developer.sailpoint.com/docs/tools/sdk/python/Reference/Beta/Methods/IAIRoleMiningApi.md

id, title, pagination_label, sidebar_label, sidebar_class_name, keywords, slug, tags

id	title	pagination_label	sidebar_label	sidebar_class_name	keywords	slug	tags
beta-iai-role-mining	IAI_Role_Mining	IAI_Role_Mining	IAI_Role_Mining	pythonsdk	python Python sdk IAI_Role_Mining BetaIAI_Role_Mining	/tools/sdk/python/beta/methods/iai-role-mining	SDK Software Development Kit IAI_Role_Mining BetaIAI_Role_Mining

sailpoint.beta.IAIRoleMiningApi

All URIs are relative to https://sailpoint.api.identitynow.com/beta

Method	HTTP request	Description
create-potential-role-provision-request	POST /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/provision	Create request to provision a potential role into an actual role.
create-role-mining-sessions	POST /role-mining-sessions	Create a role mining session
download-role-mining-potential-role-zip	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}/download	Export (download) details for a potential role in a role mining session
export-role-mining-potential-role	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export	Export (download) details for a potential role in a role mining session
export-role-mining-potential-role-async	POST /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async	Asynchronously export details for a potential role in a role mining session and upload to S3
export-role-mining-potential-role-status	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}	Retrieve status of a potential role export job
get-all-potential-role-summaries	GET /role-mining-potential-roles	Retrieves all potential role summaries
get-entitlement-distribution-potential-role	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularity-distribution	Retrieves entitlement popularity distribution for a potential role in a role mining session
get-entitlements-potential-role	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularities	Retrieves entitlements for a potential role in a role mining session
get-excluded-entitlements-potential-role	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/excluded-entitlements	Retrieves excluded entitlements for a potential role in a role mining session
get-identities-potential-role	GET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/identities	Retrieves identities for a potential role in a role mining session
get-potential-role	GET /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}	Retrieve potential role in session
get-potential-role-applications	GET /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/applications	Retrieves the applications of a potential role for a role mining session
get-potential-role-entitlements	GET /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/entitlements	Retrieves the entitlements of a potential role for a role mining session
get-potential-role-source-identity-usage	GET /role-mining-potential-roles/{potentialRoleId}/sources/{sourceId}/identityUsage	Retrieves potential role source usage
get-potential-role-summaries	GET /role-mining-sessions/{sessionId}/potential-role-summaries	Retrieve session's potential role summaries
get-role-mining-potential-role	GET /role-mining-potential-roles/{potentialRoleId}	Retrieves a specific potential role
get-role-mining-session	GET /role-mining-sessions/{sessionId}	Get a role mining session
get-role-mining-session-status	GET /role-mining-sessions/{sessionId}/status	Get role mining session status state
get-role-mining-sessions	GET /role-mining-sessions	Retrieves all role mining sessions
get-saved-potential-roles	GET /role-mining-potential-roles/saved	Retrieves all saved potential roles
patch-potential-role	PATCH /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}	Update a potential role in session
patch-role-mining-potential-role	PATCH /role-mining-potential-roles/{potentialRoleId}	Update a potential role
patch-role-mining-session	PATCH /role-mining-sessions/{sessionId}	Patch a role mining session
update-entitlements-potential-role	POST /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/edit-entitlements	Edit entitlements for a potential role to exclude some entitlements

create-potential-role-provision-request

Create request to provision a potential role into an actual role. This method starts a job to provision a potential role

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	min_entitlement_popularity	int	(optional) (default to 0)	Minimum popularity required for an entitlement to be included in the provisioned role.
Query	include_common_access	bool	(optional) (default to True)	Boolean determining whether common access entitlements will be included in the provisioned role.
Body	role_mining_potential_role_provision_request	RoleMiningPotentialRoleProvisionRequest	(optional)	Required information to create a new role

