : false,
"dateCreated" : 1639056206564,
"accountNameMinWordLength" : 6,
"minUpper" : 8,
"firstExpirationReminder" : 45,
"modified" : "modified",
"id" : "2c91808e7d976f3b017d9f5ceae440c8",
"requireStrongAuthn" : true,
"useDictionary" : false,
"minSpecial" : 8,
"sourceIds" : [ "2c91808382ffee0b01830de154f14034", "2f98808382ffee0b01830de154f12134" ],
"passwordExpiration" : 8,
"maxRepeatedChars" : 3,
"minCharacterTypes" : 5,
"minAlpha" : 5,
"created" : "created",
"useAccountAttributes" : false,
"accountIdMinWordLength" : 4,
"minLower" : 8,
"useIdentityAttributes" : false,
"defaultPolicy" : true,
"requireStrongAuthOffNetwork" : true,
"name" : "PasswordPolicy Example",
"maxLength" : 25
}"@
# Create Password Policy
try {
$Result = ConvertFrom-JsonToPasswordPolicyV3Dto -Json $PasswordPolicyV3Dto
New-V2025PasswordPolicy -PasswordPolicyV3Dto $Result
# Below is a request that includes all optional parameters
# New-V2025PasswordPolicy -PasswordPolicyV3Dto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025PasswordPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-password-policy
This API deletes the specified password policy.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-password-policy)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password policy to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ff808081838d9e9d01838da6a03e0002" # String | The ID of password policy to delete.
# Delete Password Policy by ID
try {
Remove-V2025PasswordPolicy -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025PasswordPolicy -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025PasswordPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-policy-by-id
This API returns the password policy for the specified ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-password-policy-by-id)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password policy to retrieve.
### Return type
[**PasswordPolicyV3Dto**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password policy. | PasswordPolicyV3Dto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ff808081838d9e9d01838da6a03e0005" # String | The ID of password policy to retrieve.
# Get Password Policy by ID
try {
Get-V2025PasswordPolicyById -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025PasswordPolicyById -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordPolicyById"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-password-policies
This gets list of all Password Policies.
Requires role of ORG_ADMIN
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-password-policies)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PasswordPolicyV3Dto[]**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all Password Policies. | PasswordPolicyV3Dto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Password Policies
try {
Get-V2025PasswordPolicies
# Below is a request that includes all optional parameters
# Get-V2025PasswordPolicies -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordPolicies"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-password-policy
This API updates the specified password policy.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-password-policy)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password policy to update.
Body | PasswordPolicyV3Dto | [**PasswordPolicyV3Dto**](../models/password-policy-v3-dto) | True |
### Return type
[**PasswordPolicyV3Dto**](../models/password-policy-v3-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password policy. | PasswordPolicyV3Dto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ff808081838d9e9d01838da6a03e0007" # String | The ID of password policy to update.
$PasswordPolicyV3Dto = @"{
"validateAgainstAccountName" : true,
"minLength" : 8,
"description" : "Information about the Password Policy",
"requireStrongAuthUntrustedGeographies" : true,
"enablePasswdExpiration" : true,
"minNumeric" : 8,
"lastUpdated" : 1939056206564,
"validateAgainstAccountId" : false,
"dateCreated" : 1639056206564,
"accountNameMinWordLength" : 6,
"minUpper" : 8,
"firstExpirationReminder" : 45,
"modified" : "modified",
"id" : "2c91808e7d976f3b017d9f5ceae440c8",
"requireStrongAuthn" : true,
"useDictionary" : false,
"minSpecial" : 8,
"sourceIds" : [ "2c91808382ffee0b01830de154f14034", "2f98808382ffee0b01830de154f12134" ],
"passwordExpiration" : 8,
"maxRepeatedChars" : 3,
"minCharacterTypes" : 5,
"minAlpha" : 5,
"created" : "created",
"useAccountAttributes" : false,
"accountIdMinWordLength" : 4,
"minLower" : 8,
"useIdentityAttributes" : false,
"defaultPolicy" : true,
"requireStrongAuthOffNetwork" : true,
"name" : "PasswordPolicy Example",
"maxLength" : 25
}"@
# Update Password Policy by ID
try {
$Result = ConvertFrom-JsonToPasswordPolicyV3Dto -Json $PasswordPolicyV3Dto
Set-V2025PasswordPolicy -Id $Id -PasswordPolicyV3Dto $Result
# Below is a request that includes all optional parameters
# Set-V2025PasswordPolicy -Id $Id -PasswordPolicyV3Dto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025PasswordPolicy"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

306
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PasswordSyncGroupsApi.md Normal file
View File

@@ -0,0 +1,306 @@
---
id: v2025-password-sync-groups
title: PasswordSyncGroups
pagination_label: PasswordSyncGroups
sidebar_label: PasswordSyncGroups
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PasswordSyncGroups', 'V2025PasswordSyncGroups']
slug: /tools/sdk/powershell/v2025/methods/password-sync-groups
tags: ['SDK', 'Software Development Kit', 'PasswordSyncGroups', 'V2025PasswordSyncGroups']
---
# PasswordSyncGroups
Use this API to implement password sync group functionality.
With this functionality in place, administrators can group sources into password sync groups so that all their applications share the same password.
This allows users to update the password for all the applications in a sync group if they want, rather than updating each password individually.
A password sync group is a group of applications that shares a password.
Administrators create these groups by grouping the applications&#39; sources.
For example, an administrator can group the ActiveDirectory, GitHub, and G Suite sources together so that all those sources&#39; applications can also be grouped to share a password.
A user can then update his or her password for ActiveDirectory, GitHub, Gmail, Google Drive, and Google Calendar all at once, rather then updating each one individually.
The following are required for administrators to create a password sync group in Identity Security Cloud:
- At least two direct connect sources connected to Identity Security Cloud and configured for Password Management.
- Each authentication source in a sync group must have at least one application. Refer to [Adding and Resetting Application Passwords](https://documentation.sailpoint.com/saas/help/pwd/adv_config.html#adding-and-resetting-application-passwords) for more information about adding applications to sources.
- At least one password policy. Refer to [Managing Password Policies](https://documentation.sailpoint.com/saas/help/pwd/policies.html) for more information about password policies.
In the Admin panel in Identity Security Cloud, administrators can use the Password Mgmt dropdown menu to select Sync Groups.
To create a sync group, administrators must provide a name, choose a password policy to be enforced across the sources in the sync group, and select the sources to include in the sync group.
Administrators can also delete sync groups in Identity Security Cloud, but they should know the following before they do:
- Passwords related to the associated sources will become independent, so changing one will not change the others anymore.
- Passwords for the sources&#39; connected applications will also become independent.
- Password policies assigned to the sync group are then assigned directly to the associated sources.
To change the password policy for a source, administrators must edit it directly.
Once the password sync group has been created, users can update the password for the group in Password Manager.
Refer to [Managing Password Sync Groups](https://documentation.sailpoint.com/saas/help/pwd/sync_grps.html) for more information about password sync groups.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025PasswordSyncGroup**](#create-password-sync-group) | **POST** `/password-sync-groups` | Create Password Sync Group
[**Remove-V2025PasswordSyncGroup**](#delete-password-sync-group) | **DELETE** `/password-sync-groups/{id}` | Delete Password Sync Group by ID
[**Get-V2025PasswordSyncGroup**](#get-password-sync-group) | **GET** `/password-sync-groups/{id}` | Get Password Sync Group by ID
[**Get-V2025PasswordSyncGroups**](#get-password-sync-groups) | **GET** `/password-sync-groups` | Get Password Sync Group List
[**Update-V2025PasswordSyncGroup**](#update-password-sync-group) | **PUT** `/password-sync-groups/{id}` | Update Password Sync Group by ID
## create-password-sync-group
This API creates a password sync group based on the specifications provided.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-password-sync-group)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PasswordSyncGroup | [**PasswordSyncGroup**](../models/password-sync-group) | True |
### Return type
[**PasswordSyncGroup**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password sync group. | PasswordSyncGroup
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PasswordSyncGroup = @"{
"created" : "2023-03-16T04:00:00Z",
"name" : "Password Sync Group 1",
"modified" : "2023-03-16T04:00:00Z",
"passwordPolicyId" : "2c91808d744ba0ce01746f93b6204501",
"id" : "6881f631-3bd5-4213-9c75-8e05cc3e35dd",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
}"@
# Create Password Sync Group
try {
$Result = ConvertFrom-JsonToPasswordSyncGroup -Json $PasswordSyncGroup
New-V2025PasswordSyncGroup -PasswordSyncGroup $Result
# Below is a request that includes all optional parameters
# New-V2025PasswordSyncGroup -PasswordSyncGroup $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-password-sync-group
This API deletes the specified password sync group.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-password-sync-group)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password sync group to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "6881f631-3bd5-4213-9c75-8e05cc3e35dd" # String | The ID of password sync group to delete.
# Delete Password Sync Group by ID
try {
Remove-V2025PasswordSyncGroup -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025PasswordSyncGroup -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-sync-group
This API returns the sync group for the specified ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-password-sync-group)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password sync group to retrieve.
### Return type
[**PasswordSyncGroup**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password sync group. | PasswordSyncGroup
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "6881f631-3bd5-4213-9c75-8e05cc3e35dd" # String | The ID of password sync group to retrieve.
# Get Password Sync Group by ID
try {
Get-V2025PasswordSyncGroup -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025PasswordSyncGroup -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-password-sync-groups
This API returns a list of password sync groups.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-password-sync-groups)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**PasswordSyncGroup[]**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of password sync groups. | PasswordSyncGroup[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Get Password Sync Group List
try {
Get-V2025PasswordSyncGroups
# Below is a request that includes all optional parameters
# Get-V2025PasswordSyncGroups -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PasswordSyncGroups"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-password-sync-group
This API updates the specified password sync group.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-password-sync-group)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of password sync group to update.
Body | PasswordSyncGroup | [**PasswordSyncGroup**](../models/password-sync-group) | True |
### Return type
[**PasswordSyncGroup**](../models/password-sync-group)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Reference to the password sync group. | PasswordSyncGroup
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "6881f631-3bd5-4213-9c75-8e05cc3e35dd" # String | The ID of password sync group to update.
$PasswordSyncGroup = @"{
"created" : "2023-03-16T04:00:00Z",
"name" : "Password Sync Group 1",
"modified" : "2023-03-16T04:00:00Z",
"passwordPolicyId" : "2c91808d744ba0ce01746f93b6204501",
"id" : "6881f631-3bd5-4213-9c75-8e05cc3e35dd",
"sourceIds" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210500" ]
}"@
# Update Password Sync Group by ID
try {
$Result = ConvertFrom-JsonToPasswordSyncGroup -Json $PasswordSyncGroup
Update-V2025PasswordSyncGroup -Id $Id -PasswordSyncGroup $Result
# Below is a request that includes all optional parameters
# Update-V2025PasswordSyncGroup -Id $Id -PasswordSyncGroup $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025PasswordSyncGroup"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

233
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PersonalAccessTokensApi.md Normal file
View File

@@ -0,0 +1,233 @@
---
id: v2025-personal-access-tokens
title: PersonalAccessTokens
pagination_label: PersonalAccessTokens
sidebar_label: PersonalAccessTokens
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PersonalAccessTokens', 'V2025PersonalAccessTokens']
slug: /tools/sdk/powershell/v2025/methods/personal-access-tokens
tags: ['SDK', 'Software Development Kit', 'PersonalAccessTokens', 'V2025PersonalAccessTokens']
---
# PersonalAccessTokens
Use this API to implement personal access token (PAT) functionality.
With this functionality in place, users can use PATs as an alternative to passwords for authentication in Identity Security Cloud.
PATs embed user information into the client ID and secret.
This replaces the API clients&#39; need to store and provide a username and password to establish a connection, improving Identity Security Cloud organizations&#39; integration security.
In Identity Security Cloud, users can do the following to create and manage their PATs: Select the dropdown menu under their names, select Preferences, and then select Personal Access Tokens.
They must then provide a description about the token&#39;s purpose.
They can then select &#39;Create Token&#39; at the bottom of the page to generate and view the Secret and Client ID.
Refer to [Managing Personal Access Tokens](https://documentation.sailpoint.com/saas/help/common/generate_tokens.html) for more information about PATs.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025PersonalAccessToken**](#create-personal-access-token) | **POST** `/personal-access-tokens` | Create Personal Access Token
[**Remove-V2025PersonalAccessToken**](#delete-personal-access-token) | **DELETE** `/personal-access-tokens/{id}` | Delete Personal Access Token
[**Get-V2025PersonalAccessTokens**](#list-personal-access-tokens) | **GET** `/personal-access-tokens` | List Personal Access Tokens
[**Update-V2025PersonalAccessToken**](#patch-personal-access-token) | **PATCH** `/personal-access-tokens/{id}` | Patch Personal Access Token
## create-personal-access-token
This creates a personal access token.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-personal-access-token)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreatePersonalAccessTokenRequest | [**CreatePersonalAccessTokenRequest**](../models/create-personal-access-token-request) | True | Name and scope of personal access token.
### Return type
[**CreatePersonalAccessTokenResponse**](../models/create-personal-access-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Created. Note - this is the only time Personal Access Tokens&#39; secret attribute will be displayed. | CreatePersonalAccessTokenResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreatePersonalAccessTokenRequest = @"{
"scope" : [ "demo:personal-access-token-scope:first", "demo:personal-access-token-scope:second" ],
"accessTokenValiditySeconds" : 36900,
"name" : "NodeJS Integration"
}"@
# Create Personal Access Token
try {
$Result = ConvertFrom-JsonToCreatePersonalAccessTokenRequest -Json $CreatePersonalAccessTokenRequest
New-V2025PersonalAccessToken -CreatePersonalAccessTokenRequest $Result
# Below is a request that includes all optional parameters
# New-V2025PersonalAccessToken -CreatePersonalAccessTokenRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025PersonalAccessToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-personal-access-token
This deletes a personal access token.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-personal-access-token)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The personal access token id
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The personal access token id
# Delete Personal Access Token
try {
Remove-V2025PersonalAccessToken -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025PersonalAccessToken -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025PersonalAccessToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-personal-access-tokens
This gets a collection of personal access tokens associated with the optional `owner-id`. query parameter. If the `owner-id` query parameter is omitted, all personal access tokens for a tenant will be retrieved, but the caller must have the 'idn:all-personal-access-tokens:read' right.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-personal-access-tokens)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | The identity ID of the owner whose personal access tokens should be listed. If ""me"", the caller should have the following right: 'idn:my-personal-access-tokens:read' If an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. If the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read'
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull*
### Return type
[**GetPersonalAccessTokenResponse[]**](../models/get-personal-access-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of personal access tokens. | GetPersonalAccessTokenResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$OwnerId = "2c9180867b50d088017b554662fb281e" # String | The identity ID of the owner whose personal access tokens should be listed. If ""me"", the caller should have the following right: 'idn:my-personal-access-tokens:read' If an actual owner ID or if the `owner-id` parameter is omitted in the request, the caller should have the following right: 'idn:all-personal-access-tokens:read'. If the caller has the following right, then managed personal access tokens associated with `owner-id` will be retrieved: 'idn:managed-personal-access-tokens:read' (optional)
$Filters = 'lastUsed le 2023-02-05T10:59:27.214Z' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **lastUsed**: *le, isnull* (optional)
# List Personal Access Tokens
try {
Get-V2025PersonalAccessTokens
# Below is a request that includes all optional parameters
# Get-V2025PersonalAccessTokens -OwnerId $OwnerId -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PersonalAccessTokens"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-personal-access-token
This performs a targeted update to the field(s) of a Personal Access Token.
Changing scopes for a Personal Access Token does not impact existing bearer tokens. You will need to create a new bearer token to have the new scopes. Please note that it can take up to 20 minutes for scope changes to be seen on new bearer tokens.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-personal-access-token)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The Personal Access Token id
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * scope
### Return type
[**GetPersonalAccessTokenResponse**](../models/get-personal-access-token-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the PAT&#39;s new representation. | GetPersonalAccessTokenResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The Personal Access Token id
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of OAuth client update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * scope
# Patch Personal Access Token
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025PersonalAccessToken -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025PersonalAccessToken -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025PersonalAccessToken"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

79
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PublicIdentitiesApi.md Normal file
View File

@@ -0,0 +1,79 @@
---
id: v2025-public-identities
title: PublicIdentities
pagination_label: PublicIdentities
sidebar_label: PublicIdentities
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PublicIdentities', 'V2025PublicIdentities']
slug: /tools/sdk/powershell/v2025/methods/public-identities
tags: ['SDK', 'Software Development Kit', 'PublicIdentities', 'V2025PublicIdentities']
---
# PublicIdentities
Use this API in conjunction with [Public Identites Config](https://developer.sailpoint.com/docs/api/v2025/public-identities-config/) to enable non-administrators to view identities&#39; publicly visible attributes.
With this functionality in place, non-administrators can view identity attributes other than the default attributes (email, lifecycle state, and manager), depending on which identity attributes their organization administrators have made public.
This can be helpful for access approvers, certification reviewers, managers viewing their direct reports&#39; access, and source owners viewing their tasks.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025PublicIdentities**](#get-public-identities) | **GET** `/public-identities` | Get list of public identities
## get-public-identities
Get a list of public identities. Set `add-core-filters` to `true` to exclude incomplete identities and uncorrelated accounts.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-public-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **alias**: *eq, sw* **email**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw*
Query | AddCoreFilters | **Boolean** | (optional) (default to $false) | If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*: - Should be either correlated or protected. - Should not be ""spadmin"" or ""cloudadmin"". - uid should not be null. - lastname should not be null. - email should not be null.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
### Return type
[**PublicIdentity[]**](../models/public-identity)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of public identity objects. | PublicIdentity[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'firstname eq "John"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **alias**: *eq, sw* **email**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw* (optional)
$AddCoreFilters = $false # Boolean | If *true*, only get identities which satisfy ALL the following criteria in addition to any criteria specified by *filters*: - Should be either correlated or protected. - Should not be ""spadmin"" or ""cloudadmin"". - uid should not be null. - lastname should not be null. - email should not be null. (optional) (default to $false)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
# Get list of public identities
try {
Get-V2025PublicIdentities
# Below is a request that includes all optional parameters
# Get-V2025PublicIdentities -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -AddCoreFilters $AddCoreFilters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PublicIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

135
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025PublicIdentitiesConfigApi.md Normal file
View File

