The API returns successful response if the requested identity was deleted.
Parameters
Param Type
Name
Data Type
Required
Description
Path
Id
String
True
Identity Id
Return type
(empty response body)
Responses
Code
Description
Data Type
204
No content - indicates the request was successful but there is no content to be returned in the response.
400
Client Error - Returned if the request is invalid. It may indicate that the specified identity is marked as protected and cannot be deleted.
IdentityAssociationDetails
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$Id="ef38f94347e94562b5bb8424a56397d8"# String | Identity Id# Delete identitytry{Remove-BetaIdentity-BetaId$Id# Below is a request that includes all optional parameters# Remove-BetaIdentity -BetaId $Id }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Remove-BetaIdentity"Write-Host$_.ErrorDetails}
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$Id="ef38f94347e94562b5bb8424a56397d8"# String | Identity Id# Identity Detailstry{Get-BetaIdentity-BetaId$Id# Below is a request that includes all optional parameters# Get-BetaIdentity -BetaId $Id }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaIdentity"Write-Host$_.ErrorDetails}
Use this API to return an identity's owned objects that will cause problems for deleting the identity.
Use this API as a checklist of objects that you need to reassign to a different identity before you can delete the identity.
For a full list of objects owned by an identity, use the Search API. When you search for identities, the returned identities have a property, owns, that contains a more comprehensive list of identity's owned objects.
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$IdentityId="ff8081814d2a8036014d701f3fbf53fa"# String | Identity ID.# Get ownership detailstry{Get-BetaIdentityOwnershipDetails-BetaIdentityId$IdentityId# Below is a request that includes all optional parameters# Get-BetaIdentityOwnershipDetails -BetaIdentityId $IdentityId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaIdentityOwnershipDetails"Write-Host$_.ErrorDetails}
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$IdentityId="ef38f94347e94562b5bb8424a56397d8"# String | Identity Id$AssignmentId="1cbb0705b38c4226b1334eadd8874086"# String | Assignment Id# Role assignment detailstry{Get-BetaRoleAssignment-BetaIdentityId$IdentityId-BetaAssignmentId$AssignmentId# Below is a request that includes all optional parameters# Get-BetaRoleAssignment -BetaIdentityId $IdentityId -BetaAssignmentId $AssignmentId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaRoleAssignment"Write-Host$_.ErrorDetails}
This returns either a list of Role Assignments when querying with either a Role Id or Role Name, or a list of Role Assignment References if querying with only identity Id.
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$IdentityId="ef38f94347e94562b5bb8424a56397d8"# String | Identity Id to get the role assignments for$RoleId="e7697a1e96d04db1ac7b0f4544915d2c"# String | Role Id to filter the role assignments with (optional)$RoleName="Engineer"# String | Role name to filter the role assignments with (optional)# List role assignmentstry{Get-BetaRoleAssignments-BetaIdentityId$IdentityId# Below is a request that includes all optional parameters# Get-BetaRoleAssignments -BetaIdentityId $IdentityId -BetaRoleId $RoleId -BetaRoleName $RoleName }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaRoleAssignments"Write-Host$_.ErrorDetails}
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: id: eq, inname: eq, swalias: eq, swfirstname: eq, swlastname: eq, swemail: eq, swcloudStatus: eqprocessingState: eqcorrelated: eqprotected: eq
Query
Sorters
String
(optional)
Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name, alias, cloudStatus
Query
DefaultFilter
String
(optional) (default to "CORRELATED_ONLY")
Adds additional filter to filters query parameter. CORRELATED_ONLY adds correlated=true and returns only identities that are correlated. NONE does not add any and returns all identities that satisfy filters query parameter.
Query
Count
Boolean
(optional) (default to $false)
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$Filters='id eq "6c9079b270a266a60170a2779fcb0006" or correlated eq false'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **alias**: *eq, sw* **firstname**: *eq, sw* **lastname**: *eq, sw* **email**: *eq, sw* **cloudStatus**: *eq* **processingState**: *eq* **correlated**: *eq* **protected**: *eq* (optional)$Sorters="name,-cloudStatus"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, alias, cloudStatus** (optional)$DefaultFilter="CORRELATED_ONLY"# String | Adds additional filter to filters query parameter. CORRELATED_ONLY adds correlated=true and returns only identities that are correlated. NONE does not add any and returns all identities that satisfy filters query parameter. (optional) (default to "CORRELATED_ONLY")$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)# List Identitiestry{Get-BetaIdentities# Below is a request that includes all optional parameters# Get-BetaIdentities -BetaFilters $Filters -BetaSorters $Sorters -BetaDefaultFilter $DefaultFilter -BetaCount $Count -BetaLimit $Limit -BetaOffset $Offset }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaIdentities"Write-Host$_.ErrorDetails}
Use this endpoint to reset a user's identity if they have forgotten their authentication information like their answers to knowledge-based questions. Resetting an identity de-registers the user and removes any elevated user levels they have.
