mirror of
https://github.com/LukeHagar/developer.sailpoint.com.git
synced 2025-12-09 12:27:47 +00:00
83 lines
48 KiB
Plaintext
83 lines
48 KiB
Plaintext
---
|
|
id: list-entitlements
|
|
sidebar_label: Gets a list of entitlements.
|
|
hide_title: true
|
|
hide_table_of_contents: true
|
|
api: {"operationId":"listEntitlements","tags":["Entitlements"],"description":"This API returns a list of entitlements.\n\nThis API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive).\n\nAny authenticated token can call this API.","parameters":[{"in":"query","name":"account-id","schema":{"type":"string"},"description":"The account ID. If specified, returns only entitlements associated with the given Account. Can not be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).","example":"ef38f94347e94562b5bb8424a56397d8","required":false},{"in":"query","name":"segmented-for-identity","schema":{"type":"string"},"description":"If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCan not be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.","example":"me","required":false},{"in":"query","name":"for-segment-ids","schema":{"type":"string","format":"comma-separated"},"description":"If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCan not be specified with the **account-id** or **segmented-for-identity** param(s).","example":"041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649","required":false},{"in":"query","name":"include-unsegmented","schema":{"type":"boolean","default":true},"description":"Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.","example":true,"required":false},{"in":"query","name":"offset","description":"Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":0,"schema":{"type":"integer","format":"int32","minimum":0,"default":0}},{"in":"query","name":"limit","description":"Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":250,"schema":{"type":"integer","format":"int32","minimum":0,"maximum":250,"default":250}},{"in":"query","name":"count","description":"If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":true,"schema":{"type":"boolean","default":false}},{"in":"query","name":"sorters","schema":{"type":"string","format":"comma-separated"},"description":"Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**","example":"name,-modified","required":false,"style":"form","explode":true},{"in":"query","name":"filters","schema":{"type":"string"},"description":"Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*","example":"attribute eq \"memberOf\"","required":false,"style":"form","explode":true},{"in":"query","name":"cursor","schema":{"type":"string"},"description":"This endpoint supports cursor-based pagination as an alternative to pagination using **limit** and **offset**. Use of cursors is optional but may deliver significantly better performance when paginating over large result sets, particularly when sorting is involved.\n\nTo obtain an initial cursor value, the initial request must be made with **offset=0** and **count=false**, or by omitting those parameters. Other query parameters may be specified on the initial request, to specify filtering and sorting for example. The response to this initial request will provide a cursor value in the **Slpt-Cursor** response header. Thereafter, passing in the last returned value of **Slpt-Cursor** as the value of the **cursor** parameter on the following request will return the next page of results, and so on. The end of the result set is signalled when a request returns without providing a value for **Slpt-Cursor**.\n\nThe **cursor** param is generally incompatible with other parameters; the second and subsequent requests should only pass that parameter and no others. A 400 Bad Request will be returned if any incompatible parameter values are passed along with the **cursor**.\n\nCursors expire after 15 minutes; a 400 Bad Request is returned if an expired value is provided for **cursor**.","example":"9602877a-1c11-4c02-a399-7273ea2158da","required":false}],"responses":{"200":{"description":"List of entitlements","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string","description":"The entitlement id","example":"2c91808874ff91550175097daaec161c"},"name":{"type":"string","description":"The entitlement name","example":"LauncherTestGroup2"},"attribute":{"type":"string","description":"The entitlement attribute name","example":"memberOf"},"value":{"type":"string","description":"The value of the entitlement","example":"CN=LauncherTestGroup2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local"},"sourceSchemaObjectType":{"type":"string","description":"The object type of the entitlement from the source schema","example":"group"},"description":{"type":"string","description":"The description of the entitlement","example":"CN=LauncherTestGroup2,OU=LauncherTestOrg,OU=slpt-automation,DC=TestAutomationAD,DC=local"},"privileged":{"type":"boolean","description":"True if the entitlement is privileged","example":true},"cloudGoverned":{"type":"boolean","description":"True if the entitlement is cloud governed","example":true},"created":{"type":"string","description":"Time when the