@@ -0,0 +1,135 @@
---
id: v2025-public-identities-config
title: PublicIdentitiesConfig
pagination_label: PublicIdentitiesConfig
sidebar_label: PublicIdentitiesConfig
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'PublicIdentitiesConfig', 'V2025PublicIdentitiesConfig']
slug: /tools/sdk/powershell/v2025/methods/public-identities-config
tags: ['SDK', 'Software Development Kit', 'PublicIdentitiesConfig', 'V2025PublicIdentitiesConfig']
---
# PublicIdentitiesConfig
Use this API to implement public identity configuration functionality.
With this functionality in place, administrators can make up to 5 identity attributes publicly visible so other non-administrator users can see the relevant information they need to make decisions.
This can be helpful for approvers making approvals, certification reviewers, managers viewing their direct reports&#39; access, and source owners viewing their tasks.
By default, non-administrators can select an identity and view the following attributes: email, lifecycle state, and manager.
However, it may be helpful for a non-administrator reviewer to see other identity attributes like department, region, title, etc.
Administrators can use this API to make those necessary identity attributes public to non-administrators.
For example, a non-administrator deciding whether to approve another identity&#39;s request for access to the Workday application, whose access may be restricted to members of the HR department, would want to know whether the identity is a member of the HR department.
If an administrator has used [Update Public Identity Config](https://developer.sailpoint.com/docs/api/v2025/update-public-identity-config/) to make the &quot;department&quot; attribute public, the approver can see the department and make a decision without requesting any more information.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025PublicIdentityConfig**](#get-public-identity-config) | **GET** `/public-identities-config` | Get the Public Identities Configuration
[**Update-V2025PublicIdentityConfig**](#update-public-identity-config) | **PUT** `/public-identities-config` | Update the Public Identities Configuration
## get-public-identity-config
Returns the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-public-identity-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**PublicIdentityConfig**](../models/public-identity-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | PublicIdentityConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get the Public Identities Configuration
try {
Get-V2025PublicIdentityConfig
# Below is a request that includes all optional parameters
# Get-V2025PublicIdentityConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PublicIdentityConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-public-identity-config
Updates the publicly visible attributes of an identity available to request approvers for Access Requests and Certification Campaigns.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-public-identity-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | PublicIdentityConfig | [**PublicIdentityConfig**](../models/public-identity-config) | True |
### Return type
[**PublicIdentityConfig**](../models/public-identity-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | PublicIdentityConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$PublicIdentityConfig = @"{
"modified" : "2018-06-25T20:22:28.104Z",
"attributes" : [ {
"name" : "Country",
"key" : "country"
}, {
"name" : "Country",
"key" : "country"
} ],
"modifiedBy" : {
"name" : "Thomas Edison",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
}
}"@
# Update the Public Identities Configuration
try {
$Result = ConvertFrom-JsonToPublicIdentityConfig -Json $PublicIdentityConfig
Update-V2025PublicIdentityConfig -PublicIdentityConfig $Result
# Below is a request that includes all optional parameters
# Update-V2025PublicIdentityConfig -PublicIdentityConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025PublicIdentityConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

223
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ReportsDataExtractionApi.md Normal file
View File

@@ -0,0 +1,223 @@
---
id: v2025-reports-data-extraction
title: ReportsDataExtraction
pagination_label: ReportsDataExtraction
sidebar_label: ReportsDataExtraction
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ReportsDataExtraction', 'V2025ReportsDataExtraction']
slug: /tools/sdk/powershell/v2025/methods/reports-data-extraction
tags: ['SDK', 'Software Development Kit', 'ReportsDataExtraction', 'V2025ReportsDataExtraction']
---
# ReportsDataExtraction
Use this API to implement reports lifecycle managing and monitoring.
With this functionality in place, users can run reports, view their results, and cancel reports in progress.
This can be potentially helpful for auditing purposes.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Suspend-V2025Report**](#cancel-report) | **POST** `/reports/{id}/cancel` | Cancel Report
[**Get-V2025Report**](#get-report) | **GET** `/reports/{taskResultId}` | Get Report File
[**Get-V2025ReportResult**](#get-report-result) | **GET** `/reports/{taskResultId}/result` | Get Report Result
[**Start-V2025Report**](#start-report) | **POST** `/reports/run` | Run Report
## cancel-report
Cancels a running report.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/cancel-report)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the running Report to cancel
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "a1ed223247144cc29d23c632624b4767" # String | ID of the running Report to cancel
# Cancel Report
try {
Suspend-V2025Report -Id $Id
# Below is a request that includes all optional parameters
# Suspend-V2025Report -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-V2025Report"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-report
Gets a report in file format.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-report)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | TaskResultId | **String** | True | Unique identifier of the task result which handled report
Query | FileFormat | **String** | True | Output format of the requested report file
Query | Name | **String** | (optional) | preferred Report file name, by default will be used report name from task result.
Query | Auditable | **Boolean** | (optional) (default to $false) | Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId.
### Return type
**System.IO.FileInfo**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Report file in selected format. CSV by default. | System.IO.FileInfo
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/csv, application/pdf, application/json
### Example
```powershell
$TaskResultId = "ef38f94347e94562b5bb8424a56397d8" # String | Unique identifier of the task result which handled report
$FileFormat = "csv" # String | Output format of the requested report file
$Name = "Identities Details Report" # String | preferred Report file name, by default will be used report name from task result. (optional)
$Auditable = $true # Boolean | Enables auditing for current report download. Will create an audit event and sent it to the REPORT cloud-audit kafka topic. Event will be created if there is any result present by requested taskResultId. (optional) (default to $false)
# Get Report File
try {
Get-V2025Report -TaskResultId $TaskResultId -FileFormat $FileFormat
# Below is a request that includes all optional parameters
# Get-V2025Report -TaskResultId $TaskResultId -FileFormat $FileFormat -Name $Name -Auditable $Auditable
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Report"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-report-result
Get the report results for a report that was run or is running. Returns empty report result in case there are no active task definitions with used in payload task definition name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-report-result)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | TaskResultId | **String** | True | Unique identifier of the task result which handled report
Query | Completed | **Boolean** | (optional) (default to $false) | state of task result to apply ordering when results are fetching from the DB
### Return type
[**ReportResults**](../models/report-results)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Details about report that was run or is running. | ReportResults
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$TaskResultId = "ef38f94347e94562b5bb8424a56397d8" # String | Unique identifier of the task result which handled report
$Completed = $true # Boolean | state of task result to apply ordering when results are fetching from the DB (optional) (default to $false)
# Get Report Result
try {
Get-V2025ReportResult -TaskResultId $TaskResultId
# Below is a request that includes all optional parameters
# Get-V2025ReportResult -TaskResultId $TaskResultId -Completed $Completed
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ReportResult"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-report
Use this API to run a report according to report input details. If non-concurrent task is already running then it returns, otherwise new task creates and returns.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/start-report)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ReportDetails | [**ReportDetails**](../models/report-details) | True |
### Return type
[**TaskResultDetails**](../models/task-result-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Details about running report task. | TaskResultDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ReportDetails = @"{
"reportType" : "ACCOUNTS",
"arguments" : {
"application" : "2c9180897e7742b2017e781782f705b9",
"sourceName" : "Active Directory"
}
}"@
# Run Report
try {
$Result = ConvertFrom-JsonToReportDetails -Json $ReportDetails
Start-V2025Report -ReportDetails $Result
# Below is a request that includes all optional parameters
# Start-V2025Report -ReportDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-V2025Report"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

90
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025RequestableObjectsApi.md Normal file
View File

@@ -0,0 +1,90 @@
---
id: v2025-requestable-objects
title: RequestableObjects
pagination_label: RequestableObjects
sidebar_label: RequestableObjects
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RequestableObjects', 'V2025RequestableObjects']
slug: /tools/sdk/powershell/v2025/methods/requestable-objects
tags: ['SDK', 'Software Development Kit', 'RequestableObjects', 'V2025RequestableObjects']
---
# RequestableObjects
Use this API to implement requestable object functionality.
With this functionality in place, administrators can determine which access items can be requested with the [Access Request APIs](https://developer.sailpoint.com/docs/api/v2025/access-requests/), along with their statuses.
This can be helpful for administrators who are implementing and customizing access request functionality as a way of checking which items are requestable as they are created, assigned, and made available.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025RequestableObjects**](#list-requestable-objects) | **GET** `/requestable-objects` | Requestable Objects List
## list-requestable-objects
Get a list of acccess items that can be requested through the [Access Request endpoints](https://developer.sailpoint.com/docs/api/v2024/access-requests). Access items are marked with `AVAILABLE`, `PENDING` or `ASSIGNED` with respect to the identity provided using `identity-id` query parameter.
Any authenticated token can call this endpoint to see their requestable access items.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-requestable-objects)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | IdentityId | **String** | (optional) | If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.
Query | Types | [**[]RequestableObjectType**](../models/requestable-object-type) | (optional) | Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
Query | Term | **String** | (optional) | Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
Query | Statuses | [**[]RequestableObjectRequestStatus**](../models/requestable-object-request-status) | (optional) | Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
### Return type
[**RequestableObject[]**](../models/requestable-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of requestable objects | RequestableObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$IdentityId = "e7eab60924f64aa284175b9fa3309599" # String | If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result. (optional)
$Types = "ACCESS_PROFILE" # RequestableObjectType[] | Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice. (optional)
$Types = @"ROLE,ACCESS_PROFILE"@ # RequestableObjectType[] | Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice. (optional)
$Term = "Finance Role" # String | Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter. (optional)
$Statuses = "AVAILABLE" # RequestableObjectRequestStatus[] | Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice. (optional)
$Statuses = @"[ASSIGNED, PENDING]"@ # RequestableObjectRequestStatus[] | Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name sw "bob"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in, sw* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
# Requestable Objects List
try {
Get-V2025RequestableObjects
# Below is a request that includes all optional parameters
# Get-V2025RequestableObjects -IdentityId $IdentityId -Types $Types -Term $Term -Statuses $Statuses -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RequestableObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

506
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025RoleInsightsApi.md Normal file
View File

@@ -0,0 +1,506 @@
---
id: v2025-role-insights
title: RoleInsights
pagination_label: RoleInsights
sidebar_label: RoleInsights
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'RoleInsights', 'V2025RoleInsights']
slug: /tools/sdk/powershell/v2025/methods/role-insights
tags: ['SDK', 'Software Development Kit', 'RoleInsights', 'V2025RoleInsights']
---
# RoleInsights
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025RoleInsightRequests**](#create-role-insight-requests) | **POST** `/role-insights/requests` | Generate insights for roles
[**Invoke-V2025DownloadRoleInsightsEntitlementsChanges**](#download-role-insights-entitlements-changes) | **GET** `/role-insights/{insightId}/entitlement-changes/download` | Download entitlement insights for a role
[**Get-V2025EntitlementChangesIdentities**](#get-entitlement-changes-identities) | **GET** `/role-insights/{insightId}/entitlement-changes/{entitlementId}/identities` | Get identities for a suggested entitlement (for a role)
[**Get-V2025RoleInsight**](#get-role-insight) | **GET** `/role-insights/{insightId}` | Get a single role insight
[**Get-V2025RoleInsights**](#get-role-insights) | **GET** `/role-insights` | Get role insights
[**Get-V2025RoleInsightsCurrentEntitlements**](#get-role-insights-current-entitlements) | **GET** `/role-insights/{insightId}/current-entitlements` | Get current entitlement for a role
[**Get-V2025RoleInsightsEntitlementsChanges**](#get-role-insights-entitlements-changes) | **GET** `/role-insights/{insightId}/entitlement-changes` | Get entitlement insights for a role
[**Get-V2025RoleInsightsRequests**](#get-role-insights-requests) | **GET** `/role-insights/requests/{id}` | Returns metadata from prior request.
[**Get-V2025RoleInsightsSummary**](#get-role-insights-summary) | **GET** `/role-insights/summary` | Get role insights summary information
## create-role-insight-requests
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Submits a create role insights request to the role insights application. At this time there are no parameters. All business roles will be processed for the customer.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-role-insight-requests)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**RoleInsightsResponse**](../models/role-insights-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Submitted a role insights generation request | RoleInsightsResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Generate insights for roles
try {
New-V2025RoleInsightRequests -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# New-V2025RoleInsightRequests -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025RoleInsightRequests"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## download-role-insights-entitlements-changes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint returns the entitlement insights for a role.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/download-role-insights-entitlements-changes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | InsightId | **String** | True | The role insight id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitiesWithAccess** The default sort is **identitiesWithAccess** in descending order.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **description**: *sw*
### Return type
**String**
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns a csv file containing a list of entitlements to be added for a role. | String
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: text/csv, application/json
### Example
```powershell
$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Sorters = "identitiesWithAccess" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitiesWithAccess** The default sort is **identitiesWithAccess** in descending order. (optional)
$Filters = 'name sw "r"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **description**: *sw* (optional)
# Download entitlement insights for a role
try {
Invoke-V2025DownloadRoleInsightsEntitlementsChanges -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Invoke-V2025DownloadRoleInsightsEntitlementsChanges -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025DownloadRoleInsightsEntitlementsChanges"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-entitlement-changes-identities
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Role insights suggests entitlements to be added for a role. This endpoint returns a list of identities in the role, with or without the entitlements, for a suggested entitlement so that the user can see which identities would be affected if the suggested entitlement were to be added to the role.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-entitlement-changes-identities)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | InsightId | **String** | True | The role insight id
Path | EntitlementId | **String** | True | The entitlement id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | HasEntitlement | **Boolean** | (optional) (default to $false) | Identity has this entitlement or not
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw*
### Return type
[**RoleInsightsIdentities[]**](../models/role-insights-identities)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns a list of identities with or without the entitlement. | RoleInsightsIdentities[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$EntitlementId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The entitlement id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$HasEntitlement = $true # Boolean | Identity has this entitlement or not (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
$Filters = 'name sw "Jan"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* (optional)
# Get identities for a suggested entitlement (for a role)
try {
Get-V2025EntitlementChangesIdentities -InsightId $InsightId -EntitlementId $EntitlementId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025EntitlementChangesIdentities -InsightId $InsightId -EntitlementId $EntitlementId -XSailPointExperimental $XSailPointExperimental -HasEntitlement $HasEntitlement -Offset $Offset -Limit $Limit -Count $Count -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025EntitlementChangesIdentities"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-insight
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint gets role insights information for a role.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-insight)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | InsightId | **String** | True | The role insight id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**RoleInsight**](../models/role-insight)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns information about insights for a single role. | RoleInsight
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get a single role insight
try {
Get-V2025RoleInsight -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleInsight -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleInsight"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-insights
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method returns detailed role insights for each role.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-insights)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **ownerName**: *sw* **description**: *sw*
### Return type
[**RoleInsight[]**](../models/role-insight)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns a list of roles with information about insights for each role. | RoleInsight[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "numberOfUpdates" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities** (optional)
$Filters = 'name sw "John"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **ownerName**: *sw* **description**: *sw* (optional)
# Get role insights
try {
Get-V2025RoleInsights -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleInsights -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleInsights"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-insights-current-entitlements
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint gets the entitlements for a role. The term "current" is to distinguish from the entitlement(s) an insight might recommend adding.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-insights-current-entitlements)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | InsightId | **String** | True | The role insight id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **description**: *sw*
### Return type
[**RoleInsightsEntitlement[]**](../models/role-insights-entitlement)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns a list of current or pre-existing entitlements for a role. | RoleInsightsEntitlement[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'name sw "r"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **description**: *sw* (optional)
# Get current entitlement for a role
try {
Get-V2025RoleInsightsCurrentEntitlements -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleInsightsCurrentEntitlements -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleInsightsCurrentEntitlements"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-insights-entitlements-changes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint returns entitlement insights for a role.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-insights-entitlements-changes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | InsightId | **String** | True | The role insight id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitiesWithAccess, name**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **description**: *sw*
### Return type
[**RoleInsightsEntitlementChanges[]**](../models/role-insights-entitlement-changes)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns a list of entitlements to be added for a role. | RoleInsightsEntitlementChanges[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Sorters = "MySorters" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **identitiesWithAccess, name** (optional)
$Filters = 'name sw "Admin"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* **description**: *sw* (optional)
# Get entitlement insights for a role
try {
Get-V2025RoleInsightsEntitlementsChanges -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleInsightsEntitlementsChanges -InsightId $InsightId -XSailPointExperimental $XSailPointExperimental -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleInsightsEntitlementsChanges"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-insights-requests
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This endpoint returns details of a prior role insights request.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-insights-requests)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The role insights request id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**RoleInsightsResponse**](../models/role-insights-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns details of an earlier role insights request. | RoleInsightsResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insights request id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Returns metadata from prior request.
try {
Get-V2025RoleInsightsRequests -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleInsightsRequests -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleInsightsRequests"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-role-insights-summary
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This method returns high level summary information for role insights for a customer.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-role-insights-summary)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**RoleInsightsSummary**](../models/role-insights-summary)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Succeeded. Returns high level counts. | RoleInsightsSummary
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get role insights summary information
try {
Get-V2025RoleInsightsSummary -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025RoleInsightsSummary -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025RoleInsightsSummary"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1115
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025RolesApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

453
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SIMIntegrationsApi.md Normal file
View File