Return type

RoleMiningPotentialRoleSummary

Responses

Code	Description	Data Type	Response headers
202	Accepted. Returns a potential role summary including the status of the provison request	RoleMiningPotentialRoleSummary	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_provision_request import RoleMiningPotentialRoleProvisionRequest
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    min_entitlement_popularity = 0 # int | Minimum popularity required for an entitlement to be included in the provisioned role. (optional) (default to 0) # int | Minimum popularity required for an entitlement to be included in the provisioned role. (optional) (default to 0)
    include_common_access = True # bool | Boolean determining whether common access entitlements will be included in the provisioned role. (optional) (default to True) # bool | Boolean determining whether common access entitlements will be included in the provisioned role. (optional) (default to True)
    role_mining_potential_role_provision_request = {
          "includeIdentities" : true,
          "roleName" : "Finance - Accounting",
          "ownerId" : "2b568c65bc3c4c57a43bd97e3a8e41",
          "roleDescription" : "General access for accounting department",
          "directlyAssignedEntitlements" : false
        } # RoleMiningPotentialRoleProvisionRequest | Required information to create a new role (optional)

    try:
        # Create request to provision a potential role into an actual role.
        
        api_response = api_instance.create_potential_role_provision_request(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.create_potential_role_provision_request(session_id, potential_role_id, min_entitlement_popularity, include_common_access, Result)
        print("The response of IAIRoleMiningApi->create_potential_role_provision_request:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->create_potential_role_provision_request: %s\n" % e)

[Back to top]

create-role-mining-sessions

Create a role mining session This submits a create role mining session request to the role mining application.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Body	role_mining_session_dto	RoleMiningSessionDto	True	Role mining session parameters

Return type

RoleMiningSessionResponse

Responses

Code	Description	Data Type	Response headers
201	Submitted a role mining session request	RoleMiningSessionResponse	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_session_dto import RoleMiningSessionDto
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.beta.rest import ApiException
from pprint import pprint

    role_mining_session_dto = {
          "emailRecipientId" : "2c918090761a5aac0176215c46a62d58",
          "prescribedPruneThreshold" : 10,
          "pruneThreshold" : 50,
          "saved" : true,
          "potentialRolesReadyCount" : 0,
          "scope" : {
            "identityIds" : [ "2c918090761a5aac0176215c46a62d58", "2c918090761a5aac01722015c46a62d42" ],
            "attributeFilterCriteria" : {
              "displayName" : {
                "untranslated" : "Location: Miami"
              },
              "ariaLabel" : {
                "untranslated" : "Location: Miami"
              },
              "data" : {
                "displayName" : {
                  "translateKey" : "IDN.IDENTITY_ATTRIBUTES.LOCATION"
                },
                "name" : "location",
                "operator" : "EQUALS",
                "values" : [ "Miami" ]
              }
            },
            "criteria" : "source.name:DataScienceDataset"
          },
          "potentialRoleCount" : 0,
          "name" : "Saved RM Session - 07/10",
          "minNumIdentitiesInPotentialRole" : 20,
          "identityCount" : 0,
          "type" : "SPECIALIZED"
        } # RoleMiningSessionDto | Role mining session parameters

    try:
        # Create a role mining session
        Result = role_mining_session_dto.from_json(role_mining_session_dto)
        api_response = api_instance.create_role_mining_sessions(Result)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.create_role_mining_sessions(Result)
        print("The response of IAIRoleMiningApi->create_role_mining_sessions:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->create_role_mining_sessions: %s\n" % e)

[Back to top]

download-role-mining-potential-role-zip

Export (download) details for a potential role in a role mining session This endpoint downloads a completed export of information for a potential role in a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Path	export_id	str	True	The id of a previously run export job for this potential role

Return type

bytearray

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.	bytearray	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/zip, application/json

Example

import sailpoint.beta
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '278359a6-04b7-4669-9468-924cf580964a' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    export_id = '4940ffd4-836f-48a3-b2b0-6d498c3fdf40' # str | The id of a previously run export job for this potential role # str | The id of a previously run export job for this potential role

    try:
        # Export (download) details for a potential role in a role mining session
        
        api_response = api_instance.download_role_mining_potential_role_zip(session_id, potential_role_id, export_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.download_role_mining_potential_role_zip(session_id, potential_role_id, export_id)
        print("The response of IAIRoleMiningApi->download_role_mining_potential_role_zip:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->download_role_mining_potential_role_zip: %s\n" % e)

[Back to top]

export-role-mining-potential-role

Export (download) details for a potential role in a role mining session This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session

Return type

bytearray

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.	bytearray	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/zip, application/json

Example

import sailpoint.beta
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session

    try:
        # Export (download) details for a potential role in a role mining session
        
        api_response = api_instance.export_role_mining_potential_role(session_id, potential_role_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.export_role_mining_potential_role(session_id, potential_role_id)
        print("The response of IAIRoleMiningApi->export_role_mining_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role: %s\n" % e)