entitlement was created","format":"date-time","example":"2020-10-08T18:33:52.029Z"},"modified":{"type":"string","description":"Time when the entitlement was last modified","format":"date-time","example":"2020-10-08T18:33:52.029Z"},"source":{"type":"object","properties":{"id":{"type":"string","description":"The source ID","example":"2c9180827ca885d7017ca8ce28a000eb"},"type":{"type":"string","description":"The source type, will always be \"SOURCE\"","example":"SOURCE"},"name":{"type":"string","description":"The source name","example":"ODS-AD-Source"}},"example":[{"type":"SOURCE","id":"2c9180835d191a86015d28455b4b232a","name":"HR Active Directory"}]},"attributes":{"type":"object","description":"A map of free-form key-value pairs from the source system","example":{"fieldName":"fieldValue"},"additionalProperties":true},"segments":{"type":"array","items":{"type":"string"},"nullable":true,"description":"List of IDs of segments, if any, to which this Entitlement is assigned.","example":["f7b1b8a3-5fed-4fd4-ad29-82014e137e19","29cb6c06-1da8-43ea-8be4-b3125f248f2a"]},"directPermissions":{"type":"array","items":{"type":"object","description":"Simplified DTO for the Permission objects stored in SailPoint's database. The data is aggregated from customer systems and is free-form, so its appearance can vary largely between different clients/customers.","properties":{"rights":{"type":"array","description":"All the rights (e.g. actions) that this permission allows on the target","readOnly":true,"items":{"type":"string","example":"SELECT"}},"target":{"type":"string","description":"The target the permission would grants rights on.","readOnly":true,"example":"SYS.GV_$TRANSACTION"}}}}}}}}}},"400":{"description":"Client Error - Returned if the request body is invalid.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}}}}},"401":{"description":"Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"description":"A message describing the error","example":"JWT validation failed: JWT is expired"}}}}}},"403":{"description":"Forbidden - Returned if the user you are running as, doesn't have access to this end-point.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"403":{"summary":"An example of a 403 response object","value":{"detailCode":"403 Forbidden","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"The server understood the request but refuses to authorize it."}]}}}}}},"429":{"description":"Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"description":"A message describing the error","example":" Rate Limit Exceeded "}}}}}},"500":{"description":"Internal Server Error - Returned if there is an unexpected error.","content":{"application/json":{"schema":{"type":"object","properties":{"detailCode":{"type":"string","description":"Fine-grained error code providing more detail of the error.","example":"400.1 Bad Request Content"},"trackingId":{"type":"string","description":"Unique tracking id for the error.","example":"e7eab60924f64aa284175b9fa3309599"},"messages":{"type":"array","description":"Generic localized reason for error","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}},"causes":{"type":"array","description":"Plain-text descriptive reasons to provide additional detail to the text provided in the messages field","items":{"type":"object","properties":{"locale":{"type":"string","description":"The locale for the message text, a BCP 47 language tag.","example":"en-US"},"localeOrigin":{"type":"string","enum":["DEFAULT","REQUEST"],"description":"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice.","example":"DEFAULT"},"text":{"type":"string","description":"Actual text of the error message in the indicated locale.","example":"The request was syntactically correct but its content is semantically invalid."}}}}}},"examples":{"500":{"summary":"An example of a 500 response object","value":{"detailCode":"500.0 Internal Fault","trackingId":"b21b1f7ce4da4d639f2c62a57171b427","messages":[{"locale":"en-US","localeOrigin":"DEFAULT","text":"An internal fault occurred."}]}}}}}}},"method":"get","path":"/entitlements","servers":[{"url":"https://{tenant}.api.identitynow.com/beta","description":"This is the beta API server.","variables":{"tenant":{"default":"sailpoint","description":"This is the name of your tenant, typically your company's name."}}}],"security":[{"oauth2":[]}],"securitySchemes":{"oauth2":{"type":"oauth2","description":"OAuth2 Bearer token (JWT). See [IdentityNow REST API Authentication](https://developer.sailpoint.com/docs/authentication.html) for more information.