LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update to powershell SDK docs: 15001529666

Browse Source
This commit is contained in:
developer-relations-sp
2025-05-13 16:13:23 +00:00
parent 61c7777124
commit fe184ae8e8
37 changed files with 6397 additions and 6370 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaAccessRequestsApi.md
View File

@@ -185,7 +185,8 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields. These fields should be used within the 'requestedItems' section for the revoke requests.
* Usage of 'requestedForWithRequestedItems' field is not supported for revoke requests.
[API Spec](https://developer.sailpoint.com/docs/api/beta/create-access-request)
@@ -306,9 +307,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -336,9 +335,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
@@ -369,9 +366,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -399,9 +394,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
} ]
}"@

47
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaAccountsApi.md
View File

@@ -63,6 +63,9 @@ Method | HTTP request | Description
## create-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
Submits an account creation task - the API then returns the task ID.
The `sourceId` where this account will be created must be included in the `attributes` object.
@@ -129,6 +132,9 @@ try {
[[Back to top]](#)
## delete-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
Use this API to delete an account.
This endpoint submits an account delete task and returns the task ID.
This endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you [disable accounts](https://developer.sailpoint.com/idn/api/v3/disable-account) rather than delete them. This will also allow you to reenable the accounts in the future.
@@ -230,6 +236,9 @@ try {
[[Back to top]](#)
## disable-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits a task to disable the account and returns the task ID.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.
@@ -283,6 +292,9 @@ try {
[[Back to top]](#)
## disable-account-for-identity
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits a task to disable IDN account for a single identity.
[API Spec](https://developer.sailpoint.com/docs/api/beta/disable-account-for-identity)
@@ -329,6 +341,9 @@ try {
[[Back to top]](#)
## disable-accounts-for-identities
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits tasks to disable IDN account for each identity provided in the request body.
[API Spec](https://developer.sailpoint.com/docs/api/beta/disable-accounts-for-identities)
@@ -377,6 +392,9 @@ try {
[[Back to top]](#)
## enable-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits a task to enable account and returns the task ID.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.
@@ -430,6 +448,9 @@ try {
[[Back to top]](#)
## enable-account-for-identity
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits a task to enable IDN account for a single identity.
[API Spec](https://developer.sailpoint.com/docs/api/beta/enable-account-for-identity)
@@ -476,6 +497,9 @@ try {
[[Back to top]](#)
## enable-accounts-for-identities
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits tasks to enable IDN account for each identity provided in the request body.
[API Spec](https://developer.sailpoint.com/docs/api/beta/enable-accounts-for-identities)
@@ -524,6 +548,9 @@ try {
[[Back to top]](#)
## get-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
Use this API to return the details for a single account by its ID.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.
@@ -571,6 +598,9 @@ try {
[[Back to top]](#)
## get-account-entitlements
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API returns entitlements of the account.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.
@@ -624,7 +654,10 @@ try {
[[Back to top]](#)
## list-accounts
List accounts.
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
List accounts.
[API Spec](https://developer.sailpoint.com/docs/api/beta/list-accounts)
@@ -679,6 +712,9 @@ try {
[[Back to top]](#)
## put-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
Use this API to update an account with a PUT request.
This endpoint submits an account update task and returns the task ID.
@@ -743,6 +779,9 @@ try {
[[Back to top]](#)
## submit-reload-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.
@@ -790,6 +829,9 @@ try {
[[Back to top]](#)
## unlock-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits a task to unlock an account and returns the task ID.
To use this endpoint to unlock an account that has the `forceProvisioning` option set to true, the `idn:accounts-provisioning:manage` scope is required.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.
@@ -845,6 +887,9 @@ try {
[[Back to top]](#)
## update-account
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
Use this API to update account details.
A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.