[Back to top]

export-role-mining-potential-role-async

Asynchronously export details for a potential role in a role mining session and upload to S3 This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Body	role_mining_potential_role_export_request	RoleMiningPotentialRoleExportRequest	(optional)

Return type

RoleMiningPotentialRoleExportResponse

Responses

Code	Description	Data Type	Response headers
202	Job Submitted. Returns a reportId that can be used to download the zip once complete	RoleMiningPotentialRoleExportResponse	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_export_request import RoleMiningPotentialRoleExportRequest
from sailpoint.beta.models.role_mining_potential_role_export_response import RoleMiningPotentialRoleExportResponse
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '278359a6-04b7-4669-9468-924cf580964a' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    role_mining_potential_role_export_request = {
          "minEntitlementPopularity" : 0,
          "includeCommonAccess" : true
        } # RoleMiningPotentialRoleExportRequest |  (optional)

    try:
        # Asynchronously export details for a potential role in a role mining session and upload to S3
        
        api_response = api_instance.export_role_mining_potential_role_async(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.export_role_mining_potential_role_async(session_id, potential_role_id, Result)
        print("The response of IAIRoleMiningApi->export_role_mining_potential_role_async:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role_async: %s\n" % e)

[Back to top]

export-role-mining-potential-role-status

Retrieve status of a potential role export job This endpoint retrieves information about the current status of a potential role export.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Path	export_id	str	True	The id of a previously run export job for this potential role

Return type

RoleMiningPotentialRoleExportResponse

Responses

Code	Description	Data Type	Response headers
200	Success. Returns the current status of this export	RoleMiningPotentialRoleExportResponse	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_export_response import RoleMiningPotentialRoleExportResponse
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '278359a6-04b7-4669-9468-924cf580964a' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    export_id = '4940ffd4-836f-48a3-b2b0-6d498c3fdf40' # str | The id of a previously run export job for this potential role # str | The id of a previously run export job for this potential role

    try:
        # Retrieve status of a potential role export job
        
        api_response = api_instance.export_role_mining_potential_role_status(session_id, potential_role_id, export_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.export_role_mining_potential_role_status(session_id, potential_role_id, export_id)
        print("The response of IAIRoleMiningApi->export_role_mining_potential_role_status:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role_status: %s\n" % e)

[Back to top]

get-all-potential-role-summaries

Retrieves all potential role summaries Returns all potential role summaries that match the query parameters

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate, identityCount, entitlementCount, freshness, quality
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, co createdByName: eq, sw, co description: sw, co endDate: le, lt freshness: eq, ge, gt, le, lt name: eq, sw, co, ge, gt, le, lt quality: eq, ge, gt, le, lt startDate: ge, gt saved: eq type: eq, ge, gt, le, lt scopingMethod: eq sessionState: eq identityAttribute: co
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleSummary]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns all potential role summaries that match the query parameters.	List[RoleMiningPotentialRoleSummary]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.beta.rest import ApiException
from pprint import pprint

    sorters = 'createdDate' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality** (optional)
    filters = '(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **createdById**: *eq, sw, co*  **createdByName**: *eq, sw, co*  **description**: *sw, co*  **endDate**: *le, lt*  **freshness**: *eq, ge, gt, le, lt*  **name**: *eq, sw, co, ge, gt, le, lt*  **quality**: *eq, ge, gt, le, lt*  **startDate**: *ge, gt*  **saved**: *eq*  **type**: *eq, ge, gt, le, lt*  **scopingMethod**: *eq*  **sessionState**: *eq*  **identityAttribute**: *co* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **createdById**: *eq, sw, co*  **createdByName**: *eq, sw, co*  **description**: *sw, co*  **endDate**: *le, lt*  **freshness**: *eq, ge, gt, le, lt*  **name**: *eq, sw, co, ge, gt, le, lt*  **quality**: *eq, ge, gt, le, lt*  **startDate**: *ge, gt*  **saved**: *eq*  **type**: *eq, ge, gt, le, lt*  **scopingMethod**: *eq*  **sessionState**: *eq*  **identityAttribute**: *co* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves all potential role summaries
        
        api_response = api_instance.get_all_potential_role_summaries()
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_all_potential_role_summaries(sorters, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_all_potential_role_summaries:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_all_potential_role_summaries: %s\n" % e)

