LukeParke/developer.sailpoint.com

Fork 0

mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 04:19:34 +00:00

Files

darrell-thobe-sp c69a78b807 adding powershell sdk docs back

2025-01-28 13:29:29 -05:00

37 KiB

Raw Blame History

id, title, pagination_label, sidebar_label, sidebar_class_name, keywords, slug, tags

title

pagination_label

sidebar_label

sidebar_class_name

keywords

slug

AccessRequests

All URIs are relative to https://sailpoint.api.identitynow.com/v2024

Method	HTTP request	Description
Approve-V2024BulkAccessRequest	POST `/access-request-approvals/bulk-approve`	Bulk Approve Access Request
Suspend-V2024AccessRequest	POST `/access-requests/cancel`	Cancel Access Request
Suspend-V2024AccessRequestInBulk	POST `/access-requests/bulk-cancel`	Bulk Cancel Access Request
Close-V2024AccessRequest	POST `/access-requests/close`	Close Access Request
New-V2024AccessRequest	POST `/access-requests`	Submit Access Request
Get-V2024AccessRequestConfig	GET `/access-request-config`	Get Access Request Configuration
Get-V2024AccessRequestStatus	GET `/access-request-status`	Access Request Status
Get-V2024AdministratorsAccessRequestStatus	GET `/access-request-administration`	Access Request Status for Administrators
Set-V2024AccessRequestConfig	PUT `/access-request-config`	Update Access Request Configuration

approve-bulk-access-request

This API endpoint allows approving pending access requests in bulk. Maximum of 50 approval ids can be provided in the request for one single invocation. ORG_ADMIN or users with rights "idn:access-request-administration:write" can approve the access requests in bulk.

Parameters

Param Type	Name	Data Type	Required	Description
Body	BulkApproveAccessRequest	BulkApproveAccessRequest	True

Return type

SystemCollectionsHashtable

Responses

Code	Description	Data Type
202	Accepted - Returned if the request was successfully accepted into the system.	SystemCollectionsHashtable
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: application/json
Accept: application/json

Example

$BulkApproveAccessRequest = @"{
  "comment" : "I approve these request items",
  "approvalIds" : [ "2c9180835d2e5168015d32f890ca1581", "2c9180835d2e5168015d32f890ca1582" ]
}"@
# Bulk Approve Access Request
try {
    $Result = ConvertFrom-JsonToBulkApproveAccessRequest -Json $BulkApproveAccessRequest
    Approve-V2024BulkAccessRequest-V2024BulkApproveAccessRequest $Result
    
    # Below is a request that includes all optional parameters
    # Approve-V2024BulkAccessRequest -V2024BulkApproveAccessRequest $BulkApproveAccessRequest  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-V2024BulkAccessRequest"
    Write-Host $_.ErrorDetails
}

[Back to top]

cancel-access-request

This API endpoint cancels a pending access request. An access request can be cancelled only if it has not passed the approval step. In addition to users with ORG_ADMIN, any user who originally submitted the access request may cancel it.

Parameters

Param Type	Name	Data Type	Required	Description
Body	CancelAccessRequest	CancelAccessRequest	True

Return type

SystemCollectionsHashtable

Responses

Code	Description	Data Type
202	Accepted - Returned if the request was successfully accepted into the system.	SystemCollectionsHashtable
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: application/json
Accept: application/json

Example

$CancelAccessRequest = @"{
  "accountActivityId" : "2c9180835d2e5168015d32f890ca1581",
  "comment" : "I requested this role by mistake."
}"@
# Cancel Access Request
try {
    $Result = ConvertFrom-JsonToCancelAccessRequest -Json $CancelAccessRequest
    Suspend-V2024AccessRequest-V2024CancelAccessRequest $Result
    
    # Below is a request that includes all optional parameters
    # Suspend-V2024AccessRequest -V2024CancelAccessRequest $CancelAccessRequest  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-V2024AccessRequest"
    Write-Host $_.ErrorDetails
}

[Back to top]

cancel-access-request-in-bulk

This API endpoint allows cancelling pending access requests in bulk. Maximum of 50 access request ids can be provided in the request for one single invocation. Only ORG_ADMIN or users with rights "idn:access-request-administration:write" can cancel the access requests in bulk.

