--- id: get-identity-access-summaries sidebar_label: Access Summaries hide_title: true hide_table_of_contents: true api: {"operationId":"getIdentityAccessSummaries","tags":["Certification Summaries"],"description":"This API returns a list of access summaries for the specified identity campaign certification and type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.","parameters":[{"in":"path","name":"id","schema":{"type":"string"},"required":true,"description":"The identity campaign certification ID","example":"ef38f94347e94562b5bb8424a56397d8"},{"in":"path","name":"type","schema":{"type":"string","enum":["ROLE","ACCESS_PROFILE","ENTITLEMENT"]},"required":true,"description":"The type of access review item to retrieve summaries for","example":"ACCESS_PROFILE"},{"in":"query","name":"limit","description":"Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":250,"schema":{"type":"integer","format":"int32","minimum":0,"maximum":250,"default":250}},{"in":"query","name":"offset","description":"Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":0,"schema":{"type":"integer","format":"int32","minimum":0,"default":0}},{"in":"query","name":"count","description":"If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":true,"schema":{"type":"boolean","default":false}},{"in":"query","name":"filters","schema":{"type":"string"},"description":"Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://community.sailpoint.com/t5/IdentityNow-Wiki-API-Standard-Collection-Parameters/ta-p/156407)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*"},{"in":"query","name":"sorters","schema":{"type":"string","format":"comma-separated"},"description":"Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\n\nSorting is supported for the following fields: **access.name**"}],"responses":{"200":{"description":"List of access summaries","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","description":"An object holding the access that is being reviewed","properties":{"access":{"type":"object","properties":{"type":{"type":"string","enum":["ACCOUNT_CORRELATION_CONFIG","ACCESS_PROFILE","ACCESS_REQUEST_APPROVAL","ACCOUNT","APPLICATION","CAMPAIGN","CAMPAIGN_FILTER","CERTIFICATION","CLUSTER","CONNECTOR_SCHEMA","ENTITLEMENT","GOVERNANCE_GROUP","IDENTITY","IDENTITY_PROFILE","IDENTITY_REQUEST","LIFECYCLE_STATE","PASSWORD_POLICY","ROLE","RULE","SOD_POLICY","SOURCE","TAG_CATEGORY","TASK_RESULT","REPORT_RESULT","SOD_VIOLATION","ACCOUNT_ACTIVITY"],"description":"An enumeration of the types of DTOs supported within the IdentityNow infrastructure.","example":"IDENTITY"},"id":{"type":"string","description":"The ID of the item being certified","example":"2c9180867160846801719932c5153fb7"},"name":{"type":"string","description":"The name of the item being certified","example":"Entitlement for Company Database"}}},"entitlement":{"type":"object","nullable":true,"properties":{"id":{"type":"string","description":"The id for the entitlement","example":"2c918085718230600171993742c63558"},"name":{"type":"string","description":"The name of the entitlement","example":"CN=entitlement.bbb7c650"},"description":{"nullable":true,"type":"string","description":"Information about the entitlement","example":"Gives read/write access to the company database"},"privileged":{"type":"boolean","example":false,"description":"Indicates if the entitlement is a privileged entitlement"},"owner":{"type":"object","nullable":true,"properties":{"type":{"type":"string","description":"The type can only be IDENTITY. This is read-only","example":"IDENTITY"},"id":{"type":"string","description":"Identity id.","example":"5168015d32f890ca15812c9180835d2e"},"name":{"type":"string","description":"Human-readable display name of identity. This is read-only","example":"Alison Ferguso"},"email":{"type":"string","description":"Email address of identity. This is read-only","example":"alison.ferguso@identitysoon.com"}}},"attributeName":{"type":"string","description":"The name of the attribute on the source","example":"memberOf"},"attributeValue":{"type":"string","description":"The value of the attribute on the source","example":"CN=entitlement.bbb7c650"},"sourceSchemaObjectType":{"type":"string","description":"The schema object type on the source used to represent the entitlement and its attributes","example":"groups"},"sourceName":{"type":"string","description":"The name of the source for which this entitlement belongs","example":"ODS-AD-Source"},"sourceType":{"type":"string","description":"The