[Back to top]

get-entitlement-distribution-potential-role

Retrieves entitlement popularity distribution for a potential role in a role mining session This method returns entitlement popularity distribution for a potential role in a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	include_common_access	bool	(optional)	Boolean determining whether common access entitlements will be included or not

Return type

Dict[str, int]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a map containing entitlement popularity distribution for a potential role.	Dict[str, int]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    include_common_access = True # bool | Boolean determining whether common access entitlements will be included or not (optional) # bool | Boolean determining whether common access entitlements will be included or not (optional)

    try:
        # Retrieves entitlement popularity distribution for a potential role in a role mining session
        
        api_response = api_instance.get_entitlement_distribution_potential_role(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_entitlement_distribution_potential_role(session_id, potential_role_id, include_common_access)
        print("The response of IAIRoleMiningApi->get_entitlement_distribution_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_entitlement_distribution_potential_role: %s\n" % e)

[Back to top]

get-entitlements-potential-role

Retrieves entitlements for a potential role in a role mining session This method returns entitlements for a potential role in a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	include_common_access	bool	(optional) (default to True)	Boolean determining whether common access entitlements will be included or not
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity, entitlementName, applicationName The default sort is popularity in descending order.
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw entitlementRef.name: sw
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningEntitlement]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of entitlements for a potential role.	List[RoleMiningEntitlement]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_entitlement import RoleMiningEntitlement
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    include_common_access = True # bool | Boolean determining whether common access entitlements will be included or not (optional) (default to True) # bool | Boolean determining whether common access entitlements will be included or not (optional) (default to True)
    sorters = 'popularity' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **popularity, entitlementName, applicationName**  The default sort is **popularity** in descending order.  (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **popularity, entitlementName, applicationName**  The default sort is **popularity** in descending order.  (optional)
    filters = 'applicationName sw \"AD\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **applicationName**: *sw*  **entitlementRef.name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **applicationName**: *sw*  **entitlementRef.name**: *sw* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves entitlements for a potential role in a role mining session
        
        api_response = api_instance.get_entitlements_potential_role(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_entitlements_potential_role(session_id, potential_role_id, include_common_access, sorters, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_entitlements_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_entitlements_potential_role: %s\n" % e)

[Back to top]

get-excluded-entitlements-potential-role

Retrieves excluded entitlements for a potential role in a role mining session This method returns excluded entitlements for a potential role in a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw entitlementRef.name: sw
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningEntitlement]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of excluded entitlements for a potential roles.	List[RoleMiningEntitlement]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_entitlement import RoleMiningEntitlement
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    sorters = 'populariity' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **popularity** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **popularity** (optional)
    filters = 'applicationName sw \"AD\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **applicationName**: *sw*  **entitlementRef.name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **applicationName**: *sw*  **entitlementRef.name**: *sw* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves excluded entitlements for a potential role in a role mining session
        
        api_response = api_instance.get_excluded_entitlements_potential_role(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_excluded_entitlements_potential_role(session_id, potential_role_id, sorters, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_excluded_entitlements_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_excluded_entitlements_potential_role: %s\n" % e)

[Back to top]

get-identities-potential-role

Retrieves identities for a potential role in a role mining session This method returns identities for a potential role in a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningIdentity]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of identities for a potential role.	List[RoleMiningIdentity]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_identity import RoleMiningIdentity
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    sorters = 'name' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name** (optional)
    filters = 'filters_example' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **name**: *sw* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves identities for a potential role in a role mining session
        
        api_response = api_instance.get_identities_potential_role(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_identities_potential_role(session_id, potential_role_id, sorters, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_identities_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_identities_potential_role: %s\n" % e)

[Back to top]

get-potential-role

Retrieve potential role in session This method returns a specific potential role for a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session

Return type

RoleMiningPotentialRole

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of potential roles for a role mining session.	RoleMiningPotentialRole	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session

    try:
        # Retrieve potential role in session
        
        api_response = api_instance.get_potential_role(session_id, potential_role_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_potential_role(session_id, potential_role_id)
        print("The response of IAIRoleMiningApi->get_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_potential_role: %s\n" % e)