@@ -0,0 +1,453 @@
---
id: v2025-sim-integrations
title: SIMIntegrations
pagination_label: SIMIntegrations
sidebar_label: SIMIntegrations
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SIMIntegrations', 'V2025SIMIntegrations']
slug: /tools/sdk/powershell/v2025/methods/sim-integrations
tags: ['SDK', 'Software Development Kit', 'SIMIntegrations', 'V2025SIMIntegrations']
---
# SIMIntegrations
Use this API to administer IdentityNow&#39;s Service Integration Module, or SIM integration with ServiceNow, so that it converts IdentityNow provisioning actions into tickets in ServiceNow.
ServiceNow is a software platform that supports IT service management and automates common business processes for requesting and fulfilling service requests across a business enterprise.
You must have an IdentityNow ServiceNow ServiceDesk license to use this integration. Contact your Customer Success Manager for more information.
Service Desk integration for IdentityNow and in deprecation - not available for new implementation, as of July 21st, 2021. As per SailPoints [support policy](https://community.sailpoint.com/t5/Connector-Directory/SailPoint-Support-Policy-for-Connectivity/ta-p/79422), all existing SailPoint IdentityNow customers using this legacy integration will be supported until July 2022.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025SIMIntegration**](#create-sim-integration) | **POST** `/sim-integrations` | Create new SIM integration
[**Remove-V2025SIMIntegration**](#delete-sim-integration) | **DELETE** `/sim-integrations/{id}` | Delete a SIM integration
[**Get-V2025SIMIntegration**](#get-sim-integration) | **GET** `/sim-integrations/{id}` | Get a SIM integration details.
[**Get-V2025SIMIntegrations**](#get-sim-integrations) | **GET** `/sim-integrations` | List the existing SIM integrations.
[**Update-V2025BeforeProvisioningRule**](#patch-before-provisioning-rule) | **PATCH** `/sim-integrations/{id}/beforeProvisioningRule` | Patch a SIM beforeProvisioningRule attribute.
[**Update-V2025SIMAttributes**](#patch-sim-attributes) | **PATCH** `/sim-integrations/{id}` | Patch a SIM attribute.
[**Send-V2025SIMIntegration**](#put-sim-integration) | **PUT** `/sim-integrations/{id}` | Update an existing SIM integration
## create-sim-integration
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Create a new SIM Integrations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-sim-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SimIntegrationDetails | [**SimIntegrationDetails**](../models/sim-integration-details) | True | DTO containing the details of the SIM integration
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | details of the created integration | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SimIntegrationDetails = @"{
"cluster" : "xyzzy999",
"statusMap" : "{closed_cancelled=Failed, closed_complete=Committed, closed_incomplete=Failed, closed_rejected=Failed, in_process=Queued, requested=Queued}",
"request" : "{description=SailPoint Access Request,, req_description=The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,, req_short_description=SailPoint New Access Request Created from IdentityNow,, short_description=SailPoint Access Request $!plan.arguments.identityRequestId}",
"sources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"created" : "2015-05-28T14:07:17Z",
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"description" : "Integration description",
"attributes" : "{\"uid\":\"Walter White\",\"firstname\":\"walter\",\"cloudStatus\":\"UNREGISTERED\",\"displayName\":\"Walter White\",\"identificationNumber\":\"942\",\"lastSyncDate\":1470348809380,\"email\":\"walter@gmail.com\",\"lastname\":\"white\"}",
"id" : "id12345",
"type" : "ServiceNow Service Desk",
"beforeProvisioningRule" : {
"name" : "Example Rule",
"id" : "2c918085708c274401708c2a8a760001",
"type" : "IDENTITY"
}
}"@
# Create new SIM integration
try {
$Result = ConvertFrom-JsonToSimIntegrationDetails -Json $SimIntegrationDetails
New-V2025SIMIntegration -XSailPointExperimental $XSailPointExperimental -SimIntegrationDetails $Result
# Below is a request that includes all optional parameters
# New-V2025SIMIntegration -XSailPointExperimental $XSailPointExperimental -SimIntegrationDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025SIMIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-sim-integration
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get the details of a SIM integration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-sim-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The id of the integration to delete.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | No content response |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "12345" # String | The id of the integration to delete.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete a SIM integration
try {
Remove-V2025SIMIntegration -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025SIMIntegration -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025SIMIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sim-integration
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get the details of a SIM integration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sim-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The id of the integration.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The DTO containing the details of the SIM integration | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "12345" # String | The id of the integration.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get a SIM integration details.
try {
Get-V2025SIMIntegration -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025SIMIntegration -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SIMIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sim-integrations
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
List the existing SIM integrations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sim-integrations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**ServiceDeskIntegrationDto[]**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The DTO containing the details of the SIM integration | ServiceDeskIntegrationDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# List the existing SIM integrations.
try {
Get-V2025SIMIntegrations -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025SIMIntegrations -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SIMIntegrations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-before-provisioning-rule
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Patch a SIM beforeProvisioningRule attribute given a JsonPatch object.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-before-provisioning-rule)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | SIM integration id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatch | [**JsonPatch**](../models/json-patch) | True | The JsonPatch object that describes the changes of SIM beforeProvisioningRule.
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The updated DTO containing the details of the SIM integration. | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "12345" # String | SIM integration id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatch = @"{
"operations" : [ {
"op" : "replace",
"path" : "/description",
"value" : "New description"
}, {
"op" : "replace",
"path" : "/description",
"value" : "New description"
} ]
}"@
# Patch a SIM beforeProvisioningRule attribute.
try {
$Result = ConvertFrom-JsonToJsonPatch -Json $JsonPatch
Update-V2025BeforeProvisioningRule -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatch $Result
# Below is a request that includes all optional parameters
# Update-V2025BeforeProvisioningRule -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatch $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025BeforeProvisioningRule"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-sim-attributes
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Patch a SIM attribute given a JsonPatch object.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-sim-attributes)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | SIM integration id
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatch | [**JsonPatch**](../models/json-patch) | True | The JsonPatch object that describes the changes of SIM
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The updated DTO containing the details of the SIM integration. | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "12345" # String | SIM integration id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatch = @"{
"operations" : [ {
"op" : "replace",
"path" : "/description",
"value" : "New description"
}, {
"op" : "replace",
"path" : "/description",
"value" : "New description"
} ]
}"@
# Patch a SIM attribute.
try {
$Result = ConvertFrom-JsonToJsonPatch -Json $JsonPatch
Update-V2025SIMAttributes -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatch $Result
# Below is a request that includes all optional parameters
# Update-V2025SIMAttributes -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatch $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025SIMAttributes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-sim-integration
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Update an existing SIM integration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-sim-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The id of the integration.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SimIntegrationDetails | [**SimIntegrationDetails**](../models/sim-integration-details) | True | The full DTO of the integration containing the updated model
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | details of the updated integration | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "12345" # String | The id of the integration.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SimIntegrationDetails = @"{
"cluster" : "xyzzy999",
"statusMap" : "{closed_cancelled=Failed, closed_complete=Committed, closed_incomplete=Failed, closed_rejected=Failed, in_process=Queued, requested=Queued}",
"request" : "{description=SailPoint Access Request,, req_description=The Service Request created by SailPoint ServiceNow Service Integration Module (SIM).,, req_short_description=SailPoint New Access Request Created from IdentityNow,, short_description=SailPoint Access Request $!plan.arguments.identityRequestId}",
"sources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"created" : "2015-05-28T14:07:17Z",
"name" : "aName",
"modified" : "2015-05-28T14:07:17Z",
"description" : "Integration description",
"attributes" : "{\"uid\":\"Walter White\",\"firstname\":\"walter\",\"cloudStatus\":\"UNREGISTERED\",\"displayName\":\"Walter White\",\"identificationNumber\":\"942\",\"lastSyncDate\":1470348809380,\"email\":\"walter@gmail.com\",\"lastname\":\"white\"}",
"id" : "id12345",
"type" : "ServiceNow Service Desk",
"beforeProvisioningRule" : {
"name" : "Example Rule",
"id" : "2c918085708c274401708c2a8a760001",
"type" : "IDENTITY"
}
}"@
# Update an existing SIM integration
try {
$Result = ConvertFrom-JsonToSimIntegrationDetails -Json $SimIntegrationDetails
Send-V2025SIMIntegration -Id $Id -XSailPointExperimental $XSailPointExperimental -SimIntegrationDetails $Result
# Below is a request that includes all optional parameters
# Send-V2025SIMIntegration -Id $Id -XSailPointExperimental $XSailPointExperimental -SimIntegrationDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025SIMIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

1067
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SODPoliciesApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

145
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SODViolationsApi.md Normal file
View File

@@ -0,0 +1,145 @@
---
id: v2025-sod-violations
title: SODViolations
pagination_label: SODViolations
sidebar_label: SODViolations
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SODViolations', 'V2025SODViolations']
slug: /tools/sdk/powershell/v2025/methods/sod-violations
tags: ['SDK', 'Software Development Kit', 'SODViolations', 'V2025SODViolations']
---
# SODViolations
Use this API to check for current &quot;separation of duties&quot; (SOD) policy violations as well as potential future SOD policy violations.
With SOD violation functionality in place, administrators can get information about current SOD policy violations and predict whether an access change will trigger new violations, which helps to prevent them from occurring at all.
&quot;Separation of duties&quot; refers to the concept that people shouldn&#39;t have conflicting sets of access - all their access should be configured in a way that protects your organization&#39;s assets and data.
For example, people who record monetary transactions shouldn&#39;t be able to issue payment for those transactions.
Any changes to major system configurations should be approved by someone other than the person requesting the change.
Organizations can use &quot;separation of duties&quot; (SOD) policies to enforce and track their internal security rules throughout their tenants.
These SOD policies limit each user&#39;s involvement in important processes and protects the organization from individuals gaining excessive access.
Once a SOD policy is in place, if an identity has conflicting access items, a SOD violation will trigger.
These violations are included in SOD violation reports that other users will see in emails at regular intervals if they&#39;re subscribed to the SOD policy.
The other users can then better help to enforce these SOD policies.
Administrators can use the SOD violations APIs to check a set of identities for any current SOD violations, and they can use them to check whether adding an access item would potentially trigger a SOD violation.
This second option is a good way to prevent SOD violations from triggering at all.
Refer to [Handling Policy Violations](https://documentation.sailpoint.com/saas/help/sod/policy-violations.html) for more information about SOD policy violations.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Start-V2025PredictSodViolations**](#start-predict-sod-violations) | **POST** `/sod-violations/predict` | Predict SOD violations for identity.
[**Start-V2025ViolationCheck**](#start-violation-check) | **POST** `/sod-violations/check` | Check SOD violations
## start-predict-sod-violations
This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/start-predict-sod-violations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityWithNewAccess | [**IdentityWithNewAccess**](../models/identity-with-new-access) | True |
### Return type
[**ViolationPrediction**](../models/violation-prediction)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Violation Contexts | ViolationPrediction
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityWithNewAccess = @"{
"identityId" : "2c91808568c529c60168cca6f90c1313",
"accessRefs" : [ {
"type" : "ENTITLEMENT",
"id" : "2c918087682f9a86016839c050861ab1",
"name" : "CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local"
}, {
"type" : "ENTITLEMENT",
"id" : "2c918087682f9a86016839c0509c1ab2",
"name" : "CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local"
} ]
}"@
# Predict SOD violations for identity.
try {
$Result = ConvertFrom-JsonToIdentityWithNewAccess -Json $IdentityWithNewAccess
Start-V2025PredictSodViolations -IdentityWithNewAccess $Result
# Below is a request that includes all optional parameters
# Start-V2025PredictSodViolations -IdentityWithNewAccess $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-V2025PredictSodViolations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-violation-check
This API initiates a SOD policy verification asynchronously.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/start-violation-check)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | IdentityWithNewAccess1 | [**IdentityWithNewAccess1**](../models/identity-with-new-access1) | True |
### Return type
[**SodViolationCheck**](../models/sod-violation-check)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Request ID with a timestamp. | SodViolationCheck
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$IdentityWithNewAccess1 = @"{identityId=2c91808568c529c60168cca6f90c1313, accessRefs=[{type=ENTITLEMENT, id=2c918087682f9a86016839c050861ab1, name=CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local}, {type=ENTITLEMENT, id=2c918087682f9a86016839c0509c1ab2, name=CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local}], clientMetadata={additionalProp1=string, additionalProp2=string, additionalProp3=string}}"@
# Check SOD violations
try {
$Result = ConvertFrom-JsonToIdentityWithNewAccess1 -Json $IdentityWithNewAccess1
Start-V2025ViolationCheck -IdentityWithNewAccess1 $Result
# Below is a request that includes all optional parameters
# Start-V2025ViolationCheck -IdentityWithNewAccess1 $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-V2025ViolationCheck"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

375
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SPConfigApi.md Normal file
View File