6
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaPublicIdentitiesConfigApi.md
View File

@@ -32,6 +32,9 @@ Method | HTTP request | Description
## get-public-identity-config
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets details of public identity config.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-public-identity-config)
@@ -75,6 +78,9 @@ try {
[[Back to top]](#)
## update-public-identity-config
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This updates the details of public identity config.
[API Spec](https://developer.sailpoint.com/docs/api/beta/update-public-identity-config)

191
docs/tools/sdk/powershell/Reference/Beta/Methods/BetaWorkItemsApi.md
View File

@@ -34,7 +34,6 @@ Method | HTTP request | Description
[**Approve-BetaApprovalItem**](#approve-approval-item) | **POST** `/work-items/{id}/approve/{approvalItemId}` | Approve an Approval Item
[**Approve-BetaApprovalItemsInBulk**](#approve-approval-items-in-bulk) | **POST** `/work-items/bulk-approve/{id}` | Bulk approve Approval Items
[**Complete-BetaWorkItem**](#complete-work-item) | **POST** `/work-items/{id}` | Complete a Work Item
[**Invoke-BetaForwardWorkItem**](#forward-work-item) | **POST** `/work-items/{id}/forward` | Forward a Work Item
[**Get-BetaCompletedWorkItems**](#get-completed-work-items) | **GET** `/work-items/completed` | Completed Work Items
[**Get-BetaCountCompletedWorkItems**](#get-count-completed-work-items) | **GET** `/work-items/completed/count` | Count Completed Work Items
[**Get-BetaCountWorkItems**](#get-count-work-items) | **GET** `/work-items/count` | Count Work Items
@@ -44,9 +43,13 @@ Method | HTTP request | Description
[**Deny-BetaApprovalItem**](#reject-approval-item) | **POST** `/work-items/{id}/reject/{approvalItemId}` | Reject an Approval Item
[**Deny-BetaApprovalItemsInBulk**](#reject-approval-items-in-bulk) | **POST** `/work-items/bulk-reject/{id}` | Bulk reject Approval Items
[**Submit-BetaAccountSelection**](#submit-account-selection) | **POST** `/work-items/{id}/submit-account-selection` | Submit Account Selections
[**Submit-BetaForwardWorkItem**](#submit-forward-work-item) | **POST** `/work-items/{id}/forward` | Forward a Work Item
## approve-approval-item
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API approves an Approval Item. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/approve-approval-item)
@@ -64,9 +67,12 @@ Path | ApprovalItemId | **String** | True | The ID of the approval item.
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -92,6 +98,9 @@ try {
[[Back to top]](#)
## approve-approval-items-in-bulk
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API bulk approves Approval Items. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/approve-approval-items-in-bulk)
@@ -108,9 +117,12 @@ Path | Id | **String** | True | The ID of the work item
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -135,6 +147,9 @@ try {
[[Back to top]](#)
## complete-work-item
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API completes a work item. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/complete-work-item)
@@ -182,59 +197,10 @@ try {
```
[[Back to top]](#)
## forward-work-item
This API forwards a work item to a new owner. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/forward-work-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
Body | WorkItemForward | [**WorkItemForward**](../models/work-item-forward) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Success, but no data is returned. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
$WorkItemForward = @"{
"targetOwnerId" : "2c9180835d2e5168015d32f890ca1581",
"comment" : "I'm going on vacation.",
"sendNotifications" : true
}"@
# Forward a Work Item
try {
$Result = ConvertFrom-JsonToWorkItemForward -Json $WorkItemForward
Invoke-BetaForwardWorkItem -Id $Id -WorkItemForward $Result
# Below is a request that includes all optional parameters
# Invoke-BetaForwardWorkItem -Id $Id -WorkItemForward $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-BetaForwardWorkItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-completed-work-items
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets a collection of completed work items belonging to either the specified user(admin required), or the current user.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-completed-work-items)
@@ -254,9 +220,12 @@ Param Type | Name | Data Type | Required | Description
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of completed work items. | WorkItems[]
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -264,7 +233,7 @@ Code | Description | Data Type
### Example
```powershell
$OwnerId = "MyOwnerId" # String | The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request. (optional)
$OwnerId = "2c91808571bcfcf80171c23e4b4221fc" # String | The id of the owner of the work item list being requested. Either an admin, or the owning/current user must make this request. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
@@ -284,6 +253,9 @@ try {
[[Back to top]](#)
## get-count-completed-work-items
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets a count of completed work items belonging to either the specified user(admin required), or the current user.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-count-completed-work-items)
@@ -292,6 +264,8 @@ This gets a count of completed work items belonging to either the specified user
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Query | OwnerId | **String** | (optional) | ID of the work item owner.
Query | Limit | **Int32** | (optional) (default to 250) | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
Query | Offset | **Int32** | (optional) (default to 0) | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
### Return type
[**WorkItemsCount[]**](../models/work-items-count)
@@ -300,9 +274,12 @@ Param Type | Name | Data Type | Required | Description
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItemsCount[]