\n- Directions for generating a [personal access token](https://developer.sailpoint.com/docs/authentication.html#personal-access-tokens)\n- Directions using [client credentials flow](https://developer.sailpoint.com/docs/authentication.html#client-credentials-grant-flow)\n- Directions for using [authorization code flow](https://developer.sailpoint.com/docs/authentication.html#authorization-code-grant-flow)\n\nWhich authentication method should I choose? See our [guide](https://developer.sailpoint.com/docs/authentication.html#which-oauth-2-0-grant-flow-should-i-use)\n\nLearn more about how to find your `tokenUrl` and `authorizationUrl` [in our docs](https://developer.sailpoint.com/docs/authentication.html#finding-your-tenant-s-oauth-details)\n","flows":{"clientCredentials":{"tokenUrl":"https://tenant.api.identitynow.com/oauth/token","scopes":{"sp:scopes:default":"default scope","sp:scopes:all":"access to all scopes"}},"authorizationCode":{"authorizationUrl":"https://tenant.identitynow.com/oauth/authorize","tokenUrl":"https://tenant.api.identitynow.com/oauth/token","scopes":{"sp:scopes:default":"default scope","sp:scopes:all":"access to all scopes"}}}}},"info":{"contact":{"email":"developers@sailpoint.com","name":"Developer Relations","url":"https://developer.sailpoint.com/discuss"},"description":"These are the public, beta APIs for SailPoint's SaaS services and are subject to change.","title":"SailPoint - Beta SaaS API","version":"3.1.0-beta"},"postman":{"name":"Gets a list of entitlements.","description":{"content":"This API returns a list of entitlements.\n\nThis API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive).\n\nAny authenticated token can call this API.","type":"text/plain"},"url":{"path":["entitlements"],"host":["{{baseUrl}}"],"query":[{"disabled":false,"description":{"content":"The account ID. If specified, returns only entitlements associated with the given Account. Can not be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).","type":"text/plain"},"key":"account-id","value":""},{"disabled":false,"description":{"content":"If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCan not be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.","type":"text/plain"},"key":"segmented-for-identity","value":""},{"disabled":false,"description":{"content":"If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCan not be specified with the **account-id** or **segmented-for-identity** param(s).","type":"text/plain"},"key":"for-segment-ids","value":""},{"disabled":false,"description":{"content":"Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.","type":"text/plain"},"key":"include-unsegmented","value":""},{"disabled":false,"description":{"content":"Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","type":"text/plain"},"key":"offset","value":""},{"disabled":false,"description":{"content":"Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","type":"text/plain"},"key":"limit","value":""},{"disabled":false,"description":{"content":"If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","type":"text/plain"},"key":"count","value":""},{"disabled":false,"description":{"content":"Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**","type":"text/plain"},"key":"sorters","value":""},{"disabled":false,"description":{"content":"Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*","type":"text/plain"},"key":"filters","value":""},{"disabled":false,"description":{"content":"This endpoint supports cursor-based pagination as an alternative to pagination using **limit** and **offset**. Use of cursors is optional but may deliver significantly better performance when paginating over large result sets, particularly when sorting is involved.\n\nTo obtain an initial cursor value, the initial request must be made with **offset=0** and **count=false**, or by omitting those parameters. Other query parameters may be specified on the initial request, to specify filtering and sorting for example. The response to this initial request will provide a cursor value in the **Slpt-Cursor** response header. Thereafter, passing in the last returned value of **Slpt-Cursor** as the value of the **cursor** parameter on the following request will return the next page of results, and so on. The end of the result set is signalled when a request returns without providing a value for **Slpt-Cursor**.\n\nThe **cursor** param is generally incompatible with other parameters; the second and subsequent requests should only pass that parameter and no others. A 400 Bad Request will be returned if any incompatible parameter values are passed along with the **cursor**.\n\nCursors expire after 15 minutes; a 400 Bad Request is returned if an expired value is provided for **cursor**.","type":"text/plain"},"key":"cursor","value":""}],"variable":[]},"header":[{"key":"Accept","value":"application/json"}],"method":"GET"}}
|
|
sidebar_class_name: "get api-method"
|
|
info_path: docs/sailpoint-api-beta/sail-point-beta-saa-s-api
|
|
---
|
|
|
|
import ApiTabs from "@theme/ApiTabs";
|
|
import MimeTabs from "@theme/MimeTabs";
|
|
import ParamsItem from "@theme/ParamsItem";
|
|
import ResponseSamples from "@theme/ResponseSamples";
|
|
import SchemaItem from "@theme/SchemaItem"
|
|
import SchemaTabs from "@theme/SchemaTabs";
|
|
import DiscriminatorTabs from "@theme/DiscriminatorTabs";
|
|
import TabItem from "@theme/TabItem";
|
|
|
|
## Gets a list of entitlements.
|
|
|
|
|
|
|
|
This API returns a list of entitlements.
|
|
|
|
This API can be used in one of the two following ways: either getting entitlements for a specific **account-id**, or getting via use of **filters** (those two options are exclusive).
|
|
|
|
Any authenticated token can call this API.