type of the source for which the entitlement belongs","example":"Active Directory - Direct"},"hasPermissions":{"type":"boolean","description":"Indicates if the entitlement has permissions","example":false},"isPermission":{"type":"boolean","description":"Indicates if the entitlement is a representation of an account permission","example":false},"revocable":{"type":"boolean","description":"Indicates whether the entitlement can be revoked","example":true},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed"},"account":{"type":"object","nullable":true,"description":"Information about the status of the entitlement","properties":{"nativeIdentity":{"type":"string","description":"The native identity for this account","example":"CN=Alison Ferguso"},"disabled":{"type":"boolean","example":false,"description":"Indicates whether this account is currently disabled"},"locked":{"type":"boolean","example":false,"description":"Indicates whether this account is currently locked"},"type":{"type":"string","enum":["ACCOUNT_CORRELATION_CONFIG","ACCESS_PROFILE","ACCESS_REQUEST_APPROVAL","ACCOUNT","APPLICATION","CAMPAIGN","CAMPAIGN_FILTER","CERTIFICATION","CLUSTER","CONNECTOR_SCHEMA","ENTITLEMENT","GOVERNANCE_GROUP","IDENTITY","IDENTITY_PROFILE","IDENTITY_REQUEST","LIFECYCLE_STATE","PASSWORD_POLICY","ROLE","RULE","SOD_POLICY","SOURCE","TAG_CATEGORY","TASK_RESULT","REPORT_RESULT","SOD_VIOLATION","ACCOUNT_ACTIVITY"],"description":"An enumeration of the types of DTOs supported within the IdentityNow infrastructure.","example":"IDENTITY"},"id":{"nullable":true,"type":"string","description":"The id associated with the account","example":"2c9180857182305e0171993737eb29e6"},"name":{"nullable":true,"type":"string"},"created":{"nullable":true,"type":"string","format":"date-time","description":"When the account was created","example":"2020-04-20T20:11:05.067Z"},"modified":{"nullable":true,"type":"string","format":"date-time","description":"When the account was last modified","example":"2020-05-20T18:57:16.987Z"}}}}},"accessProfile":{"type":"object","properties":{"id":{"type":"string","description":"The id of the Access Profile","example":"2c91808a7190d06e01719938fcd20792"},"name":{"type":"string","description":"Name of the Access Profile","example":"Employee-database-read-write"},"description":{"type":"string","description":"Information about the Access Profile","example":"Collection of entitlements to read/write the employee database"},"privileged":{"type":"boolean","description":"Indicates if the entitlement is a privileged entitlement"},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed"},"endDate":{"nullable":true,"type":"string","format":"date-time","description":"The date at which a user's access expires","example":"2021-12-25T00:00:00.000Z"},"owner":{"type":"object","nullable":true,"properties":{"type":{"type":"string","description":"The type can only be IDENTITY. This is read-only","example":"IDENTITY"},"id":{"type":"string","description":"Identity id.","example":"5168015d32f890ca15812c9180835d2e"},"name":{"type":"string","description":"Human-readable display name of identity. This is read-only","example":"Alison Ferguso"},"email":{"type":"string","description":"Email address of identity. This is read-only","example":"alison.ferguso@identitysoon.com"}},"description":"Owner of the Access Profile"},"entitlements":{"type":"array","description":"A list of entitlements associated with this Access Profile","items":{"type":"object","nullable":true,"properties":{"id":{"type":"string","description":"The id for the entitlement","example":"2c918085718230600171993742c63558"},"name":{"type":"string","description":"The name of the entitlement","example":"CN=entitlement.bbb7c650"},"description":{"nullable":true,"type":"string","description":"Information about the entitlement","example":"Gives read/write access to the company database"},"privileged":{"type":"boolean","example":false,"description":"Indicates if the entitlement is a privileged entitlement"},"owner":{"type":"object","nullable":true,"properties":{"type":{"type":"string","description":"The type can only be IDENTITY. This is read-only","example":"IDENTITY"},"id":{"type":"string","description":"Identity id.","example":"5168015d32f890ca15812c9180835d2e"},"name":{"type":"string","description":"Human-readable display name of identity. This is read-only","example":"Alison Ferguso"},"email":{"type":"string","description":"Email address of identity. This is