@@ -0,0 +1,375 @@
---
id: v2025-sp-config
title: SPConfig
pagination_label: SPConfig
sidebar_label: SPConfig
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SPConfig', 'V2025SPConfig']
slug: /tools/sdk/powershell/v2025/methods/sp-config
tags: ['SDK', 'Software Development Kit', 'SPConfig', 'V2025SPConfig']
---
# SPConfig
Import and export configuration for some objects between tenants.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Export-V2025SpConfig**](#export-sp-config) | **POST** `/sp-config/export` | Initiates configuration objects export job
[**Get-V2025SpConfigExport**](#get-sp-config-export) | **GET** `/sp-config/export/{id}/download` | Download export job result.
[**Get-V2025SpConfigExportStatus**](#get-sp-config-export-status) | **GET** `/sp-config/export/{id}` | Get export job status
[**Get-V2025SpConfigImport**](#get-sp-config-import) | **GET** `/sp-config/import/{id}/download` | Download import job result
[**Get-V2025SpConfigImportStatus**](#get-sp-config-import-status) | **GET** `/sp-config/import/{id}` | Get import job status
[**Import-V2025SpConfig**](#import-sp-config) | **POST** `/sp-config/import` | Initiates configuration objects import job
[**Get-V2025SpConfigObjects**](#list-sp-config-objects) | **GET** `/sp-config/config-objects` | List Config Objects
## export-sp-config
This post will export objects from the tenant to a JSON configuration file.
For more information about the object types that currently support export functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).
[API Spec](https://developer.sailpoint.com/docs/api/v2025/export-sp-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ExportPayload | [**ExportPayload**](../models/export-payload) | True | Export options control what will be included in the export.
### Return type
[**SpConfigExportJob**](../models/sp-config-export-job)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Export job accepted and queued for processing. | SpConfigExportJob
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ExportPayload = @"{
"description" : "Export Job 1 Test"
}"@
# Initiates configuration objects export job
try {
$Result = ConvertFrom-JsonToExportPayload -Json $ExportPayload
Export-V2025SpConfig -ExportPayload $Result
# Below is a request that includes all optional parameters
# Export-V2025SpConfig -ExportPayload $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Export-V2025SpConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sp-config-export
This endpoint gets the export file resulting from the export job with the requested `id` and downloads it to a file.
The request will need one of the following security scopes:
- sp:config:read - sp:config:manage
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sp-config-export)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the export job whose results will be downloaded.
### Return type
[**SpConfigExportResults**](../models/sp-config-export-results)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Exported JSON objects. | SpConfigExportResults
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the export job whose results will be downloaded.
# Download export job result.
try {
Get-V2025SpConfigExport -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025SpConfigExport -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SpConfigExport"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sp-config-export-status
This gets the status of the export job identified by the `id` parameter.
The request will need one of the following security scopes:
- sp:config:read - sp:config:manage
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sp-config-export-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the export job whose status will be returned.
### Return type
[**SpConfigExportJobStatus**](../models/sp-config-export-job-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Export job status successfully returned. | SpConfigExportJobStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the export job whose status will be returned.
# Get export job status
try {
Get-V2025SpConfigExportStatus -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025SpConfigExportStatus -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SpConfigExportStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sp-config-import
This gets import file resulting from the import job with the requested id and downloads it to a file. The downloaded file will contain the results of the import operation, including any error, warning or informational messages associated with the import.
The request will need the following security scope:
- sp:config:manage
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sp-config-import)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the import job whose results will be downloaded.
### Return type
[**SpConfigImportResults**](../models/sp-config-import-results)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Import results JSON object, containing detailed results of the import operation. | SpConfigImportResults
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the import job whose results will be downloaded.
# Download import job result
try {
Get-V2025SpConfigImport -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025SpConfigImport -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SpConfigImport"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sp-config-import-status
'This gets the status of the import job identified by the `id` parameter.
For more information about the object types that currently support import functionality,
refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sp-config-import-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the import job whose status will be returned.
### Return type
[**SpConfigImportJobStatus**](../models/sp-config-import-job-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Import job status successfully returned. | SpConfigImportJobStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the import job whose status will be returned.
# Get import job status
try {
Get-V2025SpConfigImportStatus -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025SpConfigImportStatus -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SpConfigImportStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## import-sp-config
This post will import objects from a JSON configuration file into a tenant.
By default, every import will first export all existing objects supported by sp-config as a backup before the import is attempted.
The backup is provided so that the state of the configuration prior to the import is available for inspection or restore if needed.
The backup can be skipped by setting "excludeBackup" to true in the import options.
If a backup is performed, the id of the backup will be provided in the ImportResult as the "exportJobId". This can be downloaded
using the `/sp-config/export/{exportJobId}/download` endpoint.
You cannot currently import from the Non-Employee Lifecycle Management (NELM) source. You cannot use this endpoint to back up or store NELM data.
For more information about the object types that currently support import functionality, refer to [SaaS Configuration](https://developer.sailpoint.com/idn/docs/saas-configuration/#supported-objects).
[API Spec](https://developer.sailpoint.com/docs/api/v2025/import-sp-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| Data | **System.IO.FileInfo** | True | JSON file containing the objects to be imported.
Query | Preview | **Boolean** | (optional) (default to $false) | This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is ""true"", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported.
| Options | [**ImportOptions**](../models/import-options) | (optional) |
### Return type
[**SpConfigJob**](../models/sp-config-job)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Import job accepted and queued for processing. | SpConfigJob
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: multipart/form-data
- **Accept**: application/json
### Example
```powershell
$Data = # System.IO.FileInfo | JSON file containing the objects to be imported.
$Preview = $true # Boolean | This option is intended to give the user information about how an import operation would proceed, without having any effect on the target tenant. If this parameter is ""true"", no objects will be imported. Instead, the import process will pre-process the import file and attempt to resolve references within imported objects. The import result file will contain messages pertaining to how specific references were resolved, any errors associated with the preprocessing, and messages indicating which objects would be imported. (optional) (default to $false)
$Options = @""@
# Initiates configuration objects import job
try {
Import-V2025SpConfig -Data $Data
# Below is a request that includes all optional parameters
# Import-V2025SpConfig -Data $Data -Preview $Preview -Options $Options
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Import-V2025SpConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-sp-config-objects
Get a list of object configurations that the tenant export/import service knows.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-sp-config-objects)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SpConfigObject[]**](../models/sp-config-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Object configurations returned successfully. | SpConfigObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Config Objects
try {
Get-V2025SpConfigObjects
# Below is a request that includes all optional parameters
# Get-V2025SpConfigObjects
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SpConfigObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

384
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SavedSearchApi.md Normal file
View File

@@ -0,0 +1,384 @@
---
id: v2025-saved-search
title: SavedSearch
pagination_label: SavedSearch
sidebar_label: SavedSearch
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SavedSearch', 'V2025SavedSearch']
slug: /tools/sdk/powershell/v2025/methods/saved-search
tags: ['SDK', 'Software Development Kit', 'SavedSearch', 'V2025SavedSearch']
---
# SavedSearch
Use this API to implement saved search functionality.
With saved search functionality in place, users can save search queries and then view those saved searches, as well as rerun them.
Search queries in Identity Security Cloud can grow very long and specific, which can make reconstructing them difficult or tedious, so it can be especially helpful to save search queries.
It also opens the possibility to configure Identity Security Cloud to run the saved queries on a schedule, which is essential to detecting user information and access changes throughout an organization&#39;s tenant and across all its sources.
Refer to [Scheduled Search](https://developer.sailpoint.com/docs/api/v2025/scheduled-search/) for more information about running saved searches on a schedule.
In Identity Security Cloud, users can save searches under a name, and then they can access that saved search and run it again when they want.
Refer to [Managing Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html) for more information about saving searches and using them.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025SavedSearch**](#create-saved-search) | **POST** `/saved-searches` | Create a saved search
[**Remove-V2025SavedSearch**](#delete-saved-search) | **DELETE** `/saved-searches/{id}` | Delete document by ID
[**Invoke-V2025ExecuteSavedSearch**](#execute-saved-search) | **POST** `/saved-searches/{id}/execute` | Execute a saved search by ID
[**Get-V2025SavedSearch**](#get-saved-search) | **GET** `/saved-searches/{id}` | Return saved search by ID
[**Get-V2025SavedSearches**](#list-saved-searches) | **GET** `/saved-searches` | A list of Saved Searches
[**Send-V2025SavedSearch**](#put-saved-search) | **PUT** `/saved-searches/{id}` | Updates an existing saved search
## create-saved-search
Creates a new saved search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-saved-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateSavedSearchRequest | [**CreateSavedSearchRequest**](../models/create-saved-search-request) | True | The saved search to persist.
### Return type
[**SavedSearch**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | The persisted saved search. | SavedSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateSavedSearchRequest = @""@
# Create a saved search
try {
$Result = ConvertFrom-JsonToCreateSavedSearchRequest -Json $CreateSavedSearchRequest
New-V2025SavedSearch -CreateSavedSearchRequest $Result
# Below is a request that includes all optional parameters
# New-V2025SavedSearch -CreateSavedSearchRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-saved-search
Deletes the specified saved search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-saved-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No Content - Indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Delete document by ID
try {
Remove-V2025SavedSearch -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025SavedSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## execute-saved-search
Executes the specified saved search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/execute-saved-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | SearchArguments | [**SearchArguments**](../models/search-arguments) | True | When saved search execution is triggered by a scheduled search, *scheduleId* will specify the ID of the triggering scheduled search. If *scheduleId* is not specified (when execution is triggered by a UI test), the *owner* and *recipients* arguments must be provided.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$SearchArguments = @"{
"owner" : "",
"recipients" : [ {
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}, {
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
} ],
"scheduleId" : "7a724640-0c17-4ce9-a8c3-4a89738459c8"
}"@
# Execute a saved search by ID
try {
$Result = ConvertFrom-JsonToSearchArguments -Json $SearchArguments
Invoke-V2025ExecuteSavedSearch -Id $Id -SearchArguments $Result
# Below is a request that includes all optional parameters
# Invoke-V2025ExecuteSavedSearch -Id $Id -SearchArguments $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025ExecuteSavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-saved-search
Returns the specified saved search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-saved-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
[**SavedSearch**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested saved search. | SavedSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Return saved search by ID
try {
Get-V2025SavedSearch -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025SavedSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-saved-searches
Returns a list of saved searches.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-saved-searches)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq*
### Return type
[**SavedSearch[]**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of requested saved searches. | SavedSearch[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'owner.id eq "7a724640-0c17-4ce9-a8c3-4a89738459c8"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq* (optional)
# A list of Saved Searches
try {
Get-V2025SavedSearches
# Below is a request that includes all optional parameters
# Get-V2025SavedSearches -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SavedSearches"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-saved-search
Updates an existing saved search.
>**NOTE: You cannot update the `owner` of the saved search.**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-saved-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | SavedSearch | [**SavedSearch**](../models/saved-search) | True | The saved search to persist.
### Return type
[**SavedSearch**](../models/saved-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The persisted saved search. | SavedSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$SavedSearch = @"{
"owner" : {
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"created" : "2018-06-25T20:22:28.104Z",
"columns" : {
"identity" : [ {
"field" : "displayName",
"header" : "Display Name"
}, {
"field" : "e-mail",
"header" : "Work Email"
} ]
},
"query" : "@accounts(disabled:true)",
"description" : "Disabled accounts",
"orderBy" : {
"identity" : [ "lastName", "firstName" ],
"role" : [ "name" ]
},
"sort" : [ "displayName" ],
"filters" : {
"terms" : [ "account_count", "account_count" ],
"range" : {
"lower" : {
"inclusive" : false,
"value" : "1"
},
"upper" : {
"inclusive" : false,
"value" : "1"
}
},
"exclude" : false,
"type" : "RANGE"
},
"ownerId" : "2c91808568c529c60168cca6f90c1313",
"indices" : [ "identities" ],
"public" : false,
"name" : "Disabled accounts",
"modified" : "2018-06-25T20:22:28.104Z",
"id" : "0de46054-fe90-434a-b84e-c6b3359d0c64",
"fields" : [ "disabled" ]
}"@
# Updates an existing saved search
try {
$Result = ConvertFrom-JsonToSavedSearch -Json $SavedSearch
Send-V2025SavedSearch -Id $Id -SavedSearch $Result
# Below is a request that includes all optional parameters
# Send-V2025SavedSearch -Id $Id -SavedSearch $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025SavedSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

436
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ScheduledSearchApi.md Normal file
View File

@@ -0,0 +1,436 @@
---
id: v2025-scheduled-search
title: ScheduledSearch
pagination_label: ScheduledSearch
sidebar_label: ScheduledSearch
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ScheduledSearch', 'V2025ScheduledSearch']
slug: /tools/sdk/powershell/v2025/methods/scheduled-search
tags: ['SDK', 'Software Development Kit', 'ScheduledSearch', 'V2025ScheduledSearch']
---
# ScheduledSearch
Use this API to implement scheduled search functionality.
With scheduled search functionality in place, users can run saved search queries on their tenants on a schedule, and Identity Security Cloud emails them the search results.
Users can also share these search results with other users by email by adding those users as subscribers, or those users can subscribe themselves.
One of the greatest benefits of saving searches is the ability to run those searches on a schedule.
This is essential for organizations to constantly detect any changes to user information or access throughout their tenants and across all their sources.
For example, the manager Amanda Ross can schedule a saved search &quot;manager.name:amanda.ross AND attributes.location:austin&quot; on a schedule to regularly stay aware of changes with the Austin employees reporting to her.
Identity Security Cloud emails her the search results when the search runs, so she can work on other tasks instead of actively running this search.
In Identity Security Cloud, scheduling a search involves a subscription.
Users can create a subscription for a saved search and schedule it to run daily, weekly, or monthly (you can only use one schedule option at a time).
The user can add other identities as subscribers so when the scheduled search runs, the subscribers and the user all receive emails.
By default, subscriptions exclude detailed results from the emails, for security purposes.
Including detailed results about user access in an email may expose sensitive information.
However, the subscription creator can choose to include the information in the emails.
By default, Identity Security Cloud sends emails to the subscribers even when the searches do not return new results.
However, the subscription creator can choose to suppress these empty emails.
Users can also subscribe to saved searches that already have existing subscriptions so they receive emails when the searches run.
A saved search can have up to 10 subscriptions configured at a time.
The subscription creator can enable, disable, or delete the subscription.
Refer to [Subscribing to Saved Searches](https://documentation.sailpoint.com/saas/help/search/saved-searches.html#subscribing-to-saved-searches) for more information about scheduling searches and subscribing to them.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ScheduledSearch**](#create-scheduled-search) | **POST** `/scheduled-searches` | Create a new scheduled search
[**Remove-V2025ScheduledSearch**](#delete-scheduled-search) | **DELETE** `/scheduled-searches/{id}` | Delete a Scheduled Search
[**Get-V2025ScheduledSearch**](#get-scheduled-search) | **GET** `/scheduled-searches/{id}` | Get a Scheduled Search
[**Get-V2025ScheduledSearch**](#list-scheduled-search) | **GET** `/scheduled-searches` | List scheduled searches
[**Invoke-V2025UnsubscribeScheduledSearch**](#unsubscribe-scheduled-search) | **POST** `/scheduled-searches/{id}/unsubscribe` | Unsubscribe a recipient from Scheduled Search
[**Update-V2025ScheduledSearch**](#update-scheduled-search) | **PUT** `/scheduled-searches/{id}` | Update an existing Scheduled Search
## create-scheduled-search
Creates a new scheduled search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-scheduled-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | CreateScheduledSearchRequest | [**CreateScheduledSearchRequest**](../models/create-scheduled-search-request) | True | The scheduled search to persist.
### Return type
[**ScheduledSearch**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | The persisted scheduled search. | ScheduledSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$CreateScheduledSearchRequest = @"{savedSearchId=9c620e13-cd33-4804-a13d-403bd7bcdbad, schedule={type=DAILY, hours={type=LIST, values=[9]}}, recipients=[{type=IDENTITY, id=2c9180867624cbd7017642d8c8c81f67}]}"@
# Create a new scheduled search
try {
$Result = ConvertFrom-JsonToCreateScheduledSearchRequest -Json $CreateScheduledSearchRequest
New-V2025ScheduledSearch -CreateScheduledSearchRequest $Result
# Below is a request that includes all optional parameters
# New-V2025ScheduledSearch -CreateScheduledSearchRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-scheduled-search
Deletes the specified scheduled search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-scheduled-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No Content - Indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Delete a Scheduled Search
try {
Remove-V2025ScheduledSearch -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ScheduledSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-scheduled-search
Returns the specified scheduled search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-scheduled-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
### Return type
[**ScheduledSearch**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested scheduled search. | ScheduledSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Get a Scheduled Search
try {
Get-V2025ScheduledSearch -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ScheduledSearch -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-scheduled-search
Returns a list of scheduled searches.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-scheduled-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq* **savedSearchId**: *eq*
### Return type
[**ScheduledSearch[]**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The list of requested scheduled searches. | ScheduledSearch[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'savedSearchId eq "6cc0945d-9eeb-4948-9033-72d066e1153e"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **owner.id**: *eq* **savedSearchId**: *eq* (optional)
# List scheduled searches
try {
Get-V2025ScheduledSearch
# Below is a request that includes all optional parameters
# Get-V2025ScheduledSearch -Offset $Offset -Limit $Limit -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## unsubscribe-scheduled-search
Unsubscribes a recipient from the specified scheduled search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/unsubscribe-scheduled-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | TypedReference | [**TypedReference**](../models/typed-reference) | True | The recipient to be removed from the scheduled search.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No Content - Indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$TypedReference = @"{
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}"@
# Unsubscribe a recipient from Scheduled Search
try {
$Result = ConvertFrom-JsonToTypedReference -Json $TypedReference
Invoke-V2025UnsubscribeScheduledSearch -Id $Id -TypedReference $Result
# Below is a request that includes all optional parameters
# Invoke-V2025UnsubscribeScheduledSearch -Id $Id -TypedReference $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2025UnsubscribeScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-scheduled-search
Updates an existing scheduled search.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-scheduled-search)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the requested document.
Body | ScheduledSearch | [**ScheduledSearch**](../models/scheduled-search) | True | The scheduled search to persist.
### Return type
[**ScheduledSearch**](../models/scheduled-search)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The persisted scheduled search. | ScheduledSearch
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
$ScheduledSearch = @"{
"owner" : {
"id" : "2c9180867624cbd7017642d8c8c81f67",
"type" : "IDENTITY"
},
"displayQueryDetails" : false,
"created" : "",
"description" : "Daily disabled accounts",
"ownerId" : "2c9180867624cbd7017642d8c8c81f67",
"enabled" : false,
"schedule" : {
"hours" : {
"accountMatchConfig" : {
"matchExpression" : {
"and" : true,
"matchTerms" : [ {
"name" : "",
"value" : "",
"container" : true,
"and" : false,
"children" : [ {
"name" : "businessCategory",
"value" : "Service",
"op" : "eq",
"container" : false,
"and" : false
} ]
} ]
}
},
"applicationId" : "2c91808874ff91550175097daaec161c\""
},
"months" : {
"accountMatchConfig" : {
"matchExpression" : {
"and" : true,
"matchTerms" : [ {
"name" : "",
"value" : "",
"container" : true,
"and" : false,
"children" : [ {
"name" : "businessCategory",
"value" : "Service",
"op" : "eq",
"container" : false,
"and" : false
} ]
} ]
}
},
"applicationId" : "2c91808874ff91550175097daaec161c\""
},
"timeZoneId" : "America/Chicago",
"days" : {
"accountMatchConfig" : {
"matchExpression" : {
"and" : true,
"matchTerms" : [ {
"name" : "",
"value" : "",
"container" : true,
"and" : false,
"children" : [ {
"name" : "businessCategory",
"value" : "Service",
"op" : "eq",
"container" : false,
"and" : false
} ]
} ]
}
},
"applicationId" : "2c91808874ff91550175097daaec161c\""
},
"expiration" : "2018-06-25T20:22:28.104Z",
"type" : "WEEKLY"
},
"recipients" : [ {
"id" : "2c9180867624cbd7017642d8c8c81f67",
"type" : "IDENTITY"
}, {
"id" : "2c9180867624cbd7017642d8c8c81f67",
"type" : "IDENTITY"
} ],
"savedSearchId" : "554f1511-f0a1-4744-ab14-599514d3e57c",
"name" : "Daily disabled accounts",
"modified" : "",
"id" : "0de46054-fe90-434a-b84e-c6b3359d0c64",
"emailEmptyResults" : false
}"@
# Update an existing Scheduled Search
try {
$Result = ConvertFrom-JsonToScheduledSearch -Json $ScheduledSearch
Update-V2025ScheduledSearch -Id $Id -ScheduledSearch $Result
# Below is a request that includes all optional parameters
# Update-V2025ScheduledSearch -Id $Id -ScheduledSearch $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ScheduledSearch"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

593
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SearchApi.md Normal file
View File

@@ -0,0 +1,593 @@
---
id: v2025-search
title: Search
pagination_label: Search
sidebar_label: Search
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Search', 'V2025Search']
slug: /tools/sdk/powershell/v2025/methods/search
tags: ['SDK', 'Software Development Kit', 'Search', 'V2025Search']
---
# Search
Use this API to implement search functionality.
With search functionality in place, users can search their tenants for nearly any information from throughout their organizations.
Identity Security Cloud enables organizations to store user data from across all their connected sources and manage the users&#39; access, so the ability to query and filter that data is essential.
Its search goes through all those sources and finds the results quickly and specifically.
The search query is flexible - it can be very broad or very narrow.
The search only returns results for searchable objects it is filtering for.
The following objects are searchable: identities, roles, access profiles, entitlements, events, and account activities.
By default, no filter is applied, so a search for &quot;Ad&quot; returns both the identity &quot;Adam.Archer&quot; as well as the role &quot;Administrator.&quot;
Users can further narrow their results by using Identity Security Cloud&#39;s specific syntax and punctuation to structure their queries.
For example, the query &quot;attributes.location:austin AND NOT manager.name:amanda.ross&quot; returns all results associated with the Austin location, but it excludes those associated with the manager Amanda Ross.
Refer to [Building a Search Query](https://documentation.sailpoint.com/saas/help/search/building-query.html) for more information about how to construct specific search queries.
Refer to [Using Search](https://documentation.sailpoint.com/saas/help/search/index.html) for more information about Identity Security Cloud&#39;s search and its different possibilities.
The search feature uses Elasticsearch as a datastore and query engine.
The power of Elasticsearch makes this feature suitable for ad-hoc reporting.
However, data from the operational databases (ex. identities, roles, events, etc) has to be ingested into Elasticsearch.
This ingestion process introduces a latency from when the operational data is created to when it is available in search.
Depending on the system load, this can take a few seconds to a few minutes.
Please keep this latency in mind when you use search.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Search-V2025Aggregate**](#search-aggregate) | **POST** `/search/aggregate` | Perform a Search Query Aggregation
[**Search-V2025Count**](#search-count) | **POST** `/search/count` | Count Documents Satisfying a Query
[**Search-V2025Get**](#search-get) | **GET** `/search/{index}/{id}` | Get a Document by ID
[**Search-V2025Post**](#search-post) | **POST** `/search` | Perform Search
## search-aggregate
Performs a search query aggregation and returns the aggregation result. By default, you can page a maximum of 10,000 search result records. To page past 10,000 records, you can use searchAfter paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement searchAfter paging.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/search-aggregate)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Search | [**Search**](../models/search) | True |
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**AggregationResult**](../models/aggregation-result)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Aggregation results. | AggregationResult
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json, text/csv
### Example
```powershell
$Search = @"{
"queryDsl" : {
"match" : {
"name" : "john.doe"
}
},
"aggregationType" : "DSL",
"aggregationsVersion" : "",
"query" : {
"query" : "name:a*",
"timeZone" : "America/Chicago",
"fields" : "[firstName,lastName,email]",
"innerHit" : {
"query" : "source.name:\\\"Active Directory\\\"",
"type" : "access"
}
},
"aggregationsDsl" : { },
"sort" : [ "displayName", "+id" ],
"filters" : { },
"queryVersion" : "",
"queryType" : "SAILPOINT",
"includeNested" : true,
"queryResultFilter" : {
"excludes" : [ "stacktrace" ],
"includes" : [ "name", "displayName" ]
},
"indices" : [ "identities" ],
"typeAheadQuery" : {
"field" : "source.name",
"size" : 100,
"query" : "Work",
"sortByValue" : true,
"nestedType" : "access",
"sort" : "asc",
"maxExpansions" : 10
},
"textQuery" : {
"contains" : true,
"terms" : [ "The quick brown fox", "3141592", "7" ],
"matchAny" : false,
"fields" : [ "displayName", "employeeNumber", "roleCount" ]
},
"searchAfter" : [ "John Doe", "2c91808375d8e80a0175e1f88a575221" ],
"aggregations" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
}
}"@
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Perform a Search Query Aggregation
try {
$Result = ConvertFrom-JsonToSearch -Json $Search
Search-V2025Aggregate -Search $Result
# Below is a request that includes all optional parameters
# Search-V2025Aggregate -Search $Result -Offset $Offset -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-V2025Aggregate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## search-count
Performs a search with a provided query and returns the count of results in the X-Total-Count header.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/search-count)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Search | [**Search**](../models/search) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Search = @"{
"queryDsl" : {
"match" : {
"name" : "john.doe"
}
},
"aggregationType" : "DSL",
"aggregationsVersion" : "",
"query" : {
"query" : "name:a*",
"timeZone" : "America/Chicago",
"fields" : "[firstName,lastName,email]",
"innerHit" : {
"query" : "source.name:\\\"Active Directory\\\"",
"type" : "access"
}
},
"aggregationsDsl" : { },
"sort" : [ "displayName", "+id" ],
"filters" : { },
"queryVersion" : "",
"queryType" : "SAILPOINT",
"includeNested" : true,
"queryResultFilter" : {
"excludes" : [ "stacktrace" ],
"includes" : [ "name", "displayName" ]
},
"indices" : [ "identities" ],
"typeAheadQuery" : {
"field" : "source.name",
"size" : 100,
"query" : "Work",
"sortByValue" : true,
"nestedType" : "access",
"sort" : "asc",
"maxExpansions" : 10
},
"textQuery" : {
"contains" : true,
"terms" : [ "The quick brown fox", "3141592", "7" ],
"matchAny" : false,
"fields" : [ "displayName", "employeeNumber", "roleCount" ]
},
"searchAfter" : [ "John Doe", "2c91808375d8e80a0175e1f88a575221" ],
"aggregations" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
}
}"@
# Count Documents Satisfying a Query
try {
$Result = ConvertFrom-JsonToSearch -Json $Search
Search-V2025Count -Search $Result
# Below is a request that includes all optional parameters
# Search-V2025Count -Search $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-V2025Count"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## search-get
Fetches a single document from the specified index, using the specified document ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/search-get)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Index | **String** | True | The index from which to fetch the specified document. The currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*.
Path | Id | **String** | True | ID of the requested document.
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | The requested document. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Index = "accessprofiles" # String | The index from which to fetch the specified document. The currently supported index names are: *accessprofiles*, *accountactivities*, *entitlements*, *events*, *identities*, and *roles*.
$Id = "2c91808568c529c60168cca6f90c1313" # String | ID of the requested document.
# Get a Document by ID
try {
Search-V2025Get -Index $Index -Id $Id
# Below is a request that includes all optional parameters
# Search-V2025Get -Index $Index -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-V2025Get"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## search-post
Perform a search with the provided query and return a matching result collection. To page past 10,000 records, you can use `searchAfter` paging. Refer to [Paginating Search Queries](https://developer.sailpoint.com/idn/api/standard-collection-parameters#paginating-search-queries) for more information about how to implement `searchAfter` paging.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/search-post)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Search | [**Search**](../models/search) | True |
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**SystemCollectionsHashtable[]**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of matching documents. | SystemCollectionsHashtable[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Search = @"{
"queryDsl" : {
"match" : {
"name" : "john.doe"
}
},
"aggregationType" : "DSL",
"aggregationsVersion" : "",
"query" : {
"query" : "name:a*",
"timeZone" : "America/Chicago",
"fields" : "[firstName,lastName,email]",
"innerHit" : {
"query" : "source.name:\\\"Active Directory\\\"",
"type" : "access"
}
},
"aggregationsDsl" : { },
"sort" : [ "displayName", "+id" ],
"filters" : { },
"queryVersion" : "",
"queryType" : "SAILPOINT",
"includeNested" : true,
"queryResultFilter" : {
"excludes" : [ "stacktrace" ],
"includes" : [ "name", "displayName" ]
},
"indices" : [ "identities" ],
"typeAheadQuery" : {
"field" : "source.name",
"size" : 100,
"query" : "Work",
"sortByValue" : true,
"nestedType" : "access",
"sort" : "asc",
"maxExpansions" : 10
},
"textQuery" : {
"contains" : true,
"terms" : [ "The quick brown fox", "3141592", "7" ],
"matchAny" : false,
"fields" : [ "displayName", "employeeNumber", "roleCount" ]
},
"searchAfter" : [ "John Doe", "2c91808375d8e80a0175e1f88a575221" ],
"aggregations" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"subAggregation" : {
"filter" : {
"field" : "access.type",
"name" : "Entitlements",
"type" : "TERM",
"value" : "ENTITLEMENT"
},
"bucket" : {
"field" : "attributes.city",
"size" : 100,
"minDocCount" : 2,
"name" : "Identity Locations",
"type" : "TERMS"
},
"metric" : {
"field" : "@access.name",
"name" : "Access Name Count",
"type" : "COUNT"
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
},
"nested" : {
"name" : "id",
"type" : "access"
}
}
}"@
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 10000 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Perform Search
try {
$Result = ConvertFrom-JsonToSearch -Json $Search
Search-V2025Post -Search $Result
# Below is a request that includes all optional parameters
# Search-V2025Post -Search $Result -Offset $Offset -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Search-V2025Post"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

