LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-10 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
feature/addRuleJavaDocs
developer.sailpoint.com/static/api-specs/idn/beta/paths/access-profile.yaml
GitHub Action Bot a48432daa8 Automated commit by github action: 3154861556
2022-09-29 21:59:22 +00:00

195 lines
6.3 KiB
YAML
Raw Permalink Blame History

get:
operationId: getAccessProfile
tags:
- Access Profiles
summary: Get an Access Profile
description: >-
This API returns an Access Profile by its ID.
A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to
call this API.
parameters:
- in: path
name: id
required: true
schema:
type: string
description: >-
ID of the Access Profile
example: 2c9180837ca6693d017ca8d097500149
responses:
'200':
description: An AccessProfile
content:
application/json:
schema:
$ref: '../../v3/schemas/access/AccessProfile.yaml'
'400':
$ref: '../../v3/responses/400.yaml'
'401':
$ref: '../../v3/responses/401.yaml'
'403':
$ref: '../../v3/responses/403.yaml'
'429':
$ref: '../../v3/responses/429.yaml'
'500':
$ref: '../../v3/responses/500.yaml'
security:
- oauth2: [idn:access-profile:read]
patch:
operationId: patchAccessProfile
tags:
- Access Profiles
summary: Patch a specified Access Profile
description: >-
This API updates an existing Access Profile. The following fields are patchable:
**name**, **description**, **enabled**, **owner**, **requestable**,
**accessRequestConfig**, **revokeRequestConfig**, **segments**, **entitlements**, **provisioningCriteria**
> You can only add or replace **entitlements** that exist on the source that the access profile is attached to.
You can use the **list entitlements** endpoint with the **filters** query parameter to get a list of available entitlements on the access profile's source.
> Patching the value of the **requestable** field is only supported for customers enabled with the new Request
Center. Otherwise, attempting to modify this field results in a 400 error.
A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a
SOURCE_SUBADMIN may only use this API to patch Access Profiles which are associated with Sources they are able to
administer.
parameters:
- name: id
in: path
description: ID of the Access Profile to patch
required: true
schema:
type: string
example: 2c91808a7813090a017814121919ecca
requestBody:
content:
application/json-patch+json:
schema:
type: array
items:
$ref: '../schemas/JsonPatchOperation.yaml'
examples:
Add Entitlements:
description: Add one or more entitlements to the end of the list
value:
- op: add
path: /entitlements
value:
- id: 2c9180857725c14301772a93bb77242d
type: ENTITLEMENT
name: AD User Group
Insert Entitlement:
description: Add an entitlement at the beginning of the entitlement list
value:
- op: add
path: /entitlements/0
value:
id: 2c9180857725c14301772a93bb77242d
type: ENTITLEMENT
name: AD User Group
Replace Entitlements:
description: Replace all entitlements with a new list of entitlements
value:
- op: replace
path: /entitlements
value:
- id: 2c9180857725c14301772a93bb77242d
type: ENTITLEMENT
name: AD User Group
Remove Entitlement:
description: Remove the first entitlement in the list
value:
- op: remove
path: /entitlements/0
required: true
responses:
'200':
description: Responds with the Access Profile as updated.
content:
application/json:
schema:
$ref: '../../v3/schemas/access/AccessProfile.yaml'
'400':
$ref: '../../v3/responses/400.yaml'
'401':
$ref: '../../v3/responses/401.yaml'
'403':
$ref: '../../v3/responses/403.yaml'
'429':
$ref: '../../v3/responses/429.yaml'
'500':
$ref: '../../v3/responses/500.yaml'
security:
- oauth2: [idn:access-profile:manage]
delete:
operationId: deleteAccessProfile
tags:
- Access Profiles
summary: Delete the specified Access Profile
description: >-
This API deletes an existing Access Profile.
The Access Profile must not be in use. If it is, a 400 error is returned.
A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to invoke this API. In addition,
a SOURCE_SUBADMIN token must be able to administer the Source associated with the Access Profile.
parameters:
- name: id
in: path
description: ID of the Access Profile to delete
required: true
schema:
type: string
example: 2c91808a7813090a017814121919ecca
responses:
'202':
description: Accepted - Returned if the request was successfully accepted into the system.
content:
application/json:
schema:
$ref: '../../v3/schemas/BaseReferenceDto.yaml'
description: A DTO with a TaskResult reference of the delete job
example:
{
"type": "TASK_RESULT",
"id": "ff8080817e8cc815017e8ce4b6910003",
"name": null
}
'400':
description: Returned when an access profile cannot be deleted as it's being used.
content:
application/json:
schema:
$ref: '../../v3/schemas/ErrorResponseDto.yaml'
examples:
400.2.1.0 Object in use by another:
description: Returned when an access profile cannot be deleted as it's being used
value:
detailCode: 400.2.1.0 Object in use by another
trackingId: c9c1033c55b84ebc9e93e926dcf8b8b3
messages:
- locale: en-US
localeOrigin: DEFAULT
text: The "testAccessProfile" access profile can't be deleted because it's in use.
'401':
$ref: '../../v3/responses/401.yaml'
'403':
$ref: '../../v3/responses/403.yaml'
'429':
$ref: '../../v3/responses/429.yaml'
'500':
$ref: '../../v3/responses/500.yaml'
security:
- oauth2: [idn:access-profile:manage]
Reference in New Issue View Git Blame Copy Permalink