read-only","example":"alison.ferguso@identitysoon.com"}}},"attributeName":{"type":"string","description":"The name of the attribute on the source","example":"memberOf"},"attributeValue":{"type":"string","description":"The value of the attribute on the source","example":"CN=entitlement.bbb7c650"},"sourceSchemaObjectType":{"type":"string","description":"The schema object type on the source used to represent the entitlement and its attributes","example":"groups"},"sourceName":{"type":"string","description":"The name of the source for which this entitlement belongs","example":"ODS-AD-Source"},"sourceType":{"type":"string","description":"The type of the source for which the entitlement belongs","example":"Active Directory - Direct"},"hasPermissions":{"type":"boolean","description":"Indicates if the entitlement has permissions","example":false},"isPermission":{"type":"boolean","description":"Indicates if the entitlement is a representation of an account permission","example":false},"revocable":{"type":"boolean","description":"Indicates whether the entitlement can be revoked","example":true},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed"},"account":{"type":"object","nullable":true,"description":"Information about the status of the entitlement","properties":{"nativeIdentity":{"type":"string","description":"The native identity for this account","example":"CN=Alison Ferguso"},"disabled":{"type":"boolean","example":false,"description":"Indicates whether this account is currently disabled"},"locked":{"type":"boolean","example":false,"description":"Indicates whether this account is currently locked"},"type":{"type":"string","enum":["ACCOUNT_CORRELATION_CONFIG","ACCESS_PROFILE","ACCESS_REQUEST_APPROVAL","ACCOUNT","APPLICATION","CAMPAIGN","CAMPAIGN_FILTER","CERTIFICATION","CLUSTER","CONNECTOR_SCHEMA","ENTITLEMENT","GOVERNANCE_GROUP","IDENTITY","IDENTITY_PROFILE","IDENTITY_REQUEST","LIFECYCLE_STATE","PASSWORD_POLICY","ROLE","RULE","SOD_POLICY","SOURCE","TAG_CATEGORY","TASK_RESULT","REPORT_RESULT","SOD_VIOLATION","ACCOUNT_ACTIVITY"],"description":"An enumeration of the types of DTOs supported within the IdentityNow infrastructure.","example":"IDENTITY"},"id":{"nullable":true,"type":"string","description":"The id associated with the account","example":"2c9180857182305e0171993737eb29e6"},"name":{"nullable":true,"type":"string"},"created":{"nullable":true,"type":"string","format":"date-time","description":"When the account was created","example":"2020-04-20T20:11:05.067Z"},"modified":{"nullable":true,"type":"string","format":"date-time","description":"When the account was last modified","example":"2020-05-20T18:57:16.987Z"}}}}}},"created":{"type":"string","description":"Date the Access Profile was created.","format":"date-time","example":"2021-01-01T22:32:58.104Z"},"modified":{"type":"string","description":"Date the Access Profile was last modified.","format":"date-time","example":"2021-02-01T22:32:58.104Z"}}},"role":{"type":"object","nullable":true,"properties":{"id":{"type":"string","description":"The id for the Role","example":"2c91808a7190d06e0171993907fd0794"},"name":{"type":"string","description":"The name of the Role","example":"Accounting-Employees"},"description":{"type":"string","description":"Information about the Role","example":"Role for members of the accounting department with the necessary Access Profiles"},"privileged":{"type":"boolean","description":"Indicates if the entitlement is a privileged entitlement"},"owner":{"type":"object","nullable":true,"properties":{"type":{"type":"string","description":"The type can only be IDENTITY. This is read-only","example":"IDENTITY"},"id":{"type":"string","description":"Identity id.","example":"5168015d32f890ca15812c9180835d2e"},"name":{"type":"string","description":"Human-readable display name of identity. This is read-only","example":"Alison Ferguso"},"email":{"type":"string","description":"Email address of identity. This is read-only","example":"alison.ferguso@identitysoon.com"}}},"revocable":{"type":"boolean","description":"Indicates whether the Role can be revoked or requested"},"endDate":{"type":"string","format":"date-time","description":"The date when a user's access expires.","example":"2021-12-25T00:00:00.000Z"},"accessProfiles":{"type":"array","description":"The list of Access Profiles associated with this Role","items":{"type":"object","properties":{"id":{"type":"string","description":"The id of the Access