317
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SearchAttributeConfigurationApi.md Normal file
View File

@@ -0,0 +1,317 @@
---
id: v2025-search-attribute-configuration
title: SearchAttributeConfiguration
pagination_label: SearchAttributeConfiguration
sidebar_label: SearchAttributeConfiguration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SearchAttributeConfiguration', 'V2025SearchAttributeConfiguration']
slug: /tools/sdk/powershell/v2025/methods/search-attribute-configuration
tags: ['SDK', 'Software Development Kit', 'SearchAttributeConfiguration', 'V2025SearchAttributeConfiguration']
---
# SearchAttributeConfiguration
Use this API to implement search attribute configuration functionality, along with [Search](https://developer.sailpoint.com/docs/api/v2025/search).
With this functionality in place, administrators can create custom search attributes that and run extended searches based on those attributes to further narrow down their searches and get the information and insights they want.
Identity Security Cloud (ISC) enables organizations to store user data from across all their connected sources and manage the users&#39; access, so the ability to query and filter that data is essential.
Its search goes through all those sources and finds the results quickly and specifically.
The search query is flexible - it can be very broad or very narrow.
The search only returns results for searchable objects it is filtering for.
The following objects are searchable: identities, roles, access profiles, entitlements, events, and account activities.
By default, no filter is applied, so a search for &quot;Ad&quot; returns both the identity &quot;Adam.Archer&quot; as well as the role &quot;Administrator.&quot;
Users can further narrow their results by using ISC&#39;s specific syntax and punctuation to structure their queries.
For example, the query &quot;attributes.location:austin AND NOT manager.name:amanda.ross&quot; returns all results associated with the Austin location, but it excludes those associated with the manager Amanda Ross.
Refer to [Building a Search Query](https://documentation.sailpoint.com/saas/help/search/building-query.html) for more information about how to construct specific search queries.
Refer to [Using Search](https://documentation.sailpoint.com/saas/help/search/index.html) for more information about ISC&#39;s search and its different possibilities.
With Search Attribute Configuration, administrators can create, manage, and run searches based on the attributes they want to search.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025SearchAttributeConfig**](#create-search-attribute-config) | **POST** `/accounts/search-attribute-config` | Create Extended Search Attributes
[**Remove-V2025SearchAttributeConfig**](#delete-search-attribute-config) | **DELETE** `/accounts/search-attribute-config/{name}` | Delete Extended Search Attribute
[**Get-V2025SearchAttributeConfig**](#get-search-attribute-config) | **GET** `/accounts/search-attribute-config` | List Extended Search Attributes
[**Get-V2025SingleSearchAttributeConfig**](#get-single-search-attribute-config) | **GET** `/accounts/search-attribute-config/{name}` | Get Extended Search Attribute
[**Update-V2025SearchAttributeConfig**](#patch-search-attribute-config) | **PATCH** `/accounts/search-attribute-config/{name}` | Update Extended Search Attribute
## create-search-attribute-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Create and configure extended search attributes. This API accepts an attribute name, an attribute display name and a list of name/value pair associates of application IDs to attribute names. It will then validate the inputs and configure/create the attribute promotion configuration in the Link ObjectConfig.
>**Note: Give searchable attributes unique names. Do not give them the same names used for account attributes or source attributes. Also, do not give them the same names present in account schema for a current or future source, regardless of whether that source is included in the searchable attributes' `applicationAttributes`.**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-search-attribute-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SearchAttributeConfig | [**SearchAttributeConfig**](../models/search-attribute-config) | True |
### Return type
[**SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SearchAttributeConfig = @"{
"displayName" : "New Mail Attribute",
"name" : "newMailAttribute",
"applicationAttributes" : {
"2c91808b79fd2422017a0b35d30f3968" : "employeeNumber",
"2c91808b79fd2422017a0b36008f396b" : "employeeNumber"
}
}"@
# Create Extended Search Attributes
try {
$Result = ConvertFrom-JsonToSearchAttributeConfig -Json $SearchAttributeConfig
New-V2025SearchAttributeConfig -XSailPointExperimental $XSailPointExperimental -SearchAttributeConfig $Result
# Below is a request that includes all optional parameters
# New-V2025SearchAttributeConfig -XSailPointExperimental $XSailPointExperimental -SearchAttributeConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-search-attribute-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Delete an extended attribute configuration by name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-search-attribute-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | Name of the extended search attribute configuration to delete.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "newMailAttribute" # String | Name of the extended search attribute configuration to delete.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete Extended Search Attribute
try {
Remove-V2025SearchAttributeConfig -Name $Name -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025SearchAttributeConfig -Name $Name -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-search-attribute-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get a list of attribute/application attributes currently configured in Identity Security Cloud (ISC).
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-search-attribute-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**SearchAttributeConfig[]**](../models/search-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of attribute configurations in ISC. | SearchAttributeConfig[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List Extended Search Attributes
try {
Get-V2025SearchAttributeConfig -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025SearchAttributeConfig -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-single-search-attribute-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get an extended attribute configuration by name.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-single-search-attribute-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | Name of the extended search attribute configuration to get.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**SearchAttributeConfig**](../models/search-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Specific attribute configuration in IdentityNow. | SearchAttributeConfig
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Name = "newMailAttribute" # String | Name of the extended search attribute configuration to get.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Extended Search Attribute
try {
Get-V2025SingleSearchAttributeConfig -Name $Name -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025SingleSearchAttributeConfig -Name $Name -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SingleSearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-search-attribute-config
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Update an existing search attribute configuration.
You can patch these fields:
* name * displayName * applicationAttributes
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-search-attribute-config)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Name | **String** | True | Name of the search attribute configuration to patch.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
[**SearchAttributeConfig**](../models/search-attribute-config)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the search attribute configuration as updated. | SearchAttributeConfig
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Name = "promotedMailAttribute" # String | Name of the search attribute configuration to patch.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] |
# Update Extended Search Attribute
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025SearchAttributeConfig -Name $Name -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025SearchAttributeConfig -Name $Name -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025SearchAttributeConfig"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

306
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SegmentsApi.md Normal file
View File

@@ -0,0 +1,306 @@
---
id: v2025-segments
title: Segments
pagination_label: Segments
sidebar_label: Segments
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Segments', 'V2025Segments']
slug: /tools/sdk/powershell/v2025/methods/segments
tags: ['SDK', 'Software Development Kit', 'Segments', 'V2025Segments']
---
# Segments
Use this API to implement and customize access request segment functionality.
With this functionality in place, administrators can create and manage access request segments.
Segments provide organizations with a way to make the access their users have even more granular - this can simply the access request process for the organization&#39;s users and improves security by reducing the risk of overprovisoning access.
Segments represent sets of identities, all grouped by specified identity attributes, who are only able to see and access the access items associated with their segments.
For example, administrators could group all their organization&#39;s London office employees into one segment, &quot;London Office Employees,&quot; by their shared location.
The administrators could then define the access items the London employees would need, and the identities in the &quot;London Office Employees&quot; would then only be able to see and access those items.
In Identity Security Cloud, administrators can use the &#39;Access&#39; drop-down menu and select &#39;Segments&#39; to reach the &#39;Access Requests Segments&#39; page.
This page lists all the existing access request segments, along with their statuses, enabled or disabled.
Administrators can use this page to create, edit, enable, disable, and delete segments.
To create a segment, an administrator must provide a name, define the identities grouped in the segment, and define the items the identities in the segment can access.
These items can be access profiles, roles, or entitlements.
When administrators use the API to create and manage segments, they use a JSON expression in the &#x60;visibilityCriteria&#x60; object to define the segment&#39;s identities and access items.
Refer to [Managing Access Request Segments](https://documentation.sailpoint.com/saas/help/requests/segments.html) for more information about segments in Identity Security Cloud.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025Segment**](#create-segment) | **POST** `/segments` | Create Segment
[**Remove-V2025Segment**](#delete-segment) | **DELETE** `/segments/{id}` | Delete Segment by ID
[**Get-V2025Segment**](#get-segment) | **GET** `/segments/{id}` | Get Segment by ID
[**Get-V2025Segments**](#list-segments) | **GET** `/segments` | List Segments
[**Update-V2025Segment**](#patch-segment) | **PATCH** `/segments/{id}` | Update Segment
## create-segment
This API creates a segment.
>**Note:** Segment definitions may take time to propagate to all identities.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Segment | [**Segment**](../models/segment) | True |
### Return type
[**Segment**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Segment created | Segment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Segment = @"{
"owner" : {
"name" : "support",
"id" : "2c9180a46faadee4016fb4e018c20639",
"type" : "IDENTITY"
},
"created" : "2020-01-01T00:00:00Z",
"visibilityCriteria" : {
"expression" : {
"children" : [ ],
"attribute" : "location",
"value" : {
"type" : "STRING",
"value" : "Austin"
},
"operator" : "EQUALS"
}
},
"name" : "segment-xyz",
"modified" : "2020-01-01T00:00:00Z",
"description" : "This segment represents xyz",
"active" : true,
"id" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde"
}"@
# Create Segment
try {
$Result = ConvertFrom-JsonToSegment -Json $Segment
New-V2025Segment -Segment $Result
# Below is a request that includes all optional parameters
# New-V2025Segment -Segment $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-segment
This API deletes the segment specified by the given ID.
>**Note:** that segment deletion may take some time to become effective.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to delete.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The segment ID to delete.
# Delete Segment by ID
try {
Remove-V2025Segment -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025Segment -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-segment
This API returns the segment specified by the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to retrieve.
### Return type
[**Segment**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Segment | Segment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The segment ID to retrieve.
# Get Segment by ID
try {
Get-V2025Segment -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025Segment -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-segments
This API returns a list of all segments.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-segments)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**Segment[]**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all segments | Segment[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List Segments
try {
Get-V2025Segments
# Below is a request that includes all optional parameters
# Get-V2025Segments -Limit $Limit -Offset $Offset -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Segments"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-segment
Use this API to update segment fields by using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
>**Note:** Changes to a segment may take some time to propagate to all identities.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-segment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The segment ID to modify.
Body | RequestBody | [**[]SystemCollectionsHashtable**](https://learn.microsoft.com/en-us/dotnet/api/system.collections.hashtable?view=net-9.0) | True | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * owner * visibilityCriteria * active
### Return type
[**Segment**](../models/segment)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the PATCH operation succeeded, and returns the segment&#39;s new representation. | Segment
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The segment ID to modify.
$RequestBody = # SystemCollectionsHashtable[] | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * owner * visibilityCriteria * active
$RequestBody = @"[{op=replace, path=/visibilityCriteria, value={expression={operator=AND, children=[{operator=EQUALS, attribute=location, value={type=STRING, value=Philadelphia}}, {operator=EQUALS, attribute=department, value={type=STRING, value=HR}}]}}}]"@ # SystemCollectionsHashtable[] | A list of segment update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * owner * visibilityCriteria * active
# Update Segment
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-V2025Segment -Id $Id -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-V2025Segment -Id $Id -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Segment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

595
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025ServiceDeskIntegrationApi.md Normal file
View File

@@ -0,0 +1,595 @@
---
id: v2025-service-desk-integration
title: ServiceDeskIntegration
pagination_label: ServiceDeskIntegration
sidebar_label: ServiceDeskIntegration
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'ServiceDeskIntegration', 'V2025ServiceDeskIntegration']
slug: /tools/sdk/powershell/v2025/methods/service-desk-integration
tags: ['SDK', 'Software Development Kit', 'ServiceDeskIntegration', 'V2025ServiceDeskIntegration']
---
# ServiceDeskIntegration
Use this API to build an integration between Identity Security Cloud and a service desk ITSM (IT service management) solution.
Once an administrator builds this integration between Identity Security Cloud and a service desk, users can use Identity Security Cloud to raise and track tickets that are synchronized between Identity Security Cloud and the service desk.
In Identity Security Cloud, administrators can create a service desk integration (sometimes also called an SDIM, or Service Desk Integration Module) by going to Admin &gt; Connections &gt; Service Desk and selecting &#39;Create.&#39;
To create a Generic Service Desk integration, for example, administrators must provide the required information on the General Settings page, the Connectivity and Authentication information, Ticket Creation information, Status Mapping information, and Requester Source information on the Configure page.
Refer to [Integrating SailPoint with Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html) for more information about the process of setting up a Generic Service Desk in Identity Security Cloud.
Administrators can create various service desk integrations, all with their own nuances.
The following service desk integrations are available:
- [Atlassian Cloud Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_cloud/help/integrating_jira_cloud_sd/introduction.html)
- [Atlassian Server Jira Service Management](https://documentation.sailpoint.com/connectors/atlassian/jira_server/help/integrating_jira_server_sd/introduction.html)
- [BMC Helix ITSM Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_ITSM_sd/help/integrating_bmc_helix_itsm_sd/intro.html)
- [BMC Helix Remedyforce Service Desk](https://documentation.sailpoint.com/connectors/bmc/helix_remedyforce_sd/help/integrating_bmc_helix_remedyforce_sd/intro.html)
- [Generic Service Desk](https://documentation.sailpoint.com/connectors/generic_sd/help/integrating_generic_service_desk/intro.html)
- [ServiceNow Service Desk](https://documentation.sailpoint.com/connectors/servicenow/sdim/help/integrating_servicenow_sdim/intro.html)
- [Zendesk Service Desk](https://documentation.sailpoint.com/connectors/zendesk/help/integrating_zendesk_sd/introduction.html)
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025ServiceDeskIntegration**](#create-service-desk-integration) | **POST** `/service-desk-integrations` | Create new Service Desk integration
[**Remove-V2025ServiceDeskIntegration**](#delete-service-desk-integration) | **DELETE** `/service-desk-integrations/{id}` | Delete a Service Desk integration
[**Get-V2025ServiceDeskIntegration**](#get-service-desk-integration) | **GET** `/service-desk-integrations/{id}` | Get a Service Desk integration
[**Get-V2025ServiceDeskIntegrationTemplate**](#get-service-desk-integration-template) | **GET** `/service-desk-integrations/templates/{scriptName}` | Service Desk integration template by scriptName
[**Get-V2025ServiceDeskIntegrationTypes**](#get-service-desk-integration-types) | **GET** `/service-desk-integrations/types` | List Service Desk integration types
[**Get-V2025ServiceDeskIntegrations**](#get-service-desk-integrations) | **GET** `/service-desk-integrations` | List existing Service Desk integrations
[**Get-V2025StatusCheckDetails**](#get-status-check-details) | **GET** `/service-desk-integrations/status-check-configuration` | Get the time check configuration
[**Update-V2025ServiceDeskIntegration**](#patch-service-desk-integration) | **PATCH** `/service-desk-integrations/{id}` | Patch a Service Desk Integration
[**Send-V2025ServiceDeskIntegration**](#put-service-desk-integration) | **PUT** `/service-desk-integrations/{id}` | Update a Service Desk integration
[**Update-V2025StatusCheckDetails**](#update-status-check-details) | **PUT** `/service-desk-integrations/status-check-configuration` | Update the time check configuration
## create-service-desk-integration
Create a new Service Desk integration.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-service-desk-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | ServiceDeskIntegrationDto | [**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto) | True | The specifics of a new integration to create
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Details of the created integration | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$ServiceDeskIntegrationDto = @"{
"ownerRef" : "",
"cluster" : "xyzzy999",
"created" : "2024-01-17T18:45:25.994Z",
"description" : "A very nice Service Desk integration",
"clusterRef" : "",
"type" : "ServiceNowSDIM",
"managedSources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"provisioningConfig" : {
"managedResourceRefs" : [ {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb051111",
"name" : "My Source 1"
}, {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb052222",
"name" : "My Source 2"
} ],
"provisioningRequestExpiration" : 7,
"noProvisioningRequests" : true,
"universalManager" : true,
"planInitializerScript" : {
"source" : "<?xml version='1.0' encoding='UTF-8'?>\\r\\n<!DOCTYPE Rule PUBLIC \\\"sailpoint.dtd\\\" \\\"sailpoint.dtd\\\">\\r\\n<Rule name=\\\"Example Rule\\\" type=\\\"BeforeProvisioning\\\">\\r\\n <Description>Before Provisioning Rule which changes disables and enables to a modify.</Description>\\r\\n <Source><![CDATA[\\r\\nimport sailpoint.object.*;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest.Operation;\\r\\nimport sailpoint.object.ProvisioningPlan.AttributeRequest;\\r\\nimport sailpoint.object.ProvisioningPlan;\\r\\nimport sailpoint.object.ProvisioningPlan.Operation;\\r\\n\\r\\nfor ( AccountRequest accountRequest : plan.getAccountRequests() ) {\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Disable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Enable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n}\\r\\n\\r\\n ]]></Source>\n"
}
},
"name" : "Service Desk Integration Name",
"modified" : "2024-02-18T18:45:25.994Z",
"attributes" : {
"property" : "value",
"key" : "value"
},
"id" : "62945a496ef440189b1f03e3623411c8",
"beforeProvisioningRule" : ""
}"@
# Create new Service Desk integration
try {
$Result = ConvertFrom-JsonToServiceDeskIntegrationDto -Json $ServiceDeskIntegrationDto
New-V2025ServiceDeskIntegration -ServiceDeskIntegrationDto $Result
# Below is a request that includes all optional parameters
# New-V2025ServiceDeskIntegration -ServiceDeskIntegrationDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-service-desk-integration
Delete an existing Service Desk integration by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-service-desk-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of Service Desk integration to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | Service Desk integration with the given ID successfully deleted |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of Service Desk integration to delete
# Delete a Service Desk integration
try {
Remove-V2025ServiceDeskIntegration -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025ServiceDeskIntegration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integration
Get an existing Service Desk integration by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-service-desk-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to get
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | ServiceDeskIntegrationDto with the given ID | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to get
# Get a Service Desk integration
try {
Get-V2025ServiceDeskIntegration -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025ServiceDeskIntegration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integration-template
This API endpoint returns an existing Service Desk integration template by scriptName.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-service-desk-integration-template)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | ScriptName | **String** | True | The scriptName value of the Service Desk integration template to get
### Return type
[**ServiceDeskIntegrationTemplateDto**](../models/service-desk-integration-template-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with the ServiceDeskIntegrationTemplateDto with the specified scriptName. | ServiceDeskIntegrationTemplateDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ScriptName = "aScriptName" # String | The scriptName value of the Service Desk integration template to get
# Service Desk integration template by scriptName
try {
Get-V2025ServiceDeskIntegrationTemplate -ScriptName $ScriptName
# Below is a request that includes all optional parameters
# Get-V2025ServiceDeskIntegrationTemplate -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ServiceDeskIntegrationTemplate"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integration-types
This API endpoint returns the current list of supported Service Desk integration types.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-service-desk-integration-types)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ServiceDeskIntegrationTemplateType[]**](../models/service-desk-integration-template-type)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with an array of the currently supported Service Desk integration types. | ServiceDeskIntegrationTemplateType[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Service Desk integration types
try {
Get-V2025ServiceDeskIntegrationTypes
# Below is a request that includes all optional parameters
# Get-V2025ServiceDeskIntegrationTypes
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ServiceDeskIntegrationTypes"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-service-desk-integrations
Get a list of Service Desk integration objects.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-service-desk-integrations)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name**
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq* **type**: *eq, in* **cluster**: *eq, in*
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**ServiceDeskIntegrationDto[]**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of ServiceDeskIntegrationDto | ServiceDeskIntegrationDto[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
$Filters = 'name eq "John Doe"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq* **type**: *eq, in* **cluster**: *eq, in* (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# List existing Service Desk integrations
try {
Get-V2025ServiceDeskIntegrations
# Below is a request that includes all optional parameters
# Get-V2025ServiceDeskIntegrations -Offset $Offset -Limit $Limit -Sorters $Sorters -Filters $Filters -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025ServiceDeskIntegrations"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-status-check-details
Get the time check configuration of queued SDIM tickets.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-status-check-details)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**QueuedCheckConfigDetails**](../models/queued-check-config-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | QueuedCheckConfigDetails containing the configured values | QueuedCheckConfigDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get the time check configuration
try {
Get-V2025StatusCheckDetails
# Below is a request that includes all optional parameters
# Get-V2025StatusCheckDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025StatusCheckDetails"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-service-desk-integration
Update an existing Service Desk integration by ID with a PATCH request.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-service-desk-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to update
Body | PatchServiceDeskIntegrationRequest | [**PatchServiceDeskIntegrationRequest**](../models/patch-service-desk-integration-request) | True | A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Only `replace` operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed.
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | ServiceDeskIntegrationDto as updated | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to update
$PatchServiceDeskIntegrationRequest = @""@
# Patch a Service Desk Integration
try {
$Result = ConvertFrom-JsonToPatchServiceDeskIntegrationRequest -Json $PatchServiceDeskIntegrationRequest
Update-V2025ServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
# Below is a request that includes all optional parameters
# Update-V2025ServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-service-desk-integration
Update an existing Service Desk integration by ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-service-desk-integration)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Service Desk integration to update
Body | ServiceDeskIntegrationDto | [**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto) | True | The specifics of the integration to update
### Return type
[**ServiceDeskIntegrationDto**](../models/service-desk-integration-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | ServiceDeskIntegrationDto as updated | ServiceDeskIntegrationDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "anId" # String | ID of the Service Desk integration to update
$ServiceDeskIntegrationDto = @"{
"ownerRef" : "",
"cluster" : "xyzzy999",
"created" : "2024-01-17T18:45:25.994Z",
"description" : "A very nice Service Desk integration",
"clusterRef" : "",
"type" : "ServiceNowSDIM",
"managedSources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"provisioningConfig" : {
"managedResourceRefs" : [ {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb051111",
"name" : "My Source 1"
}, {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb052222",
"name" : "My Source 2"
} ],
"provisioningRequestExpiration" : 7,
"noProvisioningRequests" : true,
"universalManager" : true,
"planInitializerScript" : {
"source" : "<?xml version='1.0' encoding='UTF-8'?>\\r\\n<!DOCTYPE Rule PUBLIC \\\"sailpoint.dtd\\\" \\\"sailpoint.dtd\\\">\\r\\n<Rule name=\\\"Example Rule\\\" type=\\\"BeforeProvisioning\\\">\\r\\n <Description>Before Provisioning Rule which changes disables and enables to a modify.</Description>\\r\\n <Source><![CDATA[\\r\\nimport sailpoint.object.*;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest.Operation;\\r\\nimport sailpoint.object.ProvisioningPlan.AttributeRequest;\\r\\nimport sailpoint.object.ProvisioningPlan;\\r\\nimport sailpoint.object.ProvisioningPlan.Operation;\\r\\n\\r\\nfor ( AccountRequest accountRequest : plan.getAccountRequests() ) {\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Disable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Enable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n}\\r\\n\\r\\n ]]></Source>\n"
}
},
"name" : "Service Desk Integration Name",
"modified" : "2024-02-18T18:45:25.994Z",
"attributes" : {
"property" : "value",
"key" : "value"
},
"id" : "62945a496ef440189b1f03e3623411c8",
"beforeProvisioningRule" : ""
}"@
# Update a Service Desk integration
try {
$Result = ConvertFrom-JsonToServiceDeskIntegrationDto -Json $ServiceDeskIntegrationDto
Send-V2025ServiceDeskIntegration -Id $Id -ServiceDeskIntegrationDto $Result
# Below is a request that includes all optional parameters
# Send-V2025ServiceDeskIntegration -Id $Id -ServiceDeskIntegrationDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-status-check-details
Update the time check configuration of queued SDIM tickets.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-status-check-details)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | QueuedCheckConfigDetails | [**QueuedCheckConfigDetails**](../models/queued-check-config-details) | True | The modified time check configuration
### Return type
[**QueuedCheckConfigDetails**](../models/queued-check-config-details)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | QueuedCheckConfigDetails as updated | QueuedCheckConfigDetails
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$QueuedCheckConfigDetails = @"{
"provisioningStatusCheckIntervalMinutes" : "30",
"provisioningMaxStatusCheckDays" : "2"
}"@
# Update the time check configuration
try {
$Result = ConvertFrom-JsonToQueuedCheckConfigDetails -Json $QueuedCheckConfigDetails
Update-V2025StatusCheckDetails -QueuedCheckConfigDetails $Result
# Below is a request that includes all optional parameters
# Update-V2025StatusCheckDetails -QueuedCheckConfigDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025StatusCheckDetails"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