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -310,7 +287,9 @@ Code | Description | Data Type
### Example
```powershell
$OwnerId = "MyOwnerId" # String | ID of the work item owner. (optional)
$OwnerId = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the work item owner. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# Count Completed Work Items
@@ -318,7 +297,7 @@ try {
Get-BetaCountCompletedWorkItems
# Below is a request that includes all optional parameters
# Get-BetaCountCompletedWorkItems -OwnerId $OwnerId
# Get-BetaCountCompletedWorkItems -OwnerId $OwnerId -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaCountCompletedWorkItems"
Write-Host $_.ErrorDetails
@@ -327,6 +306,9 @@ try {
[[Back to top]](#)
## get-count-work-items
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets a count of work items belonging to either the specified user(admin required), or the current user.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-count-work-items)
@@ -343,9 +325,12 @@ Param Type | Name | Data Type | Required | Description
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItemsCount
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -353,7 +338,7 @@ Code | Description | Data Type
### Example
```powershell
$OwnerId = "MyOwnerId" # String | ID of the work item owner. (optional)
$OwnerId = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the work item owner. (optional)
# Count Work Items
@@ -370,6 +355,9 @@ try {
[[Back to top]](#)
## get-work-item
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets the details of a Work Item belonging to either the specified user(admin required), or the current user.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-work-item)
@@ -418,6 +406,9 @@ try {
[[Back to top]](#)
## get-work-items-summary
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets a summary of work items belonging to either the specified user(admin required), or the current user.
[API Spec](https://developer.sailpoint.com/docs/api/beta/get-work-items-summary)
@@ -434,9 +425,12 @@ Param Type | Name | Data Type | Required | Description
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItemsSummary
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -444,7 +438,7 @@ Code | Description | Data Type
### Example
```powershell
$OwnerId = "MyOwnerId" # String | ID of the work item owner. (optional)
$OwnerId = "ef38f94347e94562b5bb8424a56397d8" # String | ID of the work item owner. (optional)
# Work Items Summary
@@ -461,6 +455,9 @@ try {
[[Back to top]](#)
## list-work-items
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This gets a collection of work items belonging to either the specified user(admin required), or the current user.
[API Spec](https://developer.sailpoint.com/docs/api/beta/list-work-items)
@@ -480,9 +477,12 @@ Param Type | Name | Data Type | Required | Description
Code | Description | Data Type
------------- | ------------- | -------------
200 | List of work items | WorkItems[]
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -493,7 +493,7 @@ Code | Description | Data Type
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$OwnerId = "MyOwnerId" # String | ID of the work item owner. (optional)
$OwnerId = "ef38f94347e94562b5bb8424a56397d8" # String | ID of the work item owner. (optional)
# List Work Items
@@ -510,6 +510,9 @@ try {
[[Back to top]](#)
## reject-approval-item
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API rejects an Approval Item. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/reject-approval-item)
@@ -527,9 +530,12 @@ Path | ApprovalItemId | **String** | True | The ID of the approval item.
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -555,6 +561,9 @@ try {
[[Back to top]](#)
## reject-approval-items-in-bulk
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API bulk rejects Approval Items. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/reject-approval-items-in-bulk)
@@ -571,9 +580,12 @@ Path | Id | **String** | True | The ID of the work item
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
@@ -598,6 +610,9 @@ try {
[[Back to top]](#)
## submit-account-selection
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API submits account selections. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/submit-account-selection)
@@ -615,9 +630,12 @@ Path | Id | **String** | True | The ID of the work item
Code | Description | Data Type
------------- | ------------- | -------------
200 | A work items details object. | WorkItems
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
@@ -642,3 +660,58 @@ try {
}
```
[[Back to top]](#)
## submit-forward-work-item
:::caution deprecated
This endpoint has been deprecated and may be replaced or removed in future versions of the API.
:::
This API forwards a work item to a new owner. Either an admin, or the owning/current user must make this request.
[API Spec](https://developer.sailpoint.com/docs/api/beta/submit-forward-work-item)
### Parameters
Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
Path | Id | **String** | True | The ID of the work item
Body | WorkItemForward | [**WorkItemForward**](../models/work-item-forward) | True |
### Return type
(empty response body)
### Responses
Code | Description | Data Type
------------- | ------------- | -------------
200 | Success, but no data is returned. |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the work item
$WorkItemForward = @"{
"targetOwnerId" : "2c9180835d2e5168015d32f890ca1581",
"comment" : "I'm going on vacation.",
"sendNotifications" : true
}"@
# Forward a Work Item
try {
$Result = ConvertFrom-JsonToWorkItemForward -Json $WorkItemForward
Submit-BetaForwardWorkItem -Id $Id -WorkItemForward $Result
# Below is a request that includes all optional parameters
# Submit-BetaForwardWorkItem -Id $Id -WorkItemForward $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Submit-BetaForwardWorkItem"
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/Beta/Models/AccessRequest.md
View File