Profile","example":"2c91808a7190d06e01719938fcd20792"},"name":{"type":"string","description":"Name of the Access Profile","example":"Employee-database-read-write"},"description":{"type":"string","description":"Information about the Access Profile","example":"Collection of entitlements to read/write the employee database"},"privileged":{"type":"boolean","description":"Indicates if the entitlement is a privileged entitlement"},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed"},"endDate":{"nullable":true,"type":"string","format":"date-time","description":"The date at which a user's access expires","example":"2021-12-25T00:00:00.000Z"},"owner":{"type":"object","nullable":true,"properties":{"type":{"type":"string","description":"The type can only be IDENTITY. This is read-only","example":"IDENTITY"},"id":{"type":"string","description":"Identity id.","example":"5168015d32f890ca15812c9180835d2e"},"name":{"type":"string","description":"Human-readable display name of identity. This is read-only","example":"Alison Ferguso"},"email":{"type":"string","description":"Email address of identity. This is read-only","example":"alison.ferguso@identitysoon.com"}},"description":"Owner of the Access Profile"},"entitlements":{"type":"array","description":"A list of entitlements associated with this Access Profile","items":{"type":"object","nullable":true,"properties":{"id":{"type":"string","description":"The id for the entitlement","example":"2c918085718230600171993742c63558"},"name":{"type":"string","description":"The name of the entitlement","example":"CN=entitlement.bbb7c650"},"description":{"nullable":true,"type":"string","description":"Information about the entitlement","example":"Gives read/write access to the company database"},"privileged":{"type":"boolean","example":false,"description":"Indicates if the entitlement is a privileged entitlement"},"owner":{"type":"object","nullable":true,"properties":{"type":{"type":"string","description":"The type can only be IDENTITY. This is read-only","example":"IDENTITY"},"id":{"type":"string","description":"Identity id.","example":"5168015d32f890ca15812c9180835d2e"},"name":{"type":"string","description":"Human-readable display name of identity. This is read-only","example":"Alison Ferguso"},"email":{"type":"string","description":"Email address of identity. This is read-only","example":"alison.ferguso@identitysoon.com"}}},"attributeName":{"type":"string","description":"The name of the attribute on the source","example":"memberOf"},"attributeValue":{"type":"string","description":"The value of the attribute on the source","example":"CN=entitlement.bbb7c650"},"sourceSchemaObjectType":{"type":"string","description":"The schema object type on the source used to represent the entitlement and its attributes","example":"groups"},"sourceName":{"type":"string","description":"The name of the source for which this entitlement belongs","example":"ODS-AD-Source"},"sourceType":{"type":"string","description":"The type of the source for which the entitlement belongs","example":"Active Directory - Direct"},"hasPermissions":{"type":"boolean","description":"Indicates if the entitlement has permissions","example":false},"isPermission":{"type":"boolean","description":"Indicates if the entitlement is a representation of an account permission","example":false},"revocable":{"type":"boolean","description":"Indicates whether the entitlement can be revoked","example":true},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed"},"account":{"type":"object","nullable":true,"description":"Information about the status of the entitlement","properties":{"nativeIdentity":{"type":"string","description":"The native identity for this account","example":"CN=Alison Ferguso"},"disabled":{"type":"boolean","example":false,"description":"Indicates whether this account is currently disabled"},"locked":{"type":"boolean","example":false,"description":"Indicates whether this account is currently locked"},"type":{"type":"string","enum":["ACCOUNT_CORRELATION_CONFIG","ACCESS_PROFILE","ACCESS_REQUEST_APPROVAL","ACCOUNT","APPLICATION","CAMPAIGN","CAMPAIGN_FILTER","CERTIFICATION","CLUSTER","CONNECTOR_SCHEMA","ENTITLEMENT","GOVERNANCE_GROUP","IDENTITY","IDENTITY_PROFILE","IDENTITY_REQUEST","LIFECYCLE_STATE","PASSWORD_POLICY","ROLE","RULE","SOD_POLICY","SOURCE","TAG_CATEGORY","TASK_RESULT","REPORT_RESULT","SOD_VIOLATION","ACCOUNT_ACTIVITY"],"description":"An enumeration of the types of DTOs supported within the IdentityNow