123
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SourceUsagesApi.md Normal file
View File

@@ -0,0 +1,123 @@
---
id: v2025-source-usages
title: SourceUsages
pagination_label: SourceUsages
sidebar_label: SourceUsages
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SourceUsages', 'V2025SourceUsages']
slug: /tools/sdk/powershell/v2025/methods/source-usages
tags: ['SDK', 'Software Development Kit', 'SourceUsages', 'V2025SourceUsages']
---
# SourceUsages
Use this API to implement source usage insight functionality.
With this functionality in place, administrators can gather information and insights about how their tenants&#39; sources are being used.
This allows organizations to get the information they need to start optimizing and securing source usage.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025StatusBySourceId**](#get-status-by-source-id) | **GET** `/source-usages/{sourceId}/status` | Finds status of source usage
[**Get-V2025UsagesBySourceId**](#get-usages-by-source-id) | **GET** `/source-usages/{sourceId}/summaries` | Returns source usage insights
## get-status-by-source-id
This API returns the status of the source usage insights setup by IDN source ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-status-by-source-id)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceId | **String** | True | ID of IDN source
### Return type
[**SourceUsageStatus**](../models/source-usage-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of the source usage insights setup by IDN source ID. | SourceUsageStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$SourceId = "2c9180835d191a86015d28455b4a2329" # String | ID of IDN source
# Finds status of source usage
try {
Get-V2025StatusBySourceId -SourceId $SourceId
# Below is a request that includes all optional parameters
# Get-V2025StatusBySourceId -SourceId $SourceId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025StatusBySourceId"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-usages-by-source-id
This API returns a summary of source usage insights for past 12 months.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-usages-by-source-id)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | SourceId | **String** | True | ID of IDN source
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date**
### Return type
[**SourceUsage[]**](../models/source-usage)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Summary of source usage insights for past 12 months. | SourceUsage[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$SourceId = "2c9180835d191a86015d28455b4a2329" # String | ID of IDN source
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "-date" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **date** (optional)
# Returns source usage insights
try {
Get-V2025UsagesBySourceId -SourceId $SourceId
# Below is a request that includes all optional parameters
# Get-V2025UsagesBySourceId -SourceId $SourceId -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025UsagesBySourceId"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

3129
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SourcesApi.md Normal file
View File

File diff suppressed because it is too large Load Diff

408
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025SuggestedEntitlementDescriptionApi.md Normal file
View File

@@ -0,0 +1,408 @@
---
id: v2025-suggested-entitlement-description
title: SuggestedEntitlementDescription
pagination_label: SuggestedEntitlementDescription
sidebar_label: SuggestedEntitlementDescription
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'SuggestedEntitlementDescription', 'V2025SuggestedEntitlementDescription']
slug: /tools/sdk/powershell/v2025/methods/suggested-entitlement-description
tags: ['SDK', 'Software Development Kit', 'SuggestedEntitlementDescription', 'V2025SuggestedEntitlementDescription']
---
# SuggestedEntitlementDescription
Use this API to implement Suggested Entitlement Description (SED) functionality.
SED functionality leverages the power of LLM to generate suggested entitlement descriptions.
Refer to [GenAI Entitlement Descriptions](https://documentation.sailpoint.com/saas/help/access/entitlements.html#genai-entitlement-descriptions) to learn more about SED in Identity Security Cloud (ISC).
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025SedBatchStats**](#get-sed-batch-stats) | **GET** `/suggested-entitlement-description-batches/{batchId}/stats` | Submit Sed Batch Stats Request
[**Get-V2025SedBatches**](#get-sed-batches) | **GET** `/suggested-entitlement-description-batches` | List Sed Batch Request
[**Get-V2025Seds**](#list-seds) | **GET** `/suggested-entitlement-descriptions` | List Suggested Entitlement Descriptions
[**Update-V2025Sed**](#patch-sed) | **PATCH** `/suggested-entitlement-descriptions` | Patch Suggested Entitlement Description
[**Submit-V2025SedApproval**](#submit-sed-approval) | **POST** `/suggested-entitlement-description-approvals` | Submit Bulk Approval Request
[**Submit-V2025SedAssignment**](#submit-sed-assignment) | **POST** `/suggested-entitlement-description-assignments` | Submit Sed Assignment Request
[**Submit-V2025SedBatchRequest**](#submit-sed-batch-request) | **POST** `/suggested-entitlement-description-batches` | Submit Sed Batch Request
## get-sed-batch-stats
'Submit Sed Batch Stats Request.
Submits batchId in the path param `(e.g. {batchId}/stats)`. API responses with stats
of the batchId.'
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sed-batch-stats)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | BatchId | **String** | True | Batch Id
### Return type
[**SedBatchStats**](../models/sed-batch-stats)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Stats of Sed batch. | SedBatchStats
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$BatchId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | Batch Id
# Submit Sed Batch Stats Request
try {
Get-V2025SedBatchStats -BatchId $BatchId
# Below is a request that includes all optional parameters
# Get-V2025SedBatchStats -BatchId $BatchId
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SedBatchStats"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sed-batches
List Sed Batches.
API responses with Sed Batch Status
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-sed-batches)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**SedBatchStatus**](../models/sed-batch-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Status of batch | SedBatchStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# List Sed Batch Request
try {
Get-V2025SedBatches
# Below is a request that includes all optional parameters
# Get-V2025SedBatches
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025SedBatches"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-seds
List of Suggested Entitlement Descriptions (SED)
SED field descriptions:
**batchId**: the ID of the batch of entitlements that are submitted for description generation
**displayName**: the display name of the entitlement that we are generating a description for
**sourceName**: the name of the source associated with the entitlement that we are generating the description for
**sourceId**: the ID of the source associated with the entitlement that we are generating the description for
**status**: the status of the suggested entitlement description, valid status options: "requested", "suggested", "not_suggested", "failed", "assigned", "approved", "denied"
**fullText**: will filter suggested entitlement description records by text found in any of the following fields: entitlement name, entitlement display name, suggested description, source name
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-seds)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **batchId**: *eq, ne* **displayName**: *eq, ne, co* **sourceName**: *eq, ne, co* **sourceId**: *eq, ne* **status**: *eq, ne* **fullText**: *co*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **displayName, sourceName, status**
Query | CountOnly | **Boolean** | (optional) (default to $false) | If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. This parameter differs from the count parameter in that this one skips executing the actual query and always return an empty array.
Query | RequestedByAnyone | **Boolean** | (optional) (default to $false) | By default, the ListSeds API will only return items that you have requested to be generated. This option will allow you to see all items that have been requested
Query | ShowPendingStatusOnly | **Boolean** | (optional) (default to $false) | Will limit records to items that are in ""suggested"" or ""approved"" status
### Return type
[**Sed[]**](../models/sed)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of Suggested Entitlement Details | Sed[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'displayName co "Read and Write"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **batchId**: *eq, ne* **displayName**: *eq, ne, co* **sourceName**: *eq, ne, co* **sourceId**: *eq, ne* **status**: *eq, ne* **fullText**: *co* (optional)
$Sorters = "sorters=displayName" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **displayName, sourceName, status** (optional)
$CountOnly = $false # Boolean | If `true` it will populate the `X-Total-Count` response header with the number of results that would be returned if `limit` and `offset` were ignored. This parameter differs from the count parameter in that this one skips executing the actual query and always return an empty array. (optional) (default to $false)
$RequestedByAnyone = $false # Boolean | By default, the ListSeds API will only return items that you have requested to be generated. This option will allow you to see all items that have been requested (optional) (default to $false)
$ShowPendingStatusOnly = $false # Boolean | Will limit records to items that are in ""suggested"" or ""approved"" status (optional) (default to $false)
# List Suggested Entitlement Descriptions
try {
Get-V2025Seds
# Below is a request that includes all optional parameters
# Get-V2025Seds -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters -CountOnly $CountOnly -RequestedByAnyone $RequestedByAnyone -ShowPendingStatusOnly $ShowPendingStatusOnly
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Seds"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-sed
Patch Suggested Entitlement Description
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-sed)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | id is sed id
Body | SedPatch | [**[]SedPatch**](../models/sed-patch) | True | Sed Patch Request
### Return type
[**Sed**](../models/sed)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | detail of patched sed | Sed
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "ebab396f-0af1-4050-89b7-dafc63ec70e7" # String | id is sed id
$SedPatch = @"{
"op" : "replace",
"path" : "status",
"value" : "approved"
}"@ # SedPatch[] | Sed Patch Request
# Patch Suggested Entitlement Description
try {
$Result = ConvertFrom-JsonToSedPatch -Json $SedPatch
Update-V2025Sed -Id $Id -SedPatch $Result
# Below is a request that includes all optional parameters
# Update-V2025Sed -Id $Id -SedPatch $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Sed"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-sed-approval
Submit Bulk Approval Request for SED.
Request body takes list of SED Ids. API responses with list of SED Approval Status
[API Spec](https://developer.sailpoint.com/docs/api/v2025/submit-sed-approval)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SedApproval | [**[]SedApproval**](../models/sed-approval) | True | Sed Approval
### Return type
[**SedApprovalStatus[]**](../models/sed-approval-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of SED Approval Status | SedApprovalStatus[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$SedApproval = @"{
"items" : "016629d1-1d25-463f-97f3-c6686846650"
}"@ # SedApproval[] | Sed Approval
# Submit Bulk Approval Request
try {
$Result = ConvertFrom-JsonToSedApproval -Json $SedApproval
Submit-V2025SedApproval -SedApproval $Result
# Below is a request that includes all optional parameters
# Submit-V2025SedApproval -SedApproval $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-V2025SedApproval"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-sed-assignment
Submit Assignment Request.
Request body has an assignee, and list of SED Ids that are assigned to that assignee API responses with batchId that groups all approval requests together
[API Spec](https://developer.sailpoint.com/docs/api/v2025/submit-sed-assignment)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SedAssignment | [**SedAssignment**](../models/sed-assignment) | True | Sed Assignment Request
### Return type
[**SedAssignmentResponse**](../models/sed-assignment-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
202 | Sed Assignment Response | SedAssignmentResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$SedAssignment = @"{
"assignee" : {
"type" : "SOURCE_OWNER",
"value" : "016629d1-1d25-463f-97f3-c6686846650"
},
"items" : [ "016629d1-1d25-463f-97f3-0c6686846650", "016629d1-1d25-463f-97f3-0c6686846650" ]
}"@
# Submit Sed Assignment Request
try {
$Result = ConvertFrom-JsonToSedAssignment -Json $SedAssignment
Submit-V2025SedAssignment -SedAssignment $Result
# Below is a request that includes all optional parameters
# Submit-V2025SedAssignment -SedAssignment $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-V2025SedAssignment"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## submit-sed-batch-request
Submit Sed Batch Request.
Request body has one of the following: - a list of entitlement Ids - a list of SED Ids that user wants to have description generated by LLM. API responses with batchId that groups Ids together
[API Spec](https://developer.sailpoint.com/docs/api/v2025/submit-sed-batch-request)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | SedBatchRequest | [**SedBatchRequest**](../models/sed-batch-request) | (optional) | Sed Batch Request
### Return type
[**SedBatchResponse**](../models/sed-batch-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Sed Batch Response | SedBatchResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$SedBatchRequest = @"{
"entitlements" : [ "016629d1-1d25-463f-97f3-c6686846650", "016629d1-1d25-463f-97f3-c6686846650" ],
"seds" : [ "016629d1-1d25-463f-97f3-c6686846650", "016629d1-1d25-463f-97f3-c6686846650" ]
}"@
# Submit Sed Batch Request
try {
Submit-V2025SedBatchRequest
# Below is a request that includes all optional parameters
# Submit-V2025SedBatchRequest -SedBatchRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-V2025SedBatchRequest"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

510
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025TaggedObjectsApi.md Normal file
View File