|
|
|
|
<details style={{"marginBottom":"1rem"}} data-collapsed={false} open={true}><summary style={{}}><strong>Query Parameters</strong></summary><div><ul><ParamsItem className={"paramsItem"} param={{"in":"query","name":"account-id","schema":{"type":"string"},"description":"The account ID. If specified, returns only entitlements associated with the given Account. Can not be specified with the **filters**, **segmented-for-identity**, **for-segment-ids**, or **include-unsegmented** param(s).","example":"ef38f94347e94562b5bb8424a56397d8","required":false}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"segmented-for-identity","schema":{"type":"string"},"description":"If present and not empty, additionally filters Entitlements to those which are assigned to the Segment(s) which are visible to the Identity with the specified ID. By convention, the value **me** can stand in for the current user's Identity ID.\nCan not be specified with the **account-id** or **for-segment-ids** param(s). It is also illegal to specify a value that refers to a different user's Identity.","example":"me","required":false}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"for-segment-ids","schema":{"type":"string","format":"comma-separated"},"description":"If present and not empty, additionally filters Access Profiles to those which are assigned to the Segment(s) with the specified IDs.\nCan not be specified with the **account-id** or **segmented-for-identity** param(s).","example":"041727d4-7d95-4779-b891-93cf41e98249,a378c9fa-bae5-494c-804e-a1e30f69f649","required":false}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"include-unsegmented","schema":{"type":"boolean","default":true},"description":"Whether or not the response list should contain unsegmented Entitlements. If **for-segment-ids** and **segmented-for-identity** are both absent or empty, specifying **include-unsegmented=false** results in an error.","example":true,"required":false}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"offset","description":"Offset into the full result set. Usually specified with *limit* to paginate through the results.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":0,"schema":{"type":"integer","format":"int32","minimum":0,"default":0}}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"limit","description":"Max number of results to return.\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":250,"schema":{"type":"integer","format":"int32","minimum":0,"maximum":250,"default":250}}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"count","description":"If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.\n\nSince requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.\n\nSee [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html) for more information.","required":false,"example":true,"schema":{"type":"boolean","default":false}}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"sorters","schema":{"type":"string","format":"comma-separated"},"description":"Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\nSorting is supported for the following fields: **id, name, created, modified, type, attribute, value, source.id**","example":"name,-modified","required":false,"style":"form","explode":true}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"filters","schema":{"type":"string"},"description":"Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/docs/standard_collection_parameters.html)\nFiltering is supported for the following fields and operators:\n\n**id**: *eq, in*\n\n**name**: *eq, in, sw*\n\n**type**: *eq, in*\n\n**attribute**: *eq, in*\n\n**value**: *eq, in, sw*\n\n**source.id**: *eq, in*\n\n**requestable**: *eq*","example":"attribute eq \"memberOf\"","required":false,"style":"form","explode":true}}></ParamsItem><ParamsItem className={"paramsItem"} param={{"in":"query","name":"cursor","schema":{"type":"string"},"description":"This endpoint supports cursor-based pagination as an alternative to pagination using **limit** and **offset**. Use of cursors is optional but may deliver significantly better performance when paginating over large result sets, particularly when sorting is involved.\n\nTo obtain an initial cursor value, the initial request must be made with **offset=0** and **count=false**, or by omitting those parameters. Other query parameters may be specified on the initial request, to specify filtering and sorting for example. The response to this initial request will provide a cursor value in the **Slpt-Cursor** response header. Thereafter, passing in the last returned value of **Slpt-Cursor** as the value of the **cursor** parameter on the following request will return the next page of results, and so on. The end of the result set is signalled when a request returns without providing a value for **Slpt-Cursor**.\n\nThe **cursor** param is generally incompatible with other parameters; the second and subsequent requests should only pass that parameter and no others. A 400 Bad Request will be returned if any incompatible parameter values are passed along with the **cursor**.\n\nCursors expire after 15 minutes; a 400 Bad Request is returned if an expired value is provided for **cursor**.","example":"9602877a-1c11-4c02-a399-7273ea2158da","required":false}}></ParamsItem></ul></div></details><div><ApiTabs><TabItem label={"200"} value={"200"}><div>
|
|
|
|
List of entitlements
|
|
|
|