infrastructure.","example":"IDENTITY"},"id":{"nullable":true,"type":"string","description":"The id associated with the account","example":"2c9180857182305e0171993737eb29e6"},"name":{"nullable":true,"type":"string"},"created":{"nullable":true,"type":"string","format":"date-time","description":"When the account was created","example":"2020-04-20T20:11:05.067Z"},"modified":{"nullable":true,"type":"string","format":"date-time","description":"When the account was last modified","example":"2020-05-20T18:57:16.987Z"}}}}}},"created":{"type":"string","description":"Date the Access Profile was created.","format":"date-time","example":"2021-01-01T22:32:58.104Z"},"modified":{"type":"string","description":"Date the Access Profile was last modified.","format":"date-time","example":"2021-02-01T22:32:58.104Z"}}}}}}}}},"example":[{"access":{"type":"ENTITLEMENT","id":"2c9180857182305e01719937429e2bad","name":"CN=Engineering"},"entitlement":{"id":"2c9180857182305e01719937429e2bad","name":"CN=Engineering","description":"Access to the engineering database","privileged":false,"owner":{"email":"brandon.gray@acme-solar.com","type":"IDENTITY","id":"2c9180867160846801719932c5153fb7","name":"Brandon Gray"},"attributeName":"memberOf","attributeValue":"CN=Engineering","sourceName":"ODS-AD-Source","hasPermissions":true,"revocable":true}}]}}},"400":{"description":"Client Error - Returned if the request body is invalid.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}}}}},"401":{"description":"Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"description":"A message describing the error","example":"JWT validation failed: JWT is expired"}}}}}},"403":{"description":"Forbidden - Returned if the user you are running as, doesn't have access to this end-point.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"403":{"summary":"An example of a 403 response object","value":{"detailCode":"403 Forbidden","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"The server understood the request but refuses to authorize it."}]}}}}}},"404":{"description":"Not Found - returned if the request URL refers to a resource or object that does not exist","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"404":{"summary":"An example of a 404 response object","value":{"detailCode":"404 Not found","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"The server did not find a current representation for the target resource."}]}}}}}},"429":{"description":"Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"description":"A message describing the error","example":" Rate Limit Exceeded "}}}}}},"500":{"description":"Internal Server Error - Returned if there is an unexpected error.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"500":{"summary":"An example of a 500 response object","value":{"detailCode":"500.0 Internal Fault","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"An internal fault occurred."}]}}}}}}},"method":"get","path":"/certifications/{id}/access-summaries/{type}","servers":[{"url":"https://{tenant}.api.identitynow.com/v3","description":"This is the production API server.","variables":{"tenant":{"default":"sailpoint","description":"This is the name of your tenant, typically your company's name."}}}],"security":[{"oauth2":[]}],"securitySchemes":{"oauth2":{"type":"oauth2","description":"OAuth2 Bearer token (JWT). See [IdentityNow REST API Authentication](https://developer.sailpoint.com/docs/authentication.html) for more information.\n- Directions for generating a [personal access token](https://developer.sailpoint.com/docs/authentication.html#personal-access-tokens)\n- Directions using [client credentials flow](https://developer.sailpoint.com/docs/authentication.html#client-credentials-grant-flow)\n- Directions for using [authorization code flow](https://developer.sailpoint.com/docs/authentication.html#authorization-code-grant-flow)\n\nWhich authentication method should I choose? See our [guide](https://developer.sailpoint.com/docs/authentication.html#which-oauth-2-0-grant-flow-should-i-use)\n\nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in our docs](https://developer.sailpoint.com/docs/authentication.html#finding-your-tenant-s-oauth-details)\n","flows":{"clientCredentials":{"tokenUrl":"https://tenant.api.identitynow.com/oauth/token","scopes":{"sp:scopes:default":"default scope","sp:scopes:all":"access to all scopes"}},"authorizationCode":{"authorizationUrl":"https://tenant.identitynow.com/oauth/authorize","tokenUrl":"https://tenant.api.identitynow.com/oauth/token","scopes":{"sp:scopes:default":"default