Parameters

Param Type	Name	Data Type	Required	Description
Body	BulkCancelAccessRequest	BulkCancelAccessRequest	True

Return type

SystemCollectionsHashtable

Responses

Code	Description	Data Type
202	Accepted - Returned if the request was successfully accepted into the system.	SystemCollectionsHashtable
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: application/json
Accept: application/json

Example

$BulkCancelAccessRequest = @"{
  "accessRequestIds" : [ "2c9180835d2e5168015d32f890ca1581", "2c9180835d2e5168015d32f890ca1582" ],
  "comment" : "I requested this role by mistake."
}"@
# Bulk Cancel Access Request
try {
    $Result = ConvertFrom-JsonToBulkCancelAccessRequest -Json $BulkCancelAccessRequest
    Suspend-V2024AccessRequestInBulk-V2024BulkCancelAccessRequest $Result
    
    # Below is a request that includes all optional parameters
    # Suspend-V2024AccessRequestInBulk -V2024BulkCancelAccessRequest $BulkCancelAccessRequest  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Suspend-V2024AccessRequestInBulk"
    Write-Host $_.ErrorDetails
}

[Back to top]

close-access-request

This endpoint closes access requests that are stuck in a pending state. It can be used throughout a request's lifecycle even after the approval state, unlike the Cancel Access Request endpoint.

To find pending access requests with the UI, navigate to Search and use this query: status: Pending AND "Access Request". Use the Column Chooser to select 'Tracking Number', and use the 'Download' button to export a CSV containing the tracking numbers.

To find pending access requests with the API, use the List Account Activities endpoint.

Input the IDs from either source.

To track the status of endpoint requests, navigate to Search and use this query: name:"Close Identity Requests". Search will include "Close Identity Requests Started" audits when requests are initiated and "Close Identity Requests Completed" audits when requests are completed. The completion audit will list the identity request IDs that finished in error.

This API triggers the Provisioning Completed event trigger for each access request that is closed.

Parameters

Param Type	Name	Data Type	Required	Description
XSailPointExperimental	String	True (default to "true")	Use this header to enable this experimental API.
Body	CloseAccessRequest	CloseAccessRequest	True

Return type

SystemCollectionsHashtable

Responses

Code	Description	Data Type
202	Accepted - Returned if the request was successfully accepted into the system.	SystemCollectionsHashtable
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: application/json
Accept: application/json

Example

$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$CloseAccessRequest = @"{
  "executionStatus" : "Terminated",
  "accessRequestIds" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
  "completionStatus" : "Failure",
  "message" : "The IdentityNow Administrator manually closed this request."
}"@
# Close Access Request
try {
    $Result = ConvertFrom-JsonToCloseAccessRequest -Json $CloseAccessRequest
    Close-V2024AccessRequest-V2024XSailPointExperimental $XSailPointExperimental -V2024CloseAccessRequest $Result
    
    # Below is a request that includes all optional parameters
    # Close-V2024AccessRequest -V2024XSailPointExperimental $XSailPointExperimental -V2024CloseAccessRequest $CloseAccessRequest  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Close-V2024AccessRequest"
    Write-Host $_.ErrorDetails
}

[Back to top]

create-access-request

Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.

Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn't return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.

It's best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the List Access Request Status or the Pending Access Request Approvals APIs. You can also use the Search API to check the existing access items an identity has before submitting an access request to ensure that you aren't requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request. These ignored requests do not display when you use the List Access Request Status API.

There are two types of access request:

GRANT_ACCESS

Can be requested for multiple identities in a single request.
Supports self request and request on behalf of other users. Refer to the Get Access Request Configuration endpoint for request configuration options.
Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others.
Roles, access profiles and entitlements can be requested.
While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.

REVOKE_ACCESS

Can only be requested for a single identity at a time.
You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.
Does not support self request. Only manager can request to revoke access for their directly managed employees.
If a removeDate is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements.
Roles, access profiles, and entitlements can be requested for revocation.
Revoke requests for entitlements are limited to 1 entitlement per access request currently.
You can specify a removeDate if the access doesn't already have a sunset date. The removeDate must be a future date, in the UTC timezone.
Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.