</div><div><MimeTabs groupId={"mime-type"}><TabItem label={"application/json"} value={"application/json"}><SchemaTabs groupId={"schema-tabs"}><TabItem label={"Schema"} value={"Schema"}><details style={{}} data-collapsed={false} open={true}><summary style={{"textAlign":"left"}}><strong>Schema</strong><span style={{"opacity":"0.6"}}> array</span></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"id"} required={false} schemaDescription={"The entitlement id"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"name"} required={false} schemaDescription={"The entitlement name"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"attribute"} required={false} schemaDescription={"The entitlement attribute name"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"value"} required={false} schemaDescription={"The value of the entitlement"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"sourceSchemaObjectType"} required={false} schemaDescription={"The object type of the entitlement from the source schema"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"description"} required={false} schemaDescription={"The description of the entitlement"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"privileged"} required={false} schemaDescription={"True if the entitlement is privileged"} schemaName={"boolean"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"cloudGoverned"} required={false} schemaDescription={"True if the entitlement is cloud governed"} schemaName={"boolean"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"created"} required={false} schemaDescription={"Time when the entitlement was created"} schemaName={"date-time"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"modified"} required={false} schemaDescription={"Time when the entitlement was last modified"} schemaName={"date-time"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>source</strong><span style={{"opacity":"0.6"}}> object</span></summary><div style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"id"} required={false} schemaDescription={"The source ID"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"type"} required={false} schemaDescription={"The source type, will always be \"SOURCE\""} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"name"} required={false} schemaDescription={"The source name"} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>attributes</strong><span style={{"opacity":"0.6"}}> object</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
A map of free-form key-value pairs from the source system
|
|
|
|
</div></div></details></SchemaItem><SchemaItem collapsible={false} name={"segments"} required={false} schemaDescription={"List of IDs of segments, if any, to which this Entitlement is assigned."} schemaName={"string[]"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>directPermissions</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"rights"} required={false} schemaDescription={"All the rights (e.g. actions) that this permission allows on the target"} schemaName={"string[]"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"target"} required={false} schemaDescription={"The target the permission would grants rights on."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem></ul></details></TabItem></SchemaTabs></TabItem></MimeTabs></div></TabItem><TabItem label={"400"} value={"400"}><div>
|
|
|
|
Client Error - Returned if the request body is invalid.
|
|
|
|
</div><div><MimeTabs groupId={"mime-type"}><TabItem label={"application/json"} value={"application/json"}><SchemaTabs groupId={"schema-tabs"}><TabItem label={"Schema"} value={"Schema"}><details style={{}} data-collapsed={false} open={true}><summary style={{"textAlign":"left"}}><strong>Schema</strong></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"detailCode"} required={false} schemaDescription={"Fine-grained error code providing more detail of the error."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"trackingId"} required={false} schemaDescription={"Unique tracking id for the error."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>messages</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
Generic localized reason for error
|
|
|
|
</div><SchemaItem collapsible={false} name={"locale"} required={false} schemaDescription={"The locale for the message text, a BCP 47 language tag."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"localeOrigin"} required={false} schemaDescription={"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice."} schemaName={"string"} qualifierMessage={"**Possible values:** [`DEFAULT`, `REQUEST`]"} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"text"} required={false} schemaDescription={"Actual text of the error message in the indicated locale."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>causes</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
|
|
|
|
</div><SchemaItem collapsible={false} name={"locale"} required={false} schemaDescription={"The locale for the message text, a BCP 47 language tag."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"localeOrigin"} required={false} schemaDescription={"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice."} schemaName={"string"} qualifierMessage={"**Possible values:** [`DEFAULT`, `REQUEST`]"} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"text"} required={false} schemaDescription={"Actual text of the error message in the indicated locale."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem></ul></details></TabItem></SchemaTabs></TabItem></MimeTabs></div></TabItem><TabItem label={"401"} value={"401"}><div>
|
|
|
|
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
|
|
|
|
</div><div><MimeTabs groupId={"mime-type"}><TabItem label={"application/json"} value={"application/json"}><SchemaTabs groupId={"schema-tabs"}><TabItem label={"Schema"} value={"Schema"}><details style={{}} data-collapsed={false} open={true}><summary style={{"textAlign":"left"}}><strong>Schema</strong></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"error"} required={false} schemaDescription={"A message describing the error"} schemaName={""} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></ul></details></TabItem></SchemaTabs></TabItem></MimeTabs></div></TabItem><TabItem label={"403"} value={"403"}><div>
|
|
|
|
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
|
|
|
|