@@ -20,7 +20,7 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request * Only for use in GRANT_ACCESS type requests | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/Beta/Models/AccessRequestItem.md
View File

@@ -22,7 +22,7 @@ Name | Type | Description | Notes
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The unique identifier for an account on the identity, designated as the account ID attribute in the source's account schema. This is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/Beta/Models/AccountUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$AccountUsage = Initialize-BetaAccountUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$AccountUsage = Initialize-BetaAccountUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10
```

4
docs/tools/sdk/powershell/Reference/Beta/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -51,8 +51,8 @@ $NonEmployeeRequestWithoutApprovalItem = Initialize-BetaNonEmployeeRequestWithou
-ApprovalStatus null `
-Comment approved `
-CompletionDate 2020-03-24T11:11:41.139-05:00 `
-StartDate Mon Mar 23 20:00:00 EDT 2020 `
-EndDate Wed Mar 24 20:00:00 EDT 2021 `
-StartDate Tue Mar 24 00:00:00 UTC 2020 `
-EndDate Thu Mar 25 00:00:00 UTC 2021 `
-Modified 2020-03-24T11:11:41.139-05:00 `
-Created 2020-03-24T11:11:41.139-05:00
```

4
docs/tools/sdk/powershell/Reference/Beta/Models/RequestedItemDtoRef.md
View File

@@ -21,8 +21,6 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
@@ -34,8 +32,6 @@ $RequestedItemDtoRef = Initialize-BetaRequestedItemDtoRef -Type ACCESS_PROFILE
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```