scope","sp:scopes:all":"access to all scopes"}}}}},"info":{"contact":{"email":"developers@sailpoint.com","name":"Developer Relations","url":"https://developer.sailpoint.com/discuss"},"description":"These are the public APIs for SailPoint's SaaS services. We encourage you to join the SailPoint Developer Community forum at https://developer.sailpoint.com/discuss to connect with other developers using our APIs.","title":"SailPoint - SaaS API","version":"3.0.0"},"postman":{"name":"Access Summaries","description":{"content":"This API returns a list of access summaries for the specified identity campaign certification and type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.","type":"text/plain"},"url":{"path":["certifications",":id","access-summaries",":type"],"host":["{{baseUrl}}"],"query":[{"disabled":false,"description":{"content":"Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","type":"text/plain"},"key":"limit","value":""},{"disabled":false,"description":{"content":"Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","type":"text/plain"},"key":"offset","value":""},{"disabled":false,"description":{"content":"If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","type":"text/plain"},"key":"count","value":""},{"disabled":false,"description":{"content":"Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://community.sailpoint.com/t5/IdentityNow-Wiki-API-Standard-Collection-Parameters/ta-p/156407)\n\nFiltering is supported for the following fields and operators:\n\n**completed**: *eq, ne*\n\n**access.id**: *eq, in*\n\n**access.name**: *eq, sw*\n\n**entitlement.sourceName**: *eq, sw*\n\n**accessProfile.sourceName**: *eq, sw*","type":"text/plain"},"key":"filters","value":""},{"disabled":false,"description":{"content":"Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\n\nSorting is supported for the following fields: **access.name**","type":"text/plain"},"key":"sorters","value":""}],"variable":[{"disabled":false,"description":{"content":"(Required) The identity campaign certification ID","type":"text/plain"},"type":"any","value":"","key":"id"},{"disabled":false,"description":{"content":"(Required) The type of access review item to retrieve summaries for","type":"text/plain"},"type":"any","value":"","key":"type"}]},"header":[{"key":"Accept","value":"application/json"}],"method":"GET"}} sidebar_class_name: "get api-method" info_path: docs/sailpoint-api-v3/sail-point-saa-s-api --- import ApiTabs from "@theme/ApiTabs"; import MimeTabs from "@theme/MimeTabs"; import ParamsItem from "@theme/ParamsItem"; import ResponseSamples from "@theme/ResponseSamples"; import SchemaItem from "@theme/SchemaItem" import SchemaTabs from "@theme/SchemaTabs"; import DiscriminatorTabs from "@theme/DiscriminatorTabs"; import TabItem from "@theme/TabItem"; ## Access Summaries This API returns a list of access summaries for the specified identity campaign certification and type. A token with ORG_ADMIN or CERT_ADMIN authority is required to call this API. Reviewers for this certification can also call this API.
Path Parameters
Query Parameters
List of access summaries
Schema array
    access object
    entitlement object
    owner object
    account object
    Information about the status of the entitlement
    accessProfile object
    owner object
    Owner of the Access Profile
    entitlements object[]
    A list of entitlements associated with this Access Profile
    owner object
    account object
    Information about the status of the entitlement
    role object
    owner object
    accessProfiles object[]
    The list of Access Profiles associated with this Role
    owner object
    Owner of the Access Profile
    entitlements object[]
    A list of entitlements associated with this Access Profile
    owner object
    account object
    Information about the status of the entitlement
Client Error - Returned if the request body is invalid.
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
Schema
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Not Found - returned if the request URL refers to a resource or object that does not exist
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
Schema
Internal Server Error - Returned if there is an unexpected error.
Schema
    messages object[]
    Generic localized reason for error
    causes object[]
    Plain-text descriptive reasons to provide additional detail to the text provided in the messages field