Parameters

Param Type	Name	Data Type	Required	Description
Body	AccessRequest	AccessRequest	True

Return type

AccessRequestResponse

Responses

Code	Description	Data Type
202	Access Request Response.	AccessRequestResponse
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: application/json
Accept: application/json

Example

$AccessRequest = @"{
  "requestedFor" : [ "2c918084660f45d6016617daa9210584", "2c918084660f45d6016617daa9210584" ],
  "clientMetadata" : {
    "requestedAppId" : "2c91808f7892918f0178b78da4a305a1",
    "requestedAppName" : "test-app"
  },
  "requestType" : "GRANT_ACCESS",
  "requestedItems" : [ {
    "clientMetadata" : {
      "requestedAppName" : "test-app",
      "requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
    },
    "removeDate" : "2020-07-11T21:23:15Z",
    "comment" : "Requesting access profile for John Doe",
    "id" : "2c9180835d2e5168015d32f890ca1581",
    "type" : "ACCESS_PROFILE"
  }, {
    "clientMetadata" : {
      "requestedAppName" : "test-app",
      "requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
    },
    "removeDate" : "2020-07-11T21:23:15Z",
    "comment" : "Requesting access profile for John Doe",
    "id" : "2c9180835d2e5168015d32f890ca1581",
    "type" : "ACCESS_PROFILE"
  }, {
    "clientMetadata" : {
      "requestedAppName" : "test-app",
      "requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
    },
    "removeDate" : "2020-07-11T21:23:15Z",
    "comment" : "Requesting access profile for John Doe",
    "id" : "2c9180835d2e5168015d32f890ca1581",
    "type" : "ACCESS_PROFILE"
  }, {
    "clientMetadata" : {
      "requestedAppName" : "test-app",
      "requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
    },
    "removeDate" : "2020-07-11T21:23:15Z",
    "comment" : "Requesting access profile for John Doe",
    "id" : "2c9180835d2e5168015d32f890ca1581",
    "type" : "ACCESS_PROFILE"
  }, {
    "clientMetadata" : {
      "requestedAppName" : "test-app",
      "requestedAppId" : "2c91808f7892918f0178b78da4a305a1"
    },
    "removeDate" : "2020-07-11T21:23:15Z",
    "comment" : "Requesting access profile for John Doe",
    "id" : "2c9180835d2e5168015d32f890ca1581",
    "type" : "ACCESS_PROFILE"
  } ]
}"@
# Submit Access Request
try {
    $Result = ConvertFrom-JsonToAccessRequest -Json $AccessRequest
    New-V2024AccessRequest-V2024AccessRequest $Result
    
    # Below is a request that includes all optional parameters
    # New-V2024AccessRequest -V2024AccessRequest $AccessRequest  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2024AccessRequest"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-access-request-config

This endpoint returns the current access-request configuration.

Parameters

Param Type	Name	Data Type	Required	Description

Return type

AccessRequestConfig

Responses

Code	Description	Data Type
200	Access Request Configuration Details.	AccessRequestConfig
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: Not defined
Accept: application/json

Example

# Get Access Request Configuration
try {
    Get-V2024AccessRequestConfig
    
    # Below is a request that includes all optional parameters
    # Get-V2024AccessRequestConfig  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AccessRequestConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

list-access-request-status

Use this API to return a list of access request statuses based on the specified query parameters. If an access request was made for access that an identity already has, the API ignores the access request. These ignored requests do not display in the list of access request statuses. Any user with any user level can get the status of their own access requests. A user with ORG_ADMIN is required to call this API to get a list of statuses for other users.

Parameters

Param Type	Name	Data Type	Required	Description
Query	RequestedFor	String	(optional)	Filter the results by the identity the requests were made for. me indicates the current user. Mutually exclusive with regarding-identity.
Query	RequestedBy	String	(optional)	Filter the results by the identity who made the requests. me indicates the current user. Mutually exclusive with regarding-identity.
Query	RegardingIdentity	String	(optional)	Filter the results by the specified identity who is either the requester or target of the requests. me indicates the current user. Mutually exclusive with requested-for and requested-by.
Query	AssignedTo	String	(optional)	Filter the results by the specified identity who is the owner of the Identity Request Work Item. me indicates the current user.
Query	Count	Boolean	(optional) (default to $false)	If this is true, the X-Total-Count response header populates with the number of results that would be returned if limit and offset were ignored.
Query	Limit	Int32	(optional) (default to 250)	Max number of results to return.
Query	Offset	Int32	(optional)	Offset into the full result set. Usually specified with limit to paginate through the results. Defaults to 0 if not specified.
Query	Filters	String	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: accessRequestId: in accountActivityItemId: eq, in, ge, gt, le, lt, ne, isnull, sw created: eq, in, ge, gt, le, lt, ne, isnull, sw
Query	Sorters	String	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: created, modified, accountActivityItemId, name
Query	RequestState	String	(optional)	Filter the results by the state of the request. The only valid value is EXECUTING.

