LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bdb088c15d658724ba159ccb8208ead957056c7a
developer.sailpoint.com/docs/tools/sdk/powershell/Reference/Beta/Methods/BetaIdentityHistoryApi.md
developer-relations-sp bdb088c15d Update to powershell SDK docs: 13122455471
2025-02-03 20:42:04 +00:00

44 KiB
Raw Blame History

id: beta-identity-history title: IdentityHistory pagination_label: IdentityHistory sidebar_label: IdentityHistory sidebar_class_name: powershellsdk keywords: ['powershell', 'PowerShell', 'sdk', 'IdentityHistory', 'BetaIdentityHistory'] slug: /tools/sdk/powershell/beta/methods/identity-history tags: ['SDK', 'Software Development Kit', 'IdentityHistory', 'BetaIdentityHistory']

IdentityHistory

All URIs are relative to https://sailpoint.api.identitynow.com/beta

Method HTTP request Description
Compare-BetaIdentitySnapshots GET /historical-identities/{id}/compare Gets a difference of count for each access item types for the given identity between 2 snapshots
Compare-BetaIdentitySnapshotsAccessType GET /historical-identities/{id}/compare/{access-type} Gets a list of differences of specific accessType for the given identity between 2 snapshots
Get-BetaHistoricalIdentity GET /historical-identities/{id} Get latest snapshot of identity
Get-BetaHistoricalIdentityEvents GET /historical-identities/{id}/events Lists all events for the given identity
Get-BetaIdentitySnapshot GET /historical-identities/{id}/snapshots/{date} Gets an identity snapshot at a given date
Get-BetaIdentitySnapshotSummary GET /historical-identities/{id}/snapshot-summary Gets the summary for the event count for a specific identity
Get-BetaIdentityStartDate GET /historical-identities/{id}/start-date Gets the start date of the identity
Get-BetaHistoricalIdentities GET /historical-identities Lists all the identities
Get-BetaIdentityAccessItems GET /historical-identities/{id}/access-items List Access Items by Identity
Get-BetaIdentitySnapshotAccessItems GET /historical-identities/{id}/snapshots/{date}/access-items Get Identity Access Items Snapshot
Get-BetaIdentitySnapshots GET /historical-identities/{id}/snapshots Lists all the snapshots for the identity

compare-identity-snapshots

This method gets a difference of count for each access item types for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Query Snapshot1 String (optional) The snapshot 1 of identity
Query Snapshot2 String (optional) The snapshot 2 of identity
Query AccessItemTypes []String (optional) An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

IdentityCompareResponse[]

Responses

Code Description Data Type
200 A IdentityCompare object with difference details for each access item type IdentityCompareResponse[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Snapshot1 = "2007-03-01T13:00:00Z" # String | The snapshot 1 of identity (optional)
$Snapshot2 = "2008-03-01T13:00:00Z" # String | The snapshot 2 of identity (optional)
$AccessItemTypes = "MyAccessItemTypes" # String[] | An optional list of access item types (app, account, entitlement, etc...) to return.   If null or empty, all access items types are returned  (optional)

 
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)

# Gets a difference of count for each access item types for the given identity between 2 snapshots

try {
    Compare-BetaIdentitySnapshots-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Compare-BetaIdentitySnapshots -BetaId $Id -BetaSnapshot1 $Snapshot1 -BetaSnapshot2 $Snapshot2 -BetaAccessItemTypes $AccessItemTypes -BetaLimit $Limit -BetaOffset $Offset -BetaCount $Count  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Compare-BetaIdentitySnapshots"
    Write-Host $_.ErrorDetails
}

[Back to top]

compare-identity-snapshots-access-type

This method gets a list of differences of specific accessType for the given identity between 2 snapshots Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Path AccessType String True The specific type which needs to be compared
Query AccessAssociated Boolean (optional) Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed
Query Snapshot1 String (optional) The snapshot 1 of identity
Query Snapshot2 String (optional) The snapshot 2 of identity
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

AccessItemDiff[]

Responses

Code Description Data Type
200 A list of events for the identity AccessItemDiff[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$AccessType = "accessProfile" # String | The specific type which needs to be compared
$AccessAssociated = $false # Boolean | Indicates if added or removed access needs to be returned. true - added, false - removed, null - both added & removed (optional)
$Snapshot1 = "2008-03-01T13:00:00Z" # String | The snapshot 1 of identity (optional)
$Snapshot2 = "2009-03-01T13:00:00Z" # String | The snapshot 2 of identity (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)

# Gets a list of differences of specific accessType for the given identity between 2 snapshots

try {
    Compare-BetaIdentitySnapshotsAccessType-BetaId $Id -BetaAccessType $AccessType 
    
    # Below is a request that includes all optional parameters
    # Compare-BetaIdentitySnapshotsAccessType -BetaId $Id -BetaAccessType $AccessType -BetaAccessAssociated $AccessAssociated -BetaSnapshot1 $Snapshot1 -BetaSnapshot2 $Snapshot2 -BetaLimit $Limit -BetaOffset $Offset -BetaCount $Count  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Compare-BetaIdentitySnapshotsAccessType"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-historical-identity

