--- id: patch-entitlement sidebar_label: Patch a specified Entitlement hide_title: true hide_table_of_contents: true api: {"operationId":"patchEntitlement","tags":["Entitlements"],"description":"This API updates an existing Entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.\n\nThe following fields are patchable: **requestable**, **privileged**, **segments**\n\nA token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.","parameters":[{"name":"id","in":"path","description":"ID of the Entitlement to patch","required":true,"schema":{"type":"string","example":"2c91808a7813090a017814121e121518"}}],"requestBody":{"content":{"application/json-patch+json":{"schema":{"type":"array","items":{"type":"object","description":"A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)","required":["op","path"],"properties":{"op":{"type":"string","description":"The operation to be performed","enum":["add","remove","replace","move","copy","test"],"example":"replace"},"path":{"type":"string","description":"A string JSON Pointer representing the target path to an element to be affected by the operation","example":"/description"},"value":{"anyOf":[{"type":"string"},{"type":"integer"},{"type":"object"},{"type":"array","items":{"anyOf":[{"type":"string"},{"type":"integer"},{"type":"object"}]}}],"description":"The value to be used for the operation, required for \"add\" and \"replace\" operations","example":"New description"}}}},"examples":{"Make an Entitlement Requestable and Privileged in One Call":{"description":"This example shows how multiple fields may be updated with a single patch call.","value":[{"op":"replace","path":"/requestable","value":true},{"op":"replace","path":"/privileged","value":true}]},"Assign an Entitlement to a Segment":{"description":"This example illustrates the use of patch to assign an Entitlement to a Segment by adding the Segment's ID to the Entitlement's segments array.","value":[{"op":"add","path":"/segments/-","value":"f7b1b8a3-5fed-4fd4-ad29-82014e137e19"}]}}}}},"responses":{"200":{"description":"Responds with the Entitlement as updated.","content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string","description":"The entitlement id","example":"2c91808874ff91550175097daaec161c"},"name":{"type":"string","description":"The entitlement name","example":"LauncherTestGroup2"},"attribute":{"type":"string","description":"The entitlement attribute name","example":"memberOf"},"value":{"type":"string","description":"The value of the entitlement","example":"CN=LauncherTestGroup2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local"},"sourceSchemaObjectType":{"type":"string","description":"The object type of the entitlement from the source schema","example":"group"},"description":{"type":"string","description":"The description of the entitlement","example":"CN=LauncherTestGroup2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local"},"privileged":{"type":"boolean","description":"True if the entitlement is privileged","example":true},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed","example":true},"created":{"type":"string","description":"Time when the entitlement was created","format":"date-time","example":"2020-10-08T18:33:52.029Z"},"modified":{"type":"string","description":"Time when the entitlement was last modified","format":"date-time","example":"2020-10-08T18:33:52.029Z"},"source":{"type":"object","properties":{"id":{"type":"string","description":"The source ID","example":"2c9180827ca885d7017ca8ce28a000eb"},"type":{"type":"string","description":"The source type, will always be \"SOURCE\"","example":"SOURCE"},"name":{"type":"string","description":"The source name","example":"ODS-AD-Source"}},"example":[{"type":"SOURCE","id":"2c9180835d191a86015d28455b4b232a","name":"HR Active Directory"}]},"attributes":{"type":"object","description":"A map of free-form key-value pairs from the source system","example":{"fieldName":"fieldValue"},"additionalProperties":true},"segments":{"type":"array","items":{"type":"string"},"nullable":true,"description":"List of IDs of segments, if any, to which this Entitlement is assigned.","example":["f7b1b8a3-5fed-4fd4-ad29-82014e137e19","29cb6c06-1da8-43ea-8be4-b3125f248f2a"]},"directPermissions":{"type":"array","items":{"type":"object","description":"Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.","properties":{"rights":{"type":"array","description":"All the rights (e.g. actions) that this permission allows on the target","readOnly":true,"items":{"type":"string","example":"SELECT"}},"target":{"type":"string","description":"The target the permission would grants rights on.","readOnly":true,"example":"SYS.GV_$TRANSACTION"}}}}}}}}},"400":{"description":"Client Error - Returned if the request body is invalid.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}}}}},"401":{"description":"Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"description":"A message describing the error","example":"JWT validation failed: JWT is expired"}}}}}},"403":{"description":"Forbidden - Returned if the user you are running as, doesn't have access to this end-point.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"403":{"summary":"An example of a 403 response object","value":{"detailCode":"403 Forbidden","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"The server understood the request but refuses to authorize it."