</div><div><MimeTabs groupId={"mime-type"}><TabItem label={"application/json"} value={"application/json"}><SchemaTabs groupId={"schema-tabs"}><TabItem label={"Schema"} value={"Schema"}><details style={{}} data-collapsed={false} open={true}><summary style={{"textAlign":"left"}}><strong>Schema</strong></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"detailCode"} required={false} schemaDescription={"Fine-grained error code providing more detail of the error."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"trackingId"} required={false} schemaDescription={"Unique tracking id for the error."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>messages</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
Generic localized reason for error
|
|
|
|
</div><SchemaItem collapsible={false} name={"locale"} required={false} schemaDescription={"The locale for the message text, a BCP 47 language tag."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"localeOrigin"} required={false} schemaDescription={"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice."} schemaName={"string"} qualifierMessage={"**Possible values:** [`DEFAULT`, `REQUEST`]"} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"text"} required={false} schemaDescription={"Actual text of the error message in the indicated locale."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>causes</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
|
|
|
|
</div><SchemaItem collapsible={false} name={"locale"} required={false} schemaDescription={"The locale for the message text, a BCP 47 language tag."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"localeOrigin"} required={false} schemaDescription={"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice."} schemaName={"string"} qualifierMessage={"**Possible values:** [`DEFAULT`, `REQUEST`]"} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"text"} required={false} schemaDescription={"Actual text of the error message in the indicated locale."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem></ul></details></TabItem><TabItem label={"403"} value={"403"}><ResponseSamples responseExample={"{\n \"detailCode\": \"403 Forbidden\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"The server understood the request but refuses to authorize it.\"\n }\n ]\n}"}></ResponseSamples></TabItem></SchemaTabs></TabItem></MimeTabs></div></TabItem><TabItem label={"429"} value={"429"}><div>
|
|
|
|
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
|
|
|
|
</div><div><MimeTabs groupId={"mime-type"}><TabItem label={"application/json"} value={"application/json"}><SchemaTabs groupId={"schema-tabs"}><TabItem label={"Schema"} value={"Schema"}><details style={{}} data-collapsed={false} open={true}><summary style={{"textAlign":"left"}}><strong>Schema</strong></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"message"} required={false} schemaDescription={"A message describing the error"} schemaName={""} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></ul></details></TabItem></SchemaTabs></TabItem></MimeTabs></div></TabItem><TabItem label={"500"} value={"500"}><div>
|
|
|
|
Internal Server Error - Returned if there is an unexpected error.
|
|
|
|
</div><div><MimeTabs groupId={"mime-type"}><TabItem label={"application/json"} value={"application/json"}><SchemaTabs groupId={"schema-tabs"}><TabItem label={"Schema"} value={"Schema"}><details style={{}} data-collapsed={false} open={true}><summary style={{"textAlign":"left"}}><strong>Schema</strong></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"detailCode"} required={false} schemaDescription={"Fine-grained error code providing more detail of the error."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"trackingId"} required={false} schemaDescription={"Unique tracking id for the error."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>messages</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
Generic localized reason for error
|
|
|
|
</div><SchemaItem collapsible={false} name={"locale"} required={false} schemaDescription={"The locale for the message text, a BCP 47 language tag."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"localeOrigin"} required={false} schemaDescription={"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice."} schemaName={"string"} qualifierMessage={"**Possible values:** [`DEFAULT`, `REQUEST`]"} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"text"} required={false} schemaDescription={"Actual text of the error message in the indicated locale."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}}><summary style={{}}><strong>causes</strong><span style={{"opacity":"0.6"}}> object[]</span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>
|
|
|
|
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
|
|
|
|
</div><SchemaItem collapsible={false} name={"locale"} required={false} schemaDescription={"The locale for the message text, a BCP 47 language tag."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"localeOrigin"} required={false} schemaDescription={"An indicator of how the locale was selected. *DEFAULT* means the locale is the system default. *REQUEST* means the locale was selected from the request context (i.e., best match based on the *Accept-Language* header). Additional values may be added in the future without notice."} schemaName={"string"} qualifierMessage={"**Possible values:** [`DEFAULT`, `REQUEST`]"} defaultValue={undefined}></SchemaItem><SchemaItem collapsible={false} name={"text"} required={false} schemaDescription={"Actual text of the error message in the indicated locale."} schemaName={"string"} qualifierMessage={undefined} defaultValue={undefined}></SchemaItem></div></details></SchemaItem></ul></details></TabItem><TabItem label={"500"} value={"500"}><ResponseSamples responseExample={"{\n \"detailCode\": \"500.0 Internal Fault\",\n \"trackingId\": \"b21b1f7ce4da4d639f2c62a57171b427\",\n \"messages\": [\n {\n \"locale\": \"en-US\",\n \"localeOrigin\": \"DEFAULT\",\n \"text\": \"An internal fault occurred.\"\n }\n ]\n}"}></ResponseSamples></TabItem></SchemaTabs></TabItem></MimeTabs></div></TabItem></ApiTabs></div>
|
|
|