This method retrieves a specified identity Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id

Return type

IdentityHistoryResponse

Responses

Code Description Data Type
200 The identity object. IdentityHistoryResponse
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessModelMetadataAttribute429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id

# Get latest snapshot of identity

try {
    Get-BetaHistoricalIdentity-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Get-BetaHistoricalIdentity -BetaId $Id  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaHistoricalIdentity"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-historical-identity-events

This method retrieves all access events for the identity Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Query From String (optional) The optional instant until which access events are returned
Query EventTypes []String (optional) An optional list of event types to return. If null or empty, all events are returned
Query AccessItemTypes []String (optional) An optional list of access item types (app, account, entitlement, etc...) to return. If null or empty, all access items types are returned
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

GetHistoricalIdentityEvents200ResponseInner[]

Responses

Code Description Data Type
200 The list of events for the identity GetHistoricalIdentityEvents200ResponseInner[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessModelMetadataAttribute429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$From = "2024-03-01T13:00:00Z" # String | The optional instant until which access events are returned (optional)
$EventTypes = "MyEventTypes" # String[] | An optional list of event types to return.  If null or empty, all events are returned (optional)

$EventTypes = @"[AccessAddedEvent, AccessRemovedEvent]"@ # String[] | An optional list of event types to return.  If null or empty, all events are returned (optional) 
$AccessItemTypes = "MyAccessItemTypes" # String[] | An optional list of access item types (app, account, entitlement, etc...) to return.   If null or empty, all access items types are returned (optional)

$AccessItemTypes = @"[entitlement, account]"@ # String[] | An optional list of access item types (app, account, entitlement, etc...) to return.   If null or empty, all access items types are returned (optional) 
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)

# Lists all events for the given identity

try {
    Get-BetaHistoricalIdentityEvents-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Get-BetaHistoricalIdentityEvents -BetaId $Id -BetaFrom $From -BetaEventTypes $EventTypes -BetaAccessItemTypes $AccessItemTypes -BetaLimit $Limit -BetaOffset $Offset -BetaCount $Count  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaHistoricalIdentityEvents"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-identity-snapshot

This method retrieves a specified identity snapshot at a given date Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Path Date String True The specified date

Return type

IdentityHistoryResponse

Responses

Code Description Data Type
200 The identity object. IdentityHistoryResponse
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Date = "2007-03-01T13:00:00Z" # String | The specified date

# Gets an identity snapshot at a given date

try {
    Get-BetaIdentitySnapshot-BetaId $Id -BetaDate $Date 
    
    # Below is a request that includes all optional parameters
    # Get-BetaIdentitySnapshot -BetaId $Id -BetaDate $Date  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaIdentitySnapshot"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-identity-snapshot-summary

This method gets the summary for the event count for a specific identity by month/day Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Query Before String (optional) The date before which snapshot summary is required
Query Interval String (optional) The interval indicating day or month. Defaults to month if not specified
Query TimeZone String (optional) The time zone. Defaults to UTC if not provided
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

MetricResponse[]

Responses

Code Description Data Type
200 A summary list of identity changes in date histogram format. MetricResponse[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Before = "2007-03-01T13:00:00Z" # String | The date before which snapshot summary is required (optional)
$Interval = "day" # String | The interval indicating day or month. Defaults to month if not specified (optional)
$TimeZone = "UTC" # String | The time zone. Defaults to UTC if not provided (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)

# Gets the summary for the event count for a specific identity

try {
    Get-BetaIdentitySnapshotSummary-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Get-BetaIdentitySnapshotSummary -BetaId $Id -BetaBefore $Before -BetaInterval $Interval -BetaTimeZone $TimeZone -BetaLimit $Limit -BetaOffset $Offset -BetaCount $Count  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaIdentitySnapshotSummary"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-identity-start-date

This method retrieves start date of the identity Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id

Return type

String

Responses

Code Description Data Type
200 The start date of the identity String
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id

# Gets the start date of the identity

try {
    Get-BetaIdentityStartDate-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Get-BetaIdentityStartDate -BetaId $Id  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaIdentityStartDate"
    Write-Host $_.ErrorDetails
}

[Back to top]

list-historical-identities

This gets the list of identities for the customer. This list end point does not support count=true request param. The total count of identities would never be returned even if the count param is specified in the request Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Query StartsWithQuery String (optional) This param is used for starts-with search for first, last and display name of the identity
Query IsDeleted Boolean (optional) Indicates if we want to only list down deleted identities or not.
Query IsActive Boolean (optional) Indicates if we want to only list active or inactive identities.
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.