Return type

RequestedItemStatus[]

Responses

Code	Description	Data Type
200	List of requested item statuses.	RequestedItemStatus[]
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: Not defined
Accept: application/json

Example

$RequestedFor = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$AssignedTo = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user. (optional)
$Count = $false # Boolean | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored. (optional) (default to $false)
$Limit = 100 # Int32 | Max number of results to return. (optional) (default to 250)
$Offset = 10 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. (optional)
$Filters = 'accountActivityItemId eq "2c918086771c86df0177401efcdf54c0"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **accessRequestId**: *in*  **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*  **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **created, modified, accountActivityItemId, name** (optional)
$RequestState = "request-state=EXECUTING" # String | Filter the results by the state of the request. The only valid value is *EXECUTING*. (optional)
# Access Request Status
try {
    Get-V2024AccessRequestStatus
    
    # Below is a request that includes all optional parameters
    # Get-V2024AccessRequestStatus -V2024RequestedFor $RequestedFor -V2024RequestedBy $RequestedBy -V2024RegardingIdentity $RegardingIdentity -V2024AssignedTo $AssignedTo -V2024Count $Count -V2024Limit $Limit -V2024Offset $Offset -V2024Filters $Filters -V2024Sorters $Sorters -V2024RequestState $RequestState  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AccessRequestStatus"
    Write-Host $_.ErrorDetails
}

[Back to top]

list-administrators-access-request-status

Use this API to get access request statuses of all the access requests in the org based on the specified query parameters. Any user with user level ORG_ADMIN or scope idn:access-request-administration:read can access this endpoint to get the access request statuses

Parameters

Param Type	Name	Data Type	Required	Description
Query	RequestedFor	String	(optional)	Filter the results by the identity the requests were made for. me indicates the current user. Mutually exclusive with regarding-identity.
Query	RequestedBy	String	(optional)	Filter the results by the identity who made the requests. me indicates the current user. Mutually exclusive with regarding-identity.
Query	RegardingIdentity	String	(optional)	Filter the results by the specified identity who is either the requester or target of the requests. me indicates the current user. Mutually exclusive with requested-for and requested-by.
Query	AssignedTo	String	(optional)	Filter the results by the specified identity who is the owner of the Identity Request Work Item. me indicates the current user.
Query	Count	Boolean	(optional) (default to $false)	If this is true, the X-Total-Count response header populates with the number of results that would be returned if limit and offset were ignored.
Query	Limit	Int32	(optional) (default to 250)	Max number of results to return.
Query	Offset	Int32	(optional)	Offset into the full result set. Usually specified with limit to paginate through the results. Defaults to 0 if not specified.
Query	Filters	String	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: accountActivityItemId: eq, in, ge, gt, le, lt, ne, isnull, sw accessRequestId: in status: in, eq, ne created: eq, in, ge, gt, le, lt, ne, isnull, sw
Query	Sorters	String	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: created, modified, accountActivityItemId, name, accessRequestId
Query	RequestState	String	(optional)	Filter the results by the state of the request. The only valid value is EXECUTING.

Return type

AccessRequestAdminItemStatus[]

Responses

Code	Description	Data Type
200	List of requested item statuses.	AccessRequestAdminItemStatus[]
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: Not defined
Accept: application/json