Parameters
Param Type
Name
Data Type
Required
Description
Path
IdentityId
String
True
Identity Id
Return type
(empty response body)
Responses
Code
Description
Data Type
202
Accepted. The reset request accepted and is in progress.
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$IdentityId="ef38f94347e94562b5bb8424a56397d8"# String | Identity Id# Reset an identitytry{Reset-BetaIdentity-BetaIdentityId$IdentityId# Below is a request that includes all optional parameters# Reset-BetaIdentity -BetaIdentityId $IdentityId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Reset-BetaIdentity"Write-Host$_.ErrorDetails}
This API sends an email with the link to start Password Reset. After selecting the link an identity will be able to set up a new password. Emails expire after 2 hours.
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json
Accept: application/json
Example
$Id="ef38f94347e94562b5bb8424a56397d8"# String | Identity ID$SendAccountVerificationRequest=@"{
"sourceName" : "ActiveDirectorySource",
"via" : "EMAIL_WORK"
}"@# Send password reset emailtry{$Result=ConvertFrom-JsonToSendAccountVerificationRequest-Json$SendAccountVerificationRequestSend-BetaIdentityVerificationAccountToken-BetaId$Id-BetaSendAccountVerificationRequest$Result# Below is a request that includes all optional parameters# Send-BetaIdentityVerificationAccountToken -BetaId $Id -BetaSendAccountVerificationRequest $SendAccountVerificationRequest }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Send-BetaIdentityVerificationAccountToken"Write-Host$_.ErrorDetails}
This API submits a task for inviting given identities via email to complete registration. The invitation email will include the link. After selecting the link an identity will be able to set up password and log in into the system. Invitations expire after 7 days. By default invitations send to the work identity email. It can be changed in Admin > Identities > Identity Profiles by selecting corresponding profile and editing Invitation Options.
This task will send an invitation email only for unregistered identities.
Responds with an initial TaskStatus for the executed task
TaskStatus
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json
Accept: application/json
Example
$InviteIdentitiesRequest=@"{
"ids" : [ "2b568c65bc3c4c57a43bd97e3a8e55", "2c9180867769897d01776ed5f125512f" ],
"uninvited" : false
}"@# Invite identities to registertry{$Result=ConvertFrom-JsonToInviteIdentitiesRequest-Json$InviteIdentitiesRequestStart-BetaIdentitiesInvite-BetaInviteIdentitiesRequest$Result# Below is a request that includes all optional parameters# Start-BetaIdentitiesInvite -BetaInviteIdentitiesRequest $InviteIdentitiesRequest }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Start-BetaIdentitiesInvite"Write-Host$_.ErrorDetails}
This operation should not be used to schedule your own identity processing or to perform system wide identity refreshes. The system will use a combination of event-based processing and scheduled processing that runs every day at 8:00 AM and 8:00 PM in the tenant's timezone to keep your identities synchronized.
This endpoint will perform the following tasks:
Calculate identity attributes, including applying or running any rules or transforms (e.g. calculate Lifecycle State at a point-in-time it's expected to change).
Evaluate role assignments, leading to assignment of new roles and removal of existing roles.
Enforce provisioning for any assigned accesses that haven't been fulfilled (e.g. failure due to source health).
Recalculate manager relationships.
Potentially clean-up identity processing errors, assuming the error has been resolved.
A token with ORG_ADMIN or HELPDESK authority is required to call this API.
Object containing the DTO type TASK_RESULT and the job id for the task
TaskResultResponse
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json
Accept: application/json
Example
$ProcessIdentitiesRequest=@"{
"identityIds" : [ "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8", "ef38f94347e94562b5bb8424a56397d8" ]
}"@# Process a list of identityIdstry{$Result=ConvertFrom-JsonToProcessIdentitiesRequest-Json$ProcessIdentitiesRequestStart-BetaIdentityProcessing-BetaProcessIdentitiesRequest$Result# Below is a request that includes all optional parameters# Start-BetaIdentityProcessing -BetaProcessIdentitiesRequest $ProcessIdentitiesRequest }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Start-BetaIdentityProcessing"Write-Host$_.ErrorDetails}
This end-point performs attribute synchronization for a selected identity. The endpoint can be called once in 10 seconds per identity. A token with ORG_ADMIN or API authority is required to call this API.
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$IdentityId="MyIdentityId"# String | The Identity id# Attribute synchronization for single identity.try{Sync-BetahronizeAttributesForIdentity-BetaIdentityId$IdentityId# Below is a request that includes all optional parameters# Sync-BetahronizeAttributesForIdentity -BetaIdentityId $IdentityId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Sync-BetahronizeAttributesForIdentity"Write-Host$_.ErrorDetails}