2
docs/tools/sdk/powershell/Reference/Beta/Models/SourceUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$SourceUsage = Initialize-BetaSourceUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$SourceUsage = Initialize-BetaSourceUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10.45
```

19
docs/tools/sdk/powershell/Reference/V2024/Methods/V2024AccessRequestsApi.md
View File

@@ -295,7 +295,8 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields. These fields should be used within the 'requestedItems' section for the revoke requests.
* Usage of 'requestedForWithRequestedItems' field is not supported for revoke requests.
[API Spec](https://developer.sailpoint.com/docs/api/v2024/create-access-request)
@@ -416,9 +417,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -446,9 +445,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
@@ -479,9 +476,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -509,9 +504,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
} ]
}"@

2
docs/tools/sdk/powershell/Reference/V2024/Models/AccessRequest.md
View File

@@ -20,7 +20,7 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request * Only for use in GRANT_ACCESS type requests | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/V2024/Models/AccessRequestItem.md
View File

@@ -22,7 +22,7 @@ Name | Type | Description | Notes
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The unique identifier for an account on the identity, designated as the account ID attribute in the source's account schema. This is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/V2024/Models/AccountUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$AccountUsage = Initialize-V2024AccountUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$AccountUsage = Initialize-V2024AccountUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10
```

4
docs/tools/sdk/powershell/Reference/V2024/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -51,8 +51,8 @@ $NonEmployeeRequestWithoutApprovalItem = Initialize-V2024NonEmployeeRequestWitho
-ApprovalStatus null `
-Comment approved `
-CompletionDate 2020-03-24T11:11:41.139-05:00 `
-StartDate Mon Mar 23 20:00:00 EDT 2020 `
-EndDate Wed Mar 24 20:00:00 EDT 2021 `
-StartDate Tue Mar 24 00:00:00 UTC 2020 `
-EndDate Thu Mar 25 00:00:00 UTC 2021 `
-Modified 2020-03-24T11:11:41.139-05:00 `
-Created 2020-03-24T11:11:41.139-05:00
```

4
docs/tools/sdk/powershell/Reference/V2024/Models/RequestedItemDtoRef.md
View File

@@ -21,8 +21,6 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
@@ -34,8 +32,6 @@ $RequestedItemDtoRef = Initialize-V2024RequestedItemDtoRef -Type ACCESS_PROFILE
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```

2
docs/tools/sdk/powershell/Reference/V2024/Models/SourceUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$SourceUsage = Initialize-V2024SourceUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$SourceUsage = Initialize-V2024SourceUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10.45
```

39
docs/tools/sdk/powershell/Reference/V2025/Methods/V2025AccessRequestsApi.md
View File

@@ -296,7 +296,8 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields. These fields should be used within the 'requestedItems' section for the revoke requests.
* Usage of 'requestedForWithRequestedItems' field is not supported for revoke requests.
[API Spec](https://developer.sailpoint.com/docs/api/v2025/create-access-request)
@@ -340,7 +341,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -349,7 +352,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -358,7 +363,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -367,7 +374,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -376,7 +385,9 @@ $AccessRequest = @"{
"removeDate" : "2020-07-11T21:23:15Z",
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE"
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
} ],
"requestedForWithRequestedItems" : [ {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
@@ -407,9 +418,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -437,9 +446,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
@@ -470,9 +477,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -500,9 +505,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
} ]
}"@

2
docs/tools/sdk/powershell/Reference/V2025/Models/AccessRequest.md
View File

@@ -20,7 +20,7 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request * Only for use in GRANT_ACCESS type requests | [optional]
## Examples

6
docs/tools/sdk/powershell/Reference/V2025/Models/AccessRequestItem.md
View File