Return type

IdentityListItem[]

Responses

Code Description Data Type
200 List of identities for the customer. IdentityListItem[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessModelMetadataAttribute429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$StartsWithQuery = "Ada" # String | This param is used for starts-with search for first, last and display name of the identity (optional)
$IsDeleted = $true # Boolean | Indicates if we want to only list down deleted identities or not. (optional)
$IsActive = $true # Boolean | Indicates if we want to only list active or inactive identities. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)

# Lists all the identities

try {
    Get-BetaHistoricalIdentities
    
    # Below is a request that includes all optional parameters
    # Get-BetaHistoricalIdentities -BetaStartsWithQuery $StartsWithQuery -BetaIsDeleted $IsDeleted -BetaIsActive $IsActive -BetaLimit $Limit -BetaOffset $Offset  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaHistoricalIdentities"
    Write-Host $_.ErrorDetails
}

[Back to top]

list-identity-access-items

This method retrieves a list of access item for the identity filtered by the access item type

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Query Type String (optional) The type of access item for the identity. If not provided, it defaults to account. Types of access items: accessProfile, account, app, entitlement, role
Query Filters String (optional) Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: source: eq standalone: eq privileged: eq attribute: eq cloudGoverned: eq
Query Sorters String (optional) Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name, value, standalone, privileged, attribute, source, cloudGoverned, removeDate, nativeIdentity, entitlementCount
Query Query String (optional) This param is used to search if certain fields of the access item contain the string provided. Searching is supported for the following fields depending on the type: Access Profiles: name, description Accounts: name, nativeIdentity Apps: name Entitlements: name, value, description Roles: name, description
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.

Return type

ListIdentityAccessItems200ResponseInner[]

Responses

Code Description Data Type
200 The list of access items. ListIdentityAccessItems200ResponseInner[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessModelMetadataAttribute429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Type = "account" # String | The type of access item for the identity. If not provided, it defaults to account.  Types of access items: **accessProfile, account, app, entitlement, role** (optional)
$Filters = 'source eq "DataScienceDataset"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **source**: *eq*  **standalone**: *eq*  **privileged**: *eq*  **attribute**: *eq*  **cloudGoverned**: *eq* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name, value, standalone, privileged, attribute, source, cloudGoverned, removeDate, nativeIdentity, entitlementCount** (optional)
$Query = "Dr. Arden" # String | This param is used to search if certain fields of the access item contain the string provided.  Searching is supported for the following fields depending on the type:  Access Profiles: **name, description**  Accounts: **name, nativeIdentity**  Apps: **name**  Entitlements: **name, value, description**  Roles: **name, description** (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)

# List Access Items by Identity

try {
    Get-BetaIdentityAccessItems-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Get-BetaIdentityAccessItems -BetaId $Id -BetaType $Type -BetaFilters $Filters -BetaSorters $Sorters -BetaQuery $Query -BetaLimit $Limit -BetaCount $Count -BetaOffset $Offset  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaIdentityAccessItems"
    Write-Host $_.ErrorDetails
}

[Back to top]

list-identity-snapshot-access-items

Use this API to get a list of identity access items at a specified date, filtered by item type.

Parameters

Param Type Name Data Type Required Description
Path Id String True Identity ID.
Path Date String True Specified date.
Query Type String (optional) Access item type.

Return type

ListIdentityAccessItems200ResponseInner[]

Responses

Code Description Data Type
200 Identity object. ListIdentityAccessItems200ResponseInner[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessModelMetadataAttribute429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | Identity ID.
$Date = "2007-03-01T13:00:00Z" # String | Specified date.
$Type = "role" # String | Access item type. (optional)

# Get Identity Access Items Snapshot

try {
    Get-BetaIdentitySnapshotAccessItems-BetaId $Id -BetaDate $Date 
    
    # Below is a request that includes all optional parameters
    # Get-BetaIdentitySnapshotAccessItems -BetaId $Id -BetaDate $Date -BetaType $Type  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaIdentitySnapshotAccessItems"
    Write-Host $_.ErrorDetails
}

[Back to top]

list-identity-snapshots

This method retrieves all the snapshots for the identity Requires authorization scope of 'idn:identity-history:read'

Parameters

Param Type Name Data Type Required Description
Path Id String True The identity id
Query Start String (optional) The specified start date
Query Interval String (optional) The interval indicating the range in day or month for the specified interval-name
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

IdentitySnapshotSummaryResponse[]

Responses

Code Description Data Type
200 A list of identity summary for each snapshot. IdentitySnapshotSummaryResponse[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessModelMetadataAttribute401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
404 Not Found - returned if the request URL refers to a resource or object that does not exist ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e6787aa4ed9a90bd9d5344523fb" # String | The identity id
$Start = "2007-03-01T13:00:00Z" # String | The specified start date (optional)
$Interval = "day" # String | The interval indicating the range in day or month for the specified interval-name (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)

# Lists all the snapshots for the identity

try {
    Get-BetaIdentitySnapshots-BetaId $Id 
    
    # Below is a request that includes all optional parameters
    # Get-BetaIdentitySnapshots -BetaId $Id -BetaStart $Start -BetaInterval $Interval -BetaLimit $Limit -BetaOffset $Offset -BetaCount $Count  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-BetaIdentitySnapshots"
    Write-Host $_.ErrorDetails
}

[Back to top]