LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 20:37:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bdb088c15d658724ba159ccb8208ead957056c7a
developer.sailpoint.com/docs/tools/sdk/powershell/Reference/V2024/Methods/V2024RoleInsightsApi.md
developer-relations-sp bdb088c15d Update to powershell SDK docs: 13122455471
2025-02-03 20:42:04 +00:00

30 KiB
Raw Blame History

id: v2024-role-insights title: RoleInsights pagination_label: RoleInsights sidebar_label: RoleInsights sidebar_class_name: powershellsdk keywords: ['powershell', 'PowerShell', 'sdk', 'RoleInsights', 'V2024RoleInsights'] slug: /tools/sdk/powershell/v2024/methods/role-insights tags: ['SDK', 'Software Development Kit', 'RoleInsights', 'V2024RoleInsights']

RoleInsights

All URIs are relative to https://sailpoint.api.identitynow.com/v2024

Method HTTP request Description
New-V2024RoleInsightRequests POST /role-insights/requests Generate insights for roles
Invoke-V2024DownloadRoleInsightsEntitlementsChanges GET /role-insights/{insightId}/entitlement-changes/download Download entitlement insights for a role
Get-V2024EntitlementChangesIdentities GET /role-insights/{insightId}/entitlement-changes/{entitlementId}/identities Get identities for a suggested entitlement (for a role)
Get-V2024RoleInsight GET /role-insights/{insightId} Get a single role insight
Get-V2024RoleInsights GET /role-insights Get role insights
Get-V2024RoleInsightsCurrentEntitlements GET /role-insights/{insightId}/current-entitlements Get current entitlement for a role
Get-V2024RoleInsightsEntitlementsChanges GET /role-insights/{insightId}/entitlement-changes Get entitlement insights for a role
Get-V2024RoleInsightsRequests GET /role-insights/requests/{id} Returns metadata from prior request.
Get-V2024RoleInsightsSummary GET /role-insights/summary Get role insights summary information

create-role-insight-requests

Submits a create role insights request to the role insights application. At this time there are no parameters. All business roles will be processed for the customer.

Parameters

Param Type Name Data Type Required Description
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.

Return type

RoleInsightsResponse

Responses

Code Description Data Type
201 Submitted a role insights generation request RoleInsightsResponse
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")

# Generate insights for roles

try {
    New-V2024RoleInsightRequests-V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # New-V2024RoleInsightRequests -V2024XSailPointExperimental $XSailPointExperimental  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2024RoleInsightRequests"
    Write-Host $_.ErrorDetails
}

[Back to top]

download-role-insights-entitlements-changes

This endpoint returns the entitlement insights for a role.

Parameters

Param Type Name Data Type Required Description
Path InsightId String True The role insight id
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.
Query Sorters String (optional) Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: identitiesWithAccess The default sort is identitiesWithAccess in descending order.
Query Filters String (optional) Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw description: sw

Return type

String

Responses

Code Description Data Type
200 Succeeded. Returns a csv file containing a list of entitlements to be added for a role. String
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: text/csv, application/json

Example

$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Sorters = "identitiesWithAccess" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **identitiesWithAccess**  The default sort is **identitiesWithAccess** in descending order. (optional)
$Filters = 'name sw "r"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw*  **description**: *sw* (optional)

# Download entitlement insights for a role

try {
    Invoke-V2024DownloadRoleInsightsEntitlementsChanges-V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Invoke-V2024DownloadRoleInsightsEntitlementsChanges -V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental -V2024Sorters $Sorters -V2024Filters $Filters  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Invoke-V2024DownloadRoleInsightsEntitlementsChanges"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-entitlement-changes-identities

Role insights suggests entitlements to be added for a role. This endpoint returns a list of identities in the role, with or without the entitlements, for a suggested entitlement so that the user can see which identities would be affected if the suggested entitlement were to be added to the role.

Parameters

Param Type Name Data Type Required Description
Path InsightId String True The role insight id
Path EntitlementId String True The entitlement id
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.
Query HasEntitlement Boolean (optional) (default to $false) Identity has this entitlement or not
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Query Sorters String (optional) Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name
Query Filters String (optional) Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw

Return type

RoleInsightsIdentities[]

Responses

Code Description Data Type
200 Succeeded. Returns a list of identities with or without the entitlement. RoleInsightsIdentities[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$EntitlementId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The entitlement id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$HasEntitlement = $true # Boolean | Identity has this entitlement or not (optional) (default to $false)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name** (optional)
$Filters = 'name sw "Jan"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw* (optional)

# Get identities for a suggested entitlement (for a role)

try {
    Get-V2024EntitlementChangesIdentities-V2024InsightId $InsightId -V2024EntitlementId $EntitlementId -V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024EntitlementChangesIdentities -V2024InsightId $InsightId -V2024EntitlementId $EntitlementId -V2024XSailPointExperimental $XSailPointExperimental -V2024HasEntitlement $HasEntitlement -V2024Offset $Offset -V2024Limit $Limit -V2024Count $Count -V2024Sorters $Sorters -V2024Filters $Filters  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024EntitlementChangesIdentities"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-role-insight

This endpoint gets role insights information for a role.