@@ -21,6 +21,8 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The unique identifier for an account on the identity, designated as the account ID attribute in the source's account schema. This is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples
@@ -30,7 +32,9 @@ $AccessRequestItem = Initialize-V2025AccessRequestItem -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN
```
- Convert the resource to JSON

47
docs/tools/sdk/powershell/Reference/V2025/Models/AccessRequestItem1.md
View File

@@ -1,47 +0,0 @@
---
id: v2025-access-request-item1
title: AccessRequestItem1
pagination_label: AccessRequestItem1
sidebar_label: AccessRequestItem1
sidebar_class_name: powershellsdk
keywords: ['powershell', 'PowerShell', 'sdk', 'AccessRequestItem1', 'V2025AccessRequestItem1']
slug: /tools/sdk/powershell/v2025/models/access-request-item1
tags: ['SDK', 'Software Development Kit', 'AccessRequestItem1', 'V2025AccessRequestItem1']
---
# AccessRequestItem1
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**Type** | **Enum** [ "ACCESS_PROFILE", "ROLE", "ENTITLEMENT" ] | The type of the item being requested. | [required]
**Id** | **String** | ID of Role, Access Profile or Entitlement being requested. | [required]
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples
- Prepare the resource
```powershell
$AccessRequestItem1 = Initialize-V2025AccessRequestItem1 -Type ACCESS_PROFILE `
-Id 2c9180835d2e5168015d32f890ca1581 `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN
```
- Convert the resource to JSON
```powershell
$AccessRequestItem1 | ConvertTo-JSON
```
[[Back to top]](#)

2
docs/tools/sdk/powershell/Reference/V2025/Models/AccountUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$AccountUsage = Initialize-V2025AccountUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$AccountUsage = Initialize-V2025AccountUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10
```

2
docs/tools/sdk/powershell/Reference/V2025/Models/AccountsSelectionRequest.md
View File

@@ -18,7 +18,7 @@ Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**RequestedFor** | **[]String** | A list of Identity IDs for whom the Access is requested. | [required]
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem1**](access-request-item1) | | [required]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
## Examples

4
docs/tools/sdk/powershell/Reference/V2025/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -51,8 +51,8 @@ $NonEmployeeRequestWithoutApprovalItem = Initialize-V2025NonEmployeeRequestWitho
-ApprovalStatus null `
-Comment approved `
-CompletionDate 2020-03-24T11:11:41.139-05:00 `
-StartDate Mon Mar 23 20:00:00 EDT 2020 `
-EndDate Wed Mar 24 20:00:00 EDT 2021 `
-StartDate Tue Mar 24 00:00:00 UTC 2020 `
-EndDate Thu Mar 25 00:00:00 UTC 2021 `
-Modified 2020-03-24T11:11:41.139-05:00 `
-Created 2020-03-24T11:11:41.139-05:00
```

4
docs/tools/sdk/powershell/Reference/V2025/Models/RequestedItemDtoRef.md
View File

@@ -21,8 +21,6 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
@@ -34,8 +32,6 @@ $RequestedItemDtoRef = Initialize-V2025RequestedItemDtoRef -Type ACCESS_PROFILE
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```

2
docs/tools/sdk/powershell/Reference/V2025/Models/SourceUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$SourceUsage = Initialize-V2025SourceUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$SourceUsage = Initialize-V2025SourceUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10.45
```

19
docs/tools/sdk/powershell/Reference/V3/Methods/AccessRequestsApi.md
View File

@@ -122,7 +122,8 @@ __REVOKE_ACCESS__
* Revoke requests for entitlements are limited to 1 entitlement per access request currently.
* You can specify a `removeDate` if the access doesn't already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.
* Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields.
* Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of 'assignmentId' and 'nativeIdentity' fields. These fields should be used within the 'requestedItems' section for the revoke requests.
* Usage of 'requestedForWithRequestedItems' field is not supported for revoke requests.
[API Spec](https://developer.sailpoint.com/docs/api/v3/create-access-request)
@@ -243,9 +244,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -273,9 +272,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
}, {
"identityId" : "cb89bc2f1ee6445fbea12224c526ba3a",
@@ -306,9 +303,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
}, {
"clientMetadata" : {
"requestedAppName" : "test-app",
@@ -336,9 +331,7 @@ $AccessRequest = @"{
} ],
"comment" : "Requesting access profile for John Doe",
"id" : "2c9180835d2e5168015d32f890ca1581",
"type" : "ACCESS_PROFILE",
"assignmentId" : "ee48a191c00d49bf9264eb0a4fc3a9fc",
"nativeIdentity" : "CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN"
"type" : "ACCESS_PROFILE"
} ]
} ]
}"@