}]}}}}}},"404":{"description":"Not Found - returned if the request URL refers to a resource or object that does not exist","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"404":{"summary":"An example of a 404 response object","value":{"detailCode":"404 Not found","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"The server did not find a current representation for the target resource."}]}}}}}},"429":{"description":"Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"description":"A message describing the error","example":" Rate Limit Exceeded "}}}}}},"500":{"description":"Internal Server Error - Returned if there is an unexpected error.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"500":{"summary":"An example of a 500 response object","value":{"detailCode":"500.0 Internal Fault","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"An internal fault occurred."}]}}}}}}},"method":"patch","path":"/entitlements","servers":[{"url":"https://{tenant}.api.identitynow.com/beta","description":"This is the beta API server.","variables":{"tenant":{"default":"sailpoint","description":"This is the name of your tenant, typically your company's name."}}}],"security":[{"oauth2":[]}],"securitySchemes":{"oauth2":{"type":"oauth2","description":"OAuth2 Bearer token (JWT). See [IdentityNow REST API Authentication](https://developer.sailpoint.com/docs/authentication.html) for more information.\n- Directions for generating a [personal access token](https://developer.sailpoint.com/docs/authentication.html#personal-access-tokens)\n- Directions using [client credentials flow](https://developer.sailpoint.com/docs/authentication.html#client-credentials-grant-flow)\n- Directions for using [authorization code flow](https://developer.sailpoint.com/docs/authentication.html#authorization-code-grant-flow)\n\nWhich authentication method should I choose? See our [guide](https://developer.sailpoint.com/docs/authentication.html#which-oauth-2-0-grant-flow-should-i-use)\n\nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in our docs](https://developer.sailpoint.com/docs/authentication.html#finding-your-tenant-s-oauth-details)\n","flows":{"clientCredentials":{"tokenUrl":"https://tenant.api.identitynow.com/oauth/token","scopes":{"sp:scopes:default":"default scope","sp:scopes:all":"access to all scopes"}},"authorizationCode":{"authorizationUrl":"https://tenant.identitynow.com/oauth/authorize","tokenUrl":"https://tenant.api.identitynow.com/oauth/token","scopes":{"sp:scopes:default":"default scope","sp:scopes:all":"access to all scopes"}}}}},"jsonRequestBodyExample":[{"op":"replace","path":"/description","value":"New description"}],"info":{"contact":{"email":"developers@sailpoint.com","name":"Developer Relations","url":"https://developer.sailpoint.com/discuss"},"description":"These are the public, beta APIs for SailPoint's SaaS services and are subject to change.","title":"SailPoint - Beta SaaS API","version":"3.1.0-beta"},"postman":{"name":"Patch a specified Entitlement","description":{"content":"This API updates an existing Entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.\n\nThe following fields are patchable: **requestable**, **privileged**, **segments**\n\nA token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.","type":"text/plain"},"url":{"path":["entitlements"],"host":["{{baseUrl}}"],"query":[],"variable":[{"disabled":false,"description":{"content":"(Required) ID of the Entitlement to patch","type":"text/plain"},"type":"any","value":"","key":"id"}]},"header":[{"key":"Content-Type","value":"application/json-patch+json"},{"key":"Accept","value":"application/json"}],"method":"PATCH","body":{"mode":"raw","raw":"\"\"","options":{"raw":{"language":"json"}}}}} sidebar_class_name: "patch api-method" info_path: docs/sailpoint-api-beta/sail-point-beta-saa-s-api --- import ApiTabs from "@theme/ApiTabs"; import MimeTabs from "@theme/MimeTabs"; import ParamsItem from "@theme/ParamsItem"; import ResponseSamples from "@theme/ResponseSamples"; import SchemaItem from "@theme/SchemaItem" import SchemaTabs from "@theme/SchemaTabs"; import DiscriminatorTabs from "@theme/DiscriminatorTabs"; import TabItem from "@theme/TabItem"; ## Patch a specified Entitlement This API updates an existing Entitlement using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: **requestable**, **privileged**, **segments** A token with ORG_ADMIN or SOURCE_ADMIN authority is required to call this API.
Path Parameters
Request Body array
    value object
    The value to be used for the operation, required for "add" and "replace" operations
  • anyOf
  • string
  • integer
  • anyOf
  • string
  • integer
Responds with the Entitlement as updated.
Schema
    source object
    attributes object
    A map of free-form key-value pairs from the source system
    directPermissions object[]
Client Error - Returned if the request body is invalid.
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
Schema
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Not Found - returned if the request URL refers to a resource or object that does not exist
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
Schema
Internal Server Error - Returned if there is an unexpected error.
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field