Parameters

Param Type Name Data Type Required Description
Path InsightId String True The role insight id
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.

Return type

RoleInsight

Responses

Code Description Data Type
200 Succeeded. Returns information about insights for a single role. RoleInsight
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")

# Get a single role insight

try {
    Get-V2024RoleInsight-V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024RoleInsight -V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024RoleInsight"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-role-insights

This method returns detailed role insights for each role.

Parameters

Param Type Name Data Type Required Description
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.
Query Offset Int32 (optional) (default to 0) Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query Limit Int32 (optional) (default to 250) Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query Count Boolean (optional) (default to $false) If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Query Sorters String (optional) Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities
Query Filters String (optional) Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw ownerName: sw description: sw

Return type

RoleInsight[]

Responses

Code Description Data Type
200 Succeeded. Returns a list of roles with information about insights for each role. RoleInsight[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "numberOfUpdates" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **numberOfUpdates, identitiesWithAccess, totalNumberOfIdentities** (optional)
$Filters = 'name sw "John"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw*  **ownerName**: *sw*  **description**: *sw* (optional)

# Get role insights

try {
    Get-V2024RoleInsights-V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024RoleInsights -V2024XSailPointExperimental $XSailPointExperimental -V2024Offset $Offset -V2024Limit $Limit -V2024Count $Count -V2024Sorters $Sorters -V2024Filters $Filters  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024RoleInsights"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-role-insights-current-entitlements

This endpoint gets the entitlements for a role. The term "current" is to distinguish from the entitlement(s) an insight might recommend adding.

Parameters

Param Type Name Data Type Required Description
Path InsightId String True The role insight id
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.
Query Filters String (optional) Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw description: sw

Return type

RoleInsightsEntitlement[]

Responses

Code Description Data Type
200 Succeeded. Returns a list of current or pre-existing entitlements for a role. RoleInsightsEntitlement[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'name sw "r"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw*  **description**: *sw* (optional)

# Get current entitlement for a role

try {
    Get-V2024RoleInsightsCurrentEntitlements-V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024RoleInsightsCurrentEntitlements -V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental -V2024Filters $Filters  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024RoleInsightsCurrentEntitlements"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-role-insights-entitlements-changes

This endpoint returns entitlement insights for a role.

Parameters

Param Type Name Data Type Required Description
Path InsightId String True The role insight id
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.
Query Sorters String (optional) Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: identitiesWithAccess, name
Query Filters String (optional) Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw description: sw

Return type

RoleInsightsEntitlementChanges[]

Responses

Code Description Data Type
200 Succeeded. Returns a list of entitlements to be added for a role. RoleInsightsEntitlementChanges[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$InsightId = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insight id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Sorters = "MySorters" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **identitiesWithAccess, name** (optional)
$Filters = 'name sw "Admin"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw*  **description**: *sw* (optional)

# Get entitlement insights for a role

try {
    Get-V2024RoleInsightsEntitlementsChanges-V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024RoleInsightsEntitlementsChanges -V2024InsightId $InsightId -V2024XSailPointExperimental $XSailPointExperimental -V2024Sorters $Sorters -V2024Filters $Filters  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024RoleInsightsEntitlementsChanges"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-role-insights-requests

This endpoint returns details of a prior role insights request.

Parameters

Param Type Name Data Type Required Description
Path Id String True The role insights request id
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.

Return type

RoleInsightsResponse

Responses

Code Description Data Type
200 Succeeded. Returns details of an earlier role insights request. RoleInsightsResponse
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "8c190e67-87aa-4ed9-a90b-d9d5344523fb" # String | The role insights request id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")

# Returns metadata from prior request.

try {
    Get-V2024RoleInsightsRequests-V2024Id $Id -V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024RoleInsightsRequests -V2024Id $Id -V2024XSailPointExperimental $XSailPointExperimental  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024RoleInsightsRequests"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-role-insights-summary

This method returns high level summary information for role insights for a customer.

Parameters

Param Type Name Data Type Required Description
XSailPointExperimental String True (default to "true") Use this header to enable this experimental API.

Return type

RoleInsightsSummary

Responses

Code Description Data Type
200 Succeeded. Returns high level counts. RoleInsightsSummary
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")

# Get role insights summary information

try {
    Get-V2024RoleInsightsSummary-V2024XSailPointExperimental $XSailPointExperimental 
    
    # Below is a request that includes all optional parameters
    # Get-V2024RoleInsightsSummary -V2024XSailPointExperimental $XSailPointExperimental  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024RoleInsightsSummary"
    Write-Host $_.ErrorDetails
}

[Back to top]