2
docs/tools/sdk/powershell/Reference/V3/Models/AccessRequest.md
View File

@@ -20,7 +20,7 @@ Name | Type | Description | Notes
**RequestType** | [**AccessRequestType**](access-request-type) | | [optional]
**RequestedItems** | [**[]AccessRequestItem**](access-request-item) | | [required]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities. | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request | [optional]
**RequestedForWithRequestedItems** | [**[]RequestedForDtoRef**](requested-for-dto-ref) | Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when 'requestedFor' and 'requestedItems' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request * Only for use in GRANT_ACCESS type requests | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/V3/Models/AccessRequestItem.md
View File

@@ -22,7 +22,7 @@ Name | Type | Description | Notes
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The unique identifier for an account on the identity, designated as the account ID attribute in the source's account schema. This is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
## Examples

2
docs/tools/sdk/powershell/Reference/V3/Models/AccountUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$AccountUsage = Initialize-AccountUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$AccountUsage = Initialize-AccountUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10
```

4
docs/tools/sdk/powershell/Reference/V3/Models/NonEmployeeRequestWithoutApprovalItem.md
View File

@@ -51,8 +51,8 @@ $NonEmployeeRequestWithoutApprovalItem = Initialize-NonEmployeeRequestWithoutApp
-ApprovalStatus null `
-Comment approved `
-CompletionDate 2020-03-24T11:11:41.139-05:00 `
-StartDate Mon Mar 23 20:00:00 EDT 2020 `
-EndDate Wed Mar 24 20:00:00 EDT 2021 `
-StartDate Tue Mar 24 00:00:00 UTC 2020 `
-EndDate Thu Mar 25 00:00:00 UTC 2021 `
-Modified 2020-03-24T11:11:41.139-05:00 `
-Created 2020-03-24T11:11:41.139-05:00
```

4
docs/tools/sdk/powershell/Reference/V3/Models/RequestedItemDtoRef.md
View File

@@ -21,8 +21,6 @@ Name | Type | Description | Notes
**Comment** | **String** | Comment provided by requester. * Comment is required when the request is of type Revoke Access. | [optional]
**ClientMetadata** | **map[string]String** | Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status. | [optional]
**RemoveDate** | **System.DateTime** | The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. | [optional]
**AssignmentId** | **String** | The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. | [optional]
**NativeIdentity** | **String** | The 'distinguishedName' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. | [optional]
**AccountSelection** | [**[]SourceItemRef**](source-item-ref) | The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account | [optional]
## Examples
@@ -34,8 +32,6 @@ $RequestedItemDtoRef = Initialize-RequestedItemDtoRef -Type ACCESS_PROFILE `
-Comment Requesting access profile for John Doe `
-ClientMetadata {requestedAppName=test-app, requestedAppId=2c91808f7892918f0178b78da4a305a1} `
-RemoveDate 2020-07-11T21:23:15Z `
-AssignmentId ee48a191c00d49bf9264eb0a4fc3a9fc `
-NativeIdentity CN=User db3377de14bf,OU=YOURCONTAINER, DC=YOURDOMAIN `
-AccountSelection null
```

2
docs/tools/sdk/powershell/Reference/V3/Models/SourceUsage.md
View File

@@ -23,7 +23,7 @@ Name | Type | Description | Notes
- Prepare the resource
```powershell
$SourceUsage = Initialize-SourceUsage -Date Thu Apr 20 20:00:00 EDT 2023 `
$SourceUsage = Initialize-SourceUsage -Date Fri Apr 21 00:00:00 UTC 2023 `
-Count 10.45
```