@@ -0,0 +1,510 @@
---
id: v2025-tagged-objects
title: TaggedObjects
pagination_label: TaggedObjects
sidebar_label: TaggedObjects
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'TaggedObjects', 'V2025TaggedObjects']
slug: /tools/sdk/powershell/v2025/methods/tagged-objects
tags: ['SDK', 'Software Development Kit', 'TaggedObjects', 'V2025TaggedObjects']
---
# TaggedObjects
Use this API to implement object tagging functionality.
With object tagging functionality in place, any user in an organization can use tags as a way to group objects together and find them more quickly when the user searches Identity Security Cloud.
In Identity Security Cloud, users can search their tenants for information and add tags objects they find.
Tagging an object provides users with a way of grouping objects together and makes it easier to find these objects in the future.
For example, if a user is searching for an entitlement that grants a risky level of access to Active Directory, it&#39;s possible that the user may have to search through hundreds of entitlements to find the correct one.
Once the user finds that entitlement, the user can add a tag to the entitlement, &quot;AD_RISKY&quot; to make it easier to find the entitlement again.
The user can add the same tag to multiple objects the user wants to group together for an easy future search, and the user can also do so in bulk.
When the user wants to find that tagged entitlement again, the user can search for &quot;tags:AD_RISKY&quot; to find all objects with that tag.
With the API, you can tag even more different object types than you can in Identity Security Cloud (access profiles, entitlements, identities, and roles).
You can use the API to tag all these objects:
- Access profiles
- Applications
- Certification campaigns
- Entitlements
- Identities
- Roles
- SOD (separation of duties) policies
- Sources
You can also use the API to directly find, create, and manage tagged objects without using search queries.
There are limits to tags:
- You can have up to 500 different tags in your tenant.
- You can apply up to 30 tags to one object.
- You can have up to 10,000 tag associations, pairings of 1 tag to 1 object, in your tenant.
Because of these limits, it is recommended that you work with your governance experts and security teams to establish a list of tags that are most expressive of governance objects and access managed by Identity Security Cloud.
These are the types of information often expressed in tags:
- Affected departments
- Compliance and regulatory categories
- Remediation urgency levels
- Risk levels
Refer to [Tagging Items in Search](https://documentation.sailpoint.com/saas/help/search/index.html?h&#x3D;tags#tagging-items-in-search) for more information about tagging objects in Identity Security Cloud.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Remove-V2025TaggedObject**](#delete-tagged-object) | **DELETE** `/tagged-objects/{type}/{id}` | Delete Object Tags
[**Remove-V2025TagsToManyObject**](#delete-tags-to-many-object) | **POST** `/tagged-objects/bulk-remove` | Remove Tags from Multiple Objects
[**Get-V2025TaggedObject**](#get-tagged-object) | **GET** `/tagged-objects/{type}/{id}` | Get Tagged Object
[**Get-V2025TaggedObjects**](#list-tagged-objects) | **GET** `/tagged-objects` | List Tagged Objects
[**Get-V2025TaggedObjectsByType**](#list-tagged-objects-by-type) | **GET** `/tagged-objects/{type}` | List Tagged Objects by Type
[**Send-V2025TaggedObject**](#put-tagged-object) | **PUT** `/tagged-objects/{type}/{id}` | Update Tagged Object
[**Set-V2025TagToObject**](#set-tag-to-object) | **POST** `/tagged-objects` | Add Tag to Object
[**Set-V2025TagsToManyObjects**](#set-tags-to-many-objects) | **POST** `/tagged-objects/bulk-add` | Tag Multiple Objects
## delete-tagged-object
Delete all tags from a tagged object.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-tagged-object)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of object to delete tags from.
Path | Id | **String** | True | The ID of the object to delete tags from.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of object to delete tags from.
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the object to delete tags from.
# Delete Object Tags
try {
Remove-V2025TaggedObject -Type $Type -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025TaggedObject -Type $Type -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025TaggedObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-tags-to-many-object
This API removes tags from multiple objects.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-tags-to-many-object)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | BulkRemoveTaggedObject | [**BulkRemoveTaggedObject**](../models/bulk-remove-tagged-object) | True | Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$BulkRemoveTaggedObject = @"{
"objectRefs" : [ {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}, {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
} ],
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Remove Tags from Multiple Objects
try {
$Result = ConvertFrom-JsonToBulkRemoveTaggedObject -Json $BulkRemoveTaggedObject
Remove-V2025TagsToManyObject -BulkRemoveTaggedObject $Result
# Below is a request that includes all optional parameters
# Remove-V2025TagsToManyObject -BulkRemoveTaggedObject $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025TagsToManyObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-tagged-object
This gets a tagged object for the specified type.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-tagged-object)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of tagged object to retrieve.
Path | Id | **String** | True | The ID of the object reference to retrieve.
### Return type
[**TaggedObject**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Tagged object by type and ID. | TaggedObject
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of tagged object to retrieve.
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the object reference to retrieve.
# Get Tagged Object
try {
Get-V2025TaggedObject -Type $Type -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025TaggedObject -Type $Type -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TaggedObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-tagged-objects
This API returns a list of all tagged objects.
Any authenticated token may be used to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-tagged-objects)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq, in* **objectRef.type**: *eq, in* **tagName**: *eq, in*
### Return type
[**TaggedObject[]**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all tagged objects. | TaggedObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'tagName eq "BU_FINANCE"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq, in* **objectRef.type**: *eq, in* **tagName**: *eq, in* (optional)
# List Tagged Objects
try {
Get-V2025TaggedObjects
# Below is a request that includes all optional parameters
# Get-V2025TaggedObjects -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TaggedObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-tagged-objects-by-type
This API returns a list of all tagged objects by type.
Any authenticated token may be used to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-tagged-objects-by-type)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of tagged object to retrieve.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq* **objectRef.type**: *eq*
### Return type
[**TaggedObject[]**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of all tagged objects for specified type. | TaggedObject[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of tagged object to retrieve.
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'objectRef.id eq "2c91808568c529c60168cca6f90c1313"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **objectRef.id**: *eq* **objectRef.type**: *eq* (optional)
# List Tagged Objects by Type
try {
Get-V2025TaggedObjectsByType -Type $Type
# Below is a request that includes all optional parameters
# Get-V2025TaggedObjectsByType -Type $Type -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TaggedObjectsByType"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-tagged-object
This updates a tagged object for the specified type.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/put-tagged-object)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Type | **String** | True | The type of tagged object to update.
Path | Id | **String** | True | The ID of the object reference to update.
Body | TaggedObject | [**TaggedObject**](../models/tagged-object) | True |
### Return type
[**TaggedObject**](../models/tagged-object)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Tagged object by type and ID. | TaggedObject
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Type = "ACCESS_PROFILE" # String | The type of tagged object to update.
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the object reference to update.
$TaggedObject = @"{
"objectRef" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Update Tagged Object
try {
$Result = ConvertFrom-JsonToTaggedObject -Json $TaggedObject
Send-V2025TaggedObject -Type $Type -Id $Id -TaggedObject $Result
# Below is a request that includes all optional parameters
# Send-V2025TaggedObject -Type $Type -Id $Id -TaggedObject $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2025TaggedObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-tag-to-object
This adds a tag to an object.
Any authenticated token may be used to call this API.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-tag-to-object)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | TaggedObject | [**TaggedObject**](../models/tagged-object) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Created. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$TaggedObject = @"{
"objectRef" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Add Tag to Object
try {
$Result = ConvertFrom-JsonToTaggedObject -Json $TaggedObject
Set-V2025TagToObject -TaggedObject $Result
# Below is a request that includes all optional parameters
# Set-V2025TagToObject -TaggedObject $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025TagToObject"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-tags-to-many-objects
This API adds tags to multiple objects.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-tags-to-many-objects)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | BulkAddTaggedObject | [**BulkAddTaggedObject**](../models/bulk-add-tagged-object) | True | Supported object types are ACCESS_PROFILE, APPLICATION, CAMPAIGN, ENTITLEMENT, IDENTITY, ROLE, SOD_POLICY, SOURCE.
### Return type
[**BulkTaggedObjectResponse[]**](../models/bulk-tagged-object-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Request succeeded. | BulkTaggedObjectResponse[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$BulkAddTaggedObject = @"{
"objectRefs" : [ {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}, {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
} ],
"operation" : "MERGE",
"tags" : [ "BU_FINANCE", "PCI" ]
}"@
# Tag Multiple Objects
try {
$Result = ConvertFrom-JsonToBulkAddTaggedObject -Json $BulkAddTaggedObject
Set-V2025TagsToManyObjects -BulkAddTaggedObject $Result
# Below is a request that includes all optional parameters
# Set-V2025TagsToManyObjects -BulkAddTaggedObject $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025TagsToManyObjects"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

305
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025TaskManagementApi.md Normal file
View File

@@ -0,0 +1,305 @@
---
id: v2025-task-management
title: TaskManagement
pagination_label: TaskManagement
sidebar_label: TaskManagement
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'TaskManagement', 'V2025TaskManagement']
slug: /tools/sdk/powershell/v2025/methods/task-management
tags: ['SDK', 'Software Development Kit', 'TaskManagement', 'V2025TaskManagement']
---
# TaskManagement
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025PendingTaskHeaders**](#get-pending-task-headers) | **HEAD** `/task-status/pending-tasks` | Retrieve Pending Task List Headers
[**Get-V2025PendingTasks**](#get-pending-tasks) | **GET** `/task-status/pending-tasks` | Retrieve Pending Task Status List
[**Get-V2025TaskStatus**](#get-task-status) | **GET** `/task-status/{id}` | Get Task Status by ID
[**Get-V2025TaskStatusList**](#get-task-status-list) | **GET** `/task-status` | Retrieve Task Status List
[**Update-V2025TaskStatus**](#update-task-status) | **PATCH** `/task-status/{id}` | Update Task Status by ID
## get-pending-task-headers
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Responds with headers only for list of task statuses for pending tasks.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-pending-task-headers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Retrieve headers for a list of TaskStatus for pending tasks. |
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Retrieve Pending Task List Headers
try {
Get-V2025PendingTaskHeaders -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025PendingTaskHeaders -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PendingTaskHeaders"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-pending-tasks
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Retrieve a list of statuses for pending tasks. Types of tasks include account and entitlement aggregation and other general background processing tasks. Data for tasks older than 90 days will not be returned.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-pending-tasks)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**TaskStatus[]**](../models/task-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with a list of TaskStatus for pending tasks. | TaskStatus[]
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
# Retrieve Pending Task Status List
try {
Get-V2025PendingTasks -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025PendingTasks -XSailPointExperimental $XSailPointExperimental -Offset $Offset -Limit $Limit -Count $Count
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025PendingTasks"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-task-status
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Get task status by task ID. Types of tasks include account and entitlement aggregation and other general background processing tasks. Data for tasks older than 90 days will not be returned.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-task-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Task ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**TaskStatus**](../models/task-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with a TaskStatus for the task with the given task ID. | TaskStatus
403 | Forbidden, generally due to a lack of security rights |
404 | TaskStatus with the given id was not found. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "00eebcf881994e419d72e757fd30dc0e" # String | Task ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Task Status by ID
try {
Get-V2025TaskStatus -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025TaskStatus -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TaskStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-task-status-list
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Use this endpoint to get a list of statuses for **completed** tasks. Types of tasks include account and entitlement aggregation and other general background processing tasks. Data for tasks older than 90 days will not be returned. To get a list of statuses for **in-progress** tasks, please use the [retrieve pending task status list](https://developer.sailpoint.com/docs/api/v2024/get-pending-tasks) endpoint.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-task-status-list)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **sourceId**: *eq, in* **completionStatus**: *eq, in* **type**: *eq, in*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created**
### Return type
[**TaskStatus[]**](../models/task-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Responds with a TaskStatus for the task with the given task ID. | TaskStatus[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'completionStatus eq "Success"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **sourceId**: *eq, in* **completionStatus**: *eq, in* **type**: *eq, in* (optional)
$Sorters = "-created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **created** (optional)
# Retrieve Task Status List
try {
Get-V2025TaskStatusList -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025TaskStatusList -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TaskStatusList"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-task-status
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Update a current task status by task ID. Use this API to clear a pending task by updating the completionStatus and completed attributes.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-task-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Task ID.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | The JSONPatch payload used to update the object.
### Return type
[**TaskStatus**](../models/task-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | This response indicates the PATCH operation succeeded, and the API returns the updated task object. | TaskStatus
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "00eebcf881994e419d72e757fd30dc0e" # String | Task ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | The JSONPatch payload used to update the object.
# Update Task Status by ID
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025TaskStatus -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025TaskStatus -Id $Id -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025TaskStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

65
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025TenantApi.md Normal file
View File

@@ -0,0 +1,65 @@
---
id: v2025-tenant
title: Tenant
pagination_label: Tenant
sidebar_label: Tenant
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Tenant', 'V2025Tenant']
slug: /tools/sdk/powershell/v2025/methods/tenant
tags: ['SDK', 'Software Development Kit', 'Tenant', 'V2025Tenant']
---
# Tenant
API for reading tenant details.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025Tenant**](#get-tenant) | **GET** `/tenant` | Get Tenant Information.
## get-tenant
This rest endpoint can be used to retrieve tenant details.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-tenant)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**Tenant**](../models/tenant)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Tenant Info | Tenant
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get Tenant Information.
try {
Get-V2025Tenant
# Below is a request that includes all optional parameters
# Get-V2025Tenant
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Tenant"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

134
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025TenantContextApi.md Normal file
View File

@@ -0,0 +1,134 @@
---
id: v2025-tenant-context
title: TenantContext
pagination_label: TenantContext
sidebar_label: TenantContext
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'TenantContext', 'V2025TenantContext']
slug: /tools/sdk/powershell/v2025/methods/tenant-context
tags: ['SDK', 'Software Development Kit', 'TenantContext', 'V2025TenantContext']
---
# TenantContext
The purpose of this API is to manage key-value pairs specific to a tenant&#39;s context, enabling dynamic configuration and personalized settings per tenant.
Context key-value pairs will consist of common terms and acronyms used within your organization.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025TenantContext**](#get-tenant-context) | **GET** `/tenant-context` | Retrieve tenant context
[**Update-V2025TenantContext**](#patch-tenant-context) | **PATCH** `/tenant-context` | Update tenant context
## get-tenant-context
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Returns a list of key-value pairs representing the current state of the tenant's context.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-tenant-context)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**GetTenantContext200ResponseInner[]**](../models/get-tenant-context200-response-inner)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Successfully retrieved tenant context. | GetTenantContext200ResponseInner[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Retrieve tenant context
try {
Get-V2025TenantContext -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025TenantContext -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TenantContext"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-tenant-context
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Allows the user to make incremental updates to tenant context records using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
This endpoint is specifically designed to modify the `/Key/*` field, supporting operations such as `add`, `remove`, or `replace` to manage key-value pairs.
Note that each tenant is limited to a maximum of 100 key-value pairs.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-tenant-context)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | JsonPatchOperation | [**JsonPatchOperation**](../models/json-patch-operation) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Tenant context updated successfully. |
400 | Bad request due to invalid input parameters. | ErrorResponseDto1
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
# Update tenant context
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-V2025TenantContext -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-V2025TenantContext -XSailPointExperimental $XSailPointExperimental -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025TenantContext"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

311
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025TransformsApi.md Normal file
View File

@@ -0,0 +1,311 @@
---
id: v2025-transforms
title: Transforms
pagination_label: Transforms
sidebar_label: Transforms
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Transforms', 'V2025Transforms']
slug: /tools/sdk/powershell/v2025/methods/transforms
tags: ['SDK', 'Software Development Kit', 'Transforms', 'V2025Transforms']
---
# Transforms
The purpose of this API is to expose functionality for the manipulation of Transform objects.
Transforms are a form of configurable objects which define an easy way to manipulate attribute data without having
to write code.
Refer to [Transforms](https://developer.sailpoint.com/docs/extensibility/transforms/) for more information about transforms.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**New-V2025Transform**](#create-transform) | **POST** `/transforms` | Create transform
[**Remove-V2025Transform**](#delete-transform) | **DELETE** `/transforms/{id}` | Delete a transform
[**Get-V2025Transform**](#get-transform) | **GET** `/transforms/{id}` | Transform by ID
[**Get-V2025Transforms**](#list-transforms) | **GET** `/transforms` | List transforms
[**Update-V2025Transform**](#update-transform) | **PUT** `/transforms/{id}` | Update a transform
## create-transform
Creates a new transform object immediately. By default, the internal flag is set to false to indicate that this is a custom transform. Only SailPoint employees have the ability to create a transform with internal set to true. Newly created Transforms can be used in the Identity Profile mappings within the UI.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-transform)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Body | Transform | [**Transform**](../models/transform) | True | The transform to be created.
### Return type
[**TransformRead**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | Indicates the transform was successfully created and returns its representation. | TransformRead
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Transform = @"{
"name" : "Timestamp To Date",
"attributes" : {
"input" : {
"type" : "accountAttribute",
"attributes" : {
"attributeName" : "first_name",
"sourceName" : "Source"
}
},
"accountSortAttribute" : "created",
"accountReturnFirstLink" : false,
"requiresPeriodicRefresh" : false,
"accountPropertyFilter" : "(groups.containsAll({'Admin'}) || location == 'Austin')",
"attributeName" : "DEPARTMENT",
"accountSortDescending" : false,
"sourceName" : "Workday",
"accountFilter" : "!(nativeIdentity.startsWith(\"*DELETED*\"))"
},
"type" : "dateFormat"
}"@
# Create transform
try {
$Result = ConvertFrom-JsonToTransform -Json $Transform
New-V2025Transform -Transform $Result
# Below is a request that includes all optional parameters
# New-V2025Transform -Transform $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-transform
Deletes the transform specified by the given ID. Attempting to delete a transform that is used in one or more Identity Profile mappings will result in an error. If this occurs, you must first remove the transform from all mappings before deleting the transform.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-transform)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the transform to delete
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2cd78adghjkja34jh2b1hkjhasuecd" # String | ID of the transform to delete
# Delete a transform
try {
Remove-V2025Transform -Id $Id
# Below is a request that includes all optional parameters
# Remove-V2025Transform -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-transform
This API returns the transform specified by the given ID.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-transform)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the transform to retrieve
### Return type
[**TransformRead**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Transform with the given ID | TransformRead
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "2cd78adghjkja34jh2b1hkjhasuecd" # String | ID of the transform to retrieve
# Transform by ID
try {
Get-V2025Transform -Id $Id
# Below is a request that includes all optional parameters
# Get-V2025Transform -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-transforms
Gets a list of all saved transform objects.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-transforms)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Name | **String** | (optional) | Name of the transform to retrieve from the list.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **internal**: *eq* **name**: *eq, sw*
### Return type
[**TransformRead[]**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A list of transforms matching the given criteria. | TransformRead[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Name = "ExampleTransformName123" # String | Name of the transform to retrieve from the list. (optional)
$Filters = 'name eq "Uppercase"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **internal**: *eq* **name**: *eq, sw* (optional)
# List transforms
try {
Get-V2025Transforms
# Below is a request that includes all optional parameters
# Get-V2025Transforms -Offset $Offset -Limit $Limit -Count $Count -Name $Name -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Transforms"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-transform
Replaces the transform specified by the given ID with the transform provided in the request body. Only the "attributes" field is mutable. Attempting to change other properties (ex. "name" and "type") will result in an error.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-transform)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the transform to update
Body | Transform | [**Transform**](../models/transform) | (optional) | The updated transform object. Must include ""name"", ""type"", and ""attributes"" fields, but ""name"" and ""type"" must not be modified.
### Return type
[**TransformRead**](../models/transform-read)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Indicates the transform was successfully updated and returns its new representation. | TransformRead
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "2cd78adghjkja34jh2b1hkjhasuecd" # String | ID of the transform to update
$Transform = @"{
"name" : "Timestamp To Date",
"attributes" : {
"input" : {
"type" : "accountAttribute",
"attributes" : {
"attributeName" : "first_name",
"sourceName" : "Source"
}
},
"accountSortAttribute" : "created",
"accountReturnFirstLink" : false,
"requiresPeriodicRefresh" : false,
"accountPropertyFilter" : "(groups.containsAll({'Admin'}) || location == 'Austin')",
"attributeName" : "DEPARTMENT",
"accountSortDescending" : false,
"sourceName" : "Workday",
"accountFilter" : "!(nativeIdentity.startsWith(\"*DELETED*\"))"
},
"type" : "dateFormat"
}"@
# Update a transform
try {
Update-V2025Transform -Id $Id
# Below is a request that includes all optional parameters
# Update-V2025Transform -Id $Id -Transform $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Transform"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