Example

$RequestedFor = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity the requests were made for. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RequestedBy = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the identity who made the requests. *me* indicates the current user. Mutually exclusive with *regarding-identity*. (optional)
$RegardingIdentity = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is either the requester or target of the requests. *me* indicates the current user. Mutually exclusive with *requested-for* and *requested-by*. (optional)
$AssignedTo = "2c9180877b2b6ea4017b2c545f971429" # String | Filter the results by the specified identity who is the owner of the Identity Request Work Item. *me* indicates the current user. (optional)
$Count = $false # Boolean | If this is true, the *X-Total-Count* response header populates with the number of results that would be returned if limit and offset were ignored. (optional) (default to $false)
$Limit = 100 # Int32 | Max number of results to return. (optional) (default to 250)
$Offset = 10 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. Defaults to 0 if not specified. (optional)
$Filters = 'accountActivityItemId eq "2c918086771c86df0177401efcdf54c0"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **accountActivityItemId**: *eq, in, ge, gt, le, lt, ne, isnull, sw*  **accessRequestId**: *in*  **status**: *in, eq, ne*  **created**: *eq, in, ge, gt, le, lt, ne, isnull, sw* (optional)
$Sorters = "created" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **created, modified, accountActivityItemId, name, accessRequestId** (optional)
$RequestState = "request-state=EXECUTING" # String | Filter the results by the state of the request. The only valid value is *EXECUTING*. (optional)
# Access Request Status for Administrators
try {
    Get-V2024AdministratorsAccessRequestStatus
    
    # Below is a request that includes all optional parameters
    # Get-V2024AdministratorsAccessRequestStatus -V2024RequestedFor $RequestedFor -V2024RequestedBy $RequestedBy -V2024RegardingIdentity $RegardingIdentity -V2024AssignedTo $AssignedTo -V2024Count $Count -V2024Limit $Limit -V2024Offset $Offset -V2024Filters $Filters -V2024Sorters $Sorters -V2024RequestState $RequestState  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024AdministratorsAccessRequestStatus"
    Write-Host $_.ErrorDetails
}

[Back to top]

set-access-request-config

This endpoint replaces the current access-request configuration.

Parameters

Param Type	Name	Data Type	Required	Description
Body	AccessRequestConfig	AccessRequestConfig	True

Return type

AccessRequestConfig

Responses

Code	Description	Data Type
200	Access Request Configuration Details.	AccessRequestConfig
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessProfiles401Response
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessProfiles429Response
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto

HTTP request headers

Content-Type: application/json
Accept: application/json

Example

$AccessRequestConfig = @"{
  "requestOnBehalfOfConfig" : {
    "allowRequestOnBehalfOfEmployeeByManager" : true,
    "allowRequestOnBehalfOfAnyoneByAnyone" : true
  },
  "approvalReminderAndEscalationConfig" : {
    "fallbackApproverRef" : {
      "name" : "Alison Ferguso",
      "id" : "5168015d32f890ca15812c9180835d2e",
      "type" : "IDENTITY",
      "email" : "alison.ferguso@identitysoon.com"
    },
    "maxReminders" : 1,
    "daysUntilEscalation" : 0,
    "daysBetweenReminders" : 0
  },
  "autoApprovalEnabled" : true,
  "entitlementRequestConfig" : {
    "requestCommentsRequired" : false,
    "deniedCommentsRequired" : false,
    "allowEntitlementRequest" : true,
    "grantRequestApprovalSchemes" : "entitlementOwner, sourceOwner, manager, workgroup:2c918084660f45d6016617daa9210584"
  },
  "reauthorizationEnabled" : true,
  "approvalsMustBeExternal" : true
}"@
# Update Access Request Configuration
try {
    $Result = ConvertFrom-JsonToAccessRequestConfig -Json $AccessRequestConfig
    Set-V2024AccessRequestConfig-V2024AccessRequestConfig $Result
    
    # Below is a request that includes all optional parameters
    # Set-V2024AccessRequestConfig -V2024AccessRequestConfig $AccessRequestConfig  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2024AccessRequestConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

37 KiB Raw Blame History

AccessRequests

approve-bulk-access-request

Parameters

Return type

Responses

HTTP request headers

Example

cancel-access-request

Parameters

Return type

Responses

HTTP request headers

Example

cancel-access-request-in-bulk

Parameters

Return type

Responses

HTTP request headers

Example

close-access-request

Parameters

Return type

Responses

HTTP request headers

Example

create-access-request

Parameters

Return type

Responses

HTTP request headers

Example

get-access-request-config

Parameters

Return type

Responses

HTTP request headers

Example

list-access-request-status

Parameters

Return type

Responses

HTTP request headers

Example

list-administrators-access-request-status

Parameters

Return type

Responses

HTTP request headers

Example

set-access-request-config

Parameters

Return type

Responses

HTTP request headers

Example

37 KiB

Raw Blame History