695
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025TriggersApi.md Normal file
View File

@@ -0,0 +1,695 @@
---
id: v2025-triggers
title: Triggers
pagination_label: Triggers
sidebar_label: Triggers
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'Triggers', 'V2025Triggers']
slug: /tools/sdk/powershell/v2025/methods/triggers
tags: ['SDK', 'Software Development Kit', 'Triggers', 'V2025Triggers']
---
# Triggers
Event Triggers provide real-time updates to changes in Identity Security Cloud so you can take action as soon as an event occurs, rather than poll an API endpoint for updates. Identity Security Cloud provides a user interface within the admin console to create and manage trigger subscriptions. These endpoints allow for programatically creating and managing trigger subscriptions.
There are two types of event triggers:
* &#x60;FIRE_AND_FORGET&#x60;: This trigger type will send a payload to each subscriber without needing a response. Each trigger of this type has a limit of **50 subscriptions**.
* &#x60;REQUEST_RESPONSE&#x60;: This trigger type will send a payload to a subscriber and expect a response back. Each trigger of this type may only have **one subscription**.
## Available Event Triggers
Production ready event triggers that are available in all tenants.
| Name | ID | Type | Trigger condition |
|-|-|-|-|
| [Access Request Dynamic Approval](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-dynamic-approval/) | idn:access-request-dynamic-approver | REQUEST_RESPONSE |After an access request is submitted. Expects the subscriber to respond with the ID of an identity or workgroup to add to the approval workflow. |
| [Access Request Decision](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-decision/) | idn:access-request-post-approval | FIRE_AND_FORGET | After an access request is approved. |
| [Access Request Submitted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/access-request-submitted/) | idn:access-request-pre-approval | REQUEST_RESPONSE | After an access request is submitted. Expects the subscriber to respond with an approval decision. |
| [Account Aggregation Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:account-aggregation-completed | FIRE_AND_FORGET | After an account aggregation completed, terminated, failed. |
| Account Attributes Changed | idn:account-attributes-changed | FIRE_AND_FORGET | After an account aggregation, and one or more account attributes have changed. |
| Account Correlated | idn:account-correlated | FIRE_AND_FORGET | After an account is added to an identity. |
| Accounts Collected for Aggregation | idn:aggregation-accounts-collected | FIRE_AND_FORGET | New, changed, and deleted accounts have been gathered during an aggregation and are being processed. |
| Account Uncorrelated | idn:account-uncorrelated | FIRE_AND_FORGET | After an account is removed from an identity. |
| Campaign Activated | idn:campaign-activated | FIRE_AND_FORGET | After a campaign is activated. |
| Campaign Ended | idn:campaign-ended | FIRE_AND_FORGET | After a campaign ends. |
| Campaign Generated | idn:campaign-generated | FIRE_AND_FORGET | After a campaign finishes generating. |
| Certification Signed Off | idn:certification-signed-off | FIRE_AND_FORGET | After a certification is signed off by its reviewer. |
| [Identity Attributes Changed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/account-aggregation-completed/) | idn:identity-attributes-changed | FIRE_AND_FORGET | After One or more identity attributes changed. |
| [Identity Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-created/) | idn:identity-created | FIRE_AND_FORGET | After an identity is created. |
| [Provisioning Action Completed](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/provisioning-completed/) | idn:post-provisioning | FIRE_AND_FORGET | After a provisioning action completed on a source. |
| [Scheduled Search](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/scheduled-search/) | idn:saved-search-complete | FIRE_AND_FORGET | After a scheduled search completed. |
| [Source Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-created/) | idn:source-created | FIRE_AND_FORGET | After a source is created. |
| [Source Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-deleted/) | idn:source-deleted | FIRE_AND_FORGET | After a source is deleted. |
| [Source Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-updated/) | idn:source-updated | FIRE_AND_FORGET | After configuration changes have been made to a source. |
| [VA Cluster Status Change](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/va-cluster-status-change/) | idn:va-cluster-status-change | FIRE_AND_FORGET | After the status of a VA cluster has changed. |
## Early Access Event Triggers
Triggers that are in-development and not ready for production use. Please contact support to enable these triggers in your tenant.
| Name | ID | Type | Trigger condition |
|-|-|-|-|
| [Identity Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/identity-deleted/) | idn:identity-deleted | FIRE_AND_FORGET | After an identity is deleted. |
| [Source Account Created](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-created/) | idn:source-account-created | FIRE_AND_FORGET | After a source account is created. |
| [Source Account Deleted](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-deleted/) | idn:source-account-deleted | FIRE_AND_FORGET | After a source account is deleted. |
| [Source Account Updated](https://developer.sailpoint.com/docs/extensibility/event-triggers/triggers/source-account-updated/) | idn:source-account-updated | FIRE_AND_FORGET | After a source account is changed. |
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Complete-V2025TriggerInvocation**](#complete-trigger-invocation) | **POST** `/trigger-invocations/{id}/complete` | Complete Trigger Invocation
[**New-V2025Subscription**](#create-subscription) | **POST** `/trigger-subscriptions` | Create a Subscription
[**Remove-V2025Subscription**](#delete-subscription) | **DELETE** `/trigger-subscriptions/{id}` | Delete a Subscription
[**Get-V2025Subscriptions**](#list-subscriptions) | **GET** `/trigger-subscriptions` | List Subscriptions
[**Get-V2025TriggerInvocationStatus**](#list-trigger-invocation-status) | **GET** `/trigger-invocations/status` | List Latest Invocation Statuses
[**Get-V2025Triggers**](#list-triggers) | **GET** `/triggers` | List Triggers
[**Update-V2025Subscription**](#patch-subscription) | **PATCH** `/trigger-subscriptions/{id}` | Patch a Subscription
[**Start-V2025TestTriggerInvocation**](#start-test-trigger-invocation) | **POST** `/trigger-invocations/test` | Start a Test Invocation
[**Test-V2025SubscriptionFilter**](#test-subscription-filter) | **POST** `/trigger-subscriptions/validate-filter` | Validate a Subscription Filter
[**Update-V2025Subscription**](#update-subscription) | **PUT** `/trigger-subscriptions/{id}` | Update a Subscription
## complete-trigger-invocation
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Completes an invocation to a REQUEST_RESPONSE type trigger.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/complete-trigger-invocation)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the invocation to complete.
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | CompleteInvocation | [**CompleteInvocation**](../models/complete-invocation) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" # String | The ID of the invocation to complete.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CompleteInvocation = @"{
"output" : {
"approved" : false
},
"secret" : "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde",
"error" : "Access request is denied."
}"@
# Complete Trigger Invocation
try {
$Result = ConvertFrom-JsonToCompleteInvocation -Json $CompleteInvocation
Complete-V2025TriggerInvocation -Id $Id -XSailPointExperimental $XSailPointExperimental -CompleteInvocation $Result
# Below is a request that includes all optional parameters
# Complete-V2025TriggerInvocation -Id $Id -XSailPointExperimental $XSailPointExperimental -CompleteInvocation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Complete-V2025TriggerInvocation"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## create-subscription
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API creates a new subscription to a trigger and defines trigger invocation details. The type of subscription determines which config object is required:
* HTTP subscriptions require httpConfig
* EventBridge subscriptions require eventBridgeConfig
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-subscription)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SubscriptionPostRequest | [**SubscriptionPostRequest**](../models/subscription-post-request) | True |
### Return type
[**Subscription**](../models/subscription)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
201 | New subscription to a trigger. The trigger can now be invoked by the method defined in the subscription. | Subscription
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SubscriptionPostRequest = @"{
"filter" : "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]",
"httpConfig" : {
"bearerTokenAuthConfig" : {
"bearerToken" : "bearerToken"
},
"httpAuthenticationType" : "BASIC_AUTH",
"httpDispatchMode" : "SYNC",
"basicAuthConfig" : {
"password" : "password",
"userName" : "user@example.com"
},
"url" : "https://www.example.com"
},
"triggerId" : "idn:access-requested",
"name" : "Access request subscription",
"description" : "Access requested to site xyz",
"eventBridgeConfig" : {
"awsRegion" : "us-west-1",
"awsAccount" : "123456789012"
},
"responseDeadline" : "PT1H",
"type" : "HTTP",
"enabled" : true
}"@
# Create a Subscription
try {
$Result = ConvertFrom-JsonToSubscriptionPostRequest -Json $SubscriptionPostRequest
New-V2025Subscription -XSailPointExperimental $XSailPointExperimental -SubscriptionPostRequest $Result
# Below is a request that includes all optional parameters
# New-V2025Subscription -XSailPointExperimental $XSailPointExperimental -SubscriptionPostRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2025Subscription"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-subscription
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Deletes an existing subscription to a trigger.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/delete-subscription)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Subscription ID
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" # String | Subscription ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete a Subscription
try {
Remove-V2025Subscription -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2025Subscription -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2025Subscription"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-subscriptions
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Gets a list of all trigger subscriptions.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-subscriptions)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **triggerId**: *eq* **type**: *eq, le*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **triggerId, triggerName**
### Return type
[**Subscription[]**](../models/subscription)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of subscriptions. | Subscription[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "12cff757-c0c0-413b-8ad7-2a47956d1e89"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq* **triggerId**: *eq* **type**: *eq, le* (optional)
$Sorters = "triggerName" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **triggerId, triggerName** (optional)
# List Subscriptions
try {
Get-V2025Subscriptions -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Subscriptions -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Subscriptions"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-trigger-invocation-status
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Gets a list of latest invocation statuses.
Statuses of successful invocations are available for up to 24 hours. Statuses of failed invocations are available for up to 48 hours.
This endpoint may only fetch up to 2000 invocations, and should not be treated as a representation of the full history of invocations.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-trigger-invocation-status)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **triggerId**: *eq* **subscriptionId**: *eq*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **triggerId, subscriptionName, created, completed**
### Return type
[**InvocationStatus[]**](../models/invocation-status)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of latest invocation statuses. | InvocationStatus[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'triggerId eq "idn:access-request-dynamic-approver"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **triggerId**: *eq* **subscriptionId**: *eq* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **triggerId, subscriptionName, created, completed** (optional)
# List Latest Invocation Statuses
try {
Get-V2025TriggerInvocationStatus -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025TriggerInvocationStatus -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TriggerInvocationStatus"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-triggers
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Gets a list of triggers that are available in the tenant.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/list-triggers)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Count | **Boolean** | (optional) (default to $false) | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Filters | **String** | (optional) | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ge, le*
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name**
### Return type
[**Trigger[]**](../models/trigger)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of triggers. | Trigger[]
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "idn:access-request-post-approval"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, ge, le* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name** (optional)
# List Triggers
try {
Get-V2025Triggers -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025Triggers -XSailPointExperimental $XSailPointExperimental -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Triggers"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-subscription
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates a trigger subscription in IdentityNow, using a set of instructions to modify a subscription partially. The following fields are patchable:
**name**, **description**, **enabled**, **type**, **filter**, **responseDeadline**, **httpConfig**, **eventBridgeConfig**, **workflowConfig**
[API Spec](https://developer.sailpoint.com/docs/api/v2025/patch-subscription)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | ID of the Subscription to patch
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SubscriptionPatchRequestInner | [**[]SubscriptionPatchRequestInner**](../models/subscription-patch-request-inner) | True |
### Return type
[**Subscription**](../models/subscription)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated subscription. | Subscription
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" # String | ID of the Subscription to patch
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SubscriptionPatchRequestInner = @""@ # SubscriptionPatchRequestInner[] |
# Patch a Subscription
try {
$Result = ConvertFrom-JsonToSubscriptionPatchRequestInner -Json $SubscriptionPatchRequestInner
Update-V2025Subscription -Id $Id -XSailPointExperimental $XSailPointExperimental -SubscriptionPatchRequestInner $Result
# Below is a request that includes all optional parameters
# Update-V2025Subscription -Id $Id -XSailPointExperimental $XSailPointExperimental -SubscriptionPatchRequestInner $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Subscription"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-test-trigger-invocation
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Initiate a test event for all subscribers of the specified event trigger. If there are no subscribers to the specified trigger in the tenant, then no test event will be sent.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/start-test-trigger-invocation)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | TestInvocation | [**TestInvocation**](../models/test-invocation) | True |
### Return type
[**Invocation[]**](../models/invocation)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Test trigger invocations that have been started for specified subscription(s). | Invocation[]
204 | No content - indicates the request was successful but there is no content to be returned in the response. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$TestInvocation = @"{
"input" : {
"identityId" : "201327fda1c44704ac01181e963d463c"
},
"subscriptionIds" : [ "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" ],
"triggerId" : "idn:access-request-post-approval",
"contentJson" : {
"workflowId" : 1234
}
}"@
# Start a Test Invocation
try {
$Result = ConvertFrom-JsonToTestInvocation -Json $TestInvocation
Start-V2025TestTriggerInvocation -XSailPointExperimental $XSailPointExperimental -TestInvocation $Result
# Below is a request that includes all optional parameters
# Start-V2025TestTriggerInvocation -XSailPointExperimental $XSailPointExperimental -TestInvocation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-V2025TestTriggerInvocation"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## test-subscription-filter
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
Validates a JSONPath filter expression against a provided mock input.
Request requires a security scope of:
[API Spec](https://developer.sailpoint.com/docs/api/v2025/test-subscription-filter)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | ValidateFilterInputDto | [**ValidateFilterInputDto**](../models/validate-filter-input-dto) | True |
### Return type
[**ValidateFilterOutputDto**](../models/validate-filter-output-dto)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Boolean whether specified filter expression is valid against the input. | ValidateFilterOutputDto
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$ValidateFilterInputDto = @"{
"filter" : "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]",
"input" : {
"identityId" : "201327fda1c44704ac01181e963d463c"
}
}"@
# Validate a Subscription Filter
try {
$Result = ConvertFrom-JsonToValidateFilterInputDto -Json $ValidateFilterInputDto
Test-V2025SubscriptionFilter -XSailPointExperimental $XSailPointExperimental -ValidateFilterInputDto $Result
# Below is a request that includes all optional parameters
# Test-V2025SubscriptionFilter -XSailPointExperimental $XSailPointExperimental -ValidateFilterInputDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-V2025SubscriptionFilter"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## update-subscription
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API updates a trigger subscription in IdentityNow, using a full object representation. In other words, the existing
Subscription is completely replaced. The following fields are immutable:
* id
* triggerId
Attempts to modify these fields result in 400.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/update-subscription)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | Subscription ID
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | SubscriptionPutRequest | [**SubscriptionPutRequest**](../models/subscription-put-request) | True |
### Return type
[**Subscription**](../models/subscription)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Updated subscription. | Subscription
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde" # String | Subscription ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$SubscriptionPutRequest = @"{
"filter" : "$[?($.identityId == \"201327fda1c44704ac01181e963d463c\")]",
"httpConfig" : {
"bearerTokenAuthConfig" : {
"bearerToken" : "bearerToken"
},
"httpAuthenticationType" : "BASIC_AUTH",
"httpDispatchMode" : "SYNC",
"basicAuthConfig" : {
"password" : "password",
"userName" : "user@example.com"
},
"url" : "https://www.example.com"
},
"name" : "Access request subscription",
"description" : "Access requested to site xyz",
"eventBridgeConfig" : {
"awsRegion" : "us-west-1",
"awsAccount" : "123456789012"
},
"responseDeadline" : "PT1H",
"type" : "HTTP",
"enabled" : true
}"@
# Update a Subscription
try {
$Result = ConvertFrom-JsonToSubscriptionPutRequest -Json $SubscriptionPutRequest
Update-V2025Subscription -Id $Id -XSailPointExperimental $XSailPointExperimental -SubscriptionPutRequest $Result
# Below is a request that includes all optional parameters
# Update-V2025Subscription -Id $Id -XSailPointExperimental $XSailPointExperimental -SubscriptionPutRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025Subscription"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

128
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025UIMetadataApi.md Normal file
View File

@@ -0,0 +1,128 @@
---
id: v2025-ui-metadata
title: UIMetadata
pagination_label: UIMetadata
sidebar_label: UIMetadata
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'UIMetadata', 'V2025UIMetadata']
slug: /tools/sdk/powershell/v2025/methods/ui-metadata
tags: ['SDK', 'Software Development Kit', 'UIMetadata', 'V2025UIMetadata']
---
# UIMetadata
API for managing UI Metadata. Use this API to manage metadata about your User Interface.
For example you can set the iFrameWhitelist parameter to permit another domain to encapsulate IDN within an iframe or set the usernameEmptyText to change the placeholder text for Username on your tenant&#39;s login screen.
All URIs are relative to *https://sailpoint.api.identitynow.com/v2025*
Method | HTTP request | Description
------------- | ------------- | -------------
[**Get-V2025TenantUiMetadata**](#get-tenant-ui-metadata) | **GET** `/ui-metadata/tenant` | Get a tenant UI metadata
[**Set-V2025TenantUiMetadata**](#set-tenant-ui-metadata) | **PUT** `/ui-metadata/tenant` | Update tenant UI metadata
## get-tenant-ui-metadata
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API endpoint retrieves UI metadata configured for your tenant.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/get-tenant-ui-metadata)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
### Return type
[**TenantUiMetadataItemResponse**](../models/tenant-ui-metadata-item-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A tenant UI metadata object | TenantUiMetadataItemResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get a tenant UI metadata
try {
Get-V2025TenantUiMetadata -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2025TenantUiMetadata -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025TenantUiMetadata"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## set-tenant-ui-metadata
:::warning experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to `true` to use this endpoint.
:::
This API endpoint updates UI metadata for your tenant. These changes may require up to 5 minutes to take effect on the UI.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/set-tenant-ui-metadata)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
| XSailPointExperimental | **String** | True (default to "true") | Use this header to enable this experimental API.
Body | TenantUiMetadataItemUpdateRequest | [**TenantUiMetadataItemUpdateRequest**](../models/tenant-ui-metadata-item-update-request) | True |
### Return type
[**TenantUiMetadataItemResponse**](../models/tenant-ui-metadata-item-response)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | A tenant UI metadata object | TenantUiMetadataItemResponse
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response
403 | Forbidden - Returned if the user you are running as, doesn&#39;t have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$TenantUiMetadataItemUpdateRequest = @"{
"usernameEmptyText" : "Please provide your work email address...",
"usernameLabel" : "Email",
"iframeWhiteList" : "http://example.com http://example2.com"
}"@
# Update tenant UI metadata
try {
$Result = ConvertFrom-JsonToTenantUiMetadataItemUpdateRequest -Json $TenantUiMetadataItemUpdateRequest
Set-V2025TenantUiMetadata -XSailPointExperimental $XSailPointExperimental -TenantUiMetadataItemUpdateRequest $Result
# Below is a request that includes all optional parameters
# Set-V2025TenantUiMetadata -XSailPointExperimental $XSailPointExperimental -TenantUiMetadataItemUpdateRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2025TenantUiMetadata"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

Some files were not shown because too many files have changed in this diff Show More