[Back to top]

get-potential-role-applications

Retrieves the applications of a potential role for a role mining session This method returns the applications of a potential role for a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleApplication]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of potential roles for a role mining session.	List[RoleMiningPotentialRoleApplication]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_application import RoleMiningPotentialRoleApplication
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '62f28d91-7d9f-4d17-be15-666d5b41d77f' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    filters = 'applicationName sw \"test\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **applicationName**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **applicationName**: *sw* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves the applications of a potential role for a role mining session
        
        api_response = api_instance.get_potential_role_applications(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_potential_role_applications(session_id, potential_role_id, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_potential_role_applications:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_potential_role_applications: %s\n" % e)

[Back to top]

get-potential-role-entitlements

Retrieves the entitlements of a potential role for a role mining session This method returns the entitlements of a potential role for a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: entitlementRef.name: sw
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleEntitlements]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns the entitlements of a potential role for a role mining session.	List[RoleMiningPotentialRoleEntitlements]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_entitlements import RoleMiningPotentialRoleEntitlements
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '62f28d91-7d9f-4d17-be15-666d5b41d77f' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    filters = 'entitlementRef.name sw \"test\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **entitlementRef.name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **entitlementRef.name**: *sw* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves the entitlements of a potential role for a role mining session
        
        api_response = api_instance.get_potential_role_entitlements(session_id, potential_role_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_potential_role_entitlements(session_id, potential_role_id, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_potential_role_entitlements:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_potential_role_entitlements: %s\n" % e)

[Back to top]

get-potential-role-source-identity-usage

Retrieves potential role source usage This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	potential_role_id	str	True	A potential role id
Path	source_id	str	True	A source id
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: displayName, email, usageCount
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleSourceUsage]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of source usage for the identities in a potential role.	List[RoleMiningPotentialRoleSourceUsage]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_source_usage import RoleMiningPotentialRoleSourceUsage
from sailpoint.beta.rest import ApiException
from pprint import pprint

    potential_role_id = 'e0cc5d7d-bf7f-4f81-b2af-8885b09d9923' # str | A potential role id # str | A potential role id
    source_id = '2c9180877620c1460176267f336a106f' # str | A source id # str | A source id
    sorters = '-usageCount' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount** (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves potential role source usage
        
        api_response = api_instance.get_potential_role_source_identity_usage(potential_role_id, source_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_potential_role_source_identity_usage(potential_role_id, source_id, sorters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_potential_role_source_identity_usage:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_potential_role_source_identity_usage: %s\n" % e)

[Back to top]

get-potential-role-summaries

Retrieve session's potential role summaries This method returns the potential role summaries for a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, co createdByName: eq, sw, co description: sw, co endDate: le, lt freshness: eq, ge, gt, le, lt name: eq, sw, co quality: eq, ge, gt, le, lt startDate: ge, gt saved: eq type: eq
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleSummary]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of potential role summaries for a role mining session.	List[RoleMiningPotentialRoleSummary]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    sorters = 'createdDate' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **createdDate** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **createdDate** (optional)
    filters = '(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **createdById**: *eq, sw, co*  **createdByName**: *eq, sw, co*  **description**: *sw, co*  **endDate**: *le, lt*  **freshness**: *eq, ge, gt, le, lt*  **name**: *eq, sw, co*  **quality**: *eq, ge, gt, le, lt*  **startDate**: *ge, gt*  **saved**: *eq*  **type**: *eq* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **createdById**: *eq, sw, co*  **createdByName**: *eq, sw, co*  **description**: *sw, co*  **endDate**: *le, lt*  **freshness**: *eq, ge, gt, le, lt*  **name**: *eq, sw, co*  **quality**: *eq, ge, gt, le, lt*  **startDate**: *ge, gt*  **saved**: *eq*  **type**: *eq* (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieve session's potential role summaries
        
        api_response = api_instance.get_potential_role_summaries(session_id, )
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_potential_role_summaries(session_id, sorters, filters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_potential_role_summaries:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_potential_role_summaries: %s\n" % e)

[Back to top]

get-role-mining-potential-role

Retrieves a specific potential role This method returns a specific potential role.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	potential_role_id	str	True	A potential role id

Return type

RoleMiningPotentialRole

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of potential roles for a role mining session.	RoleMiningPotentialRole	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.beta.rest import ApiException
from pprint import pprint

    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id # str | A potential role id

    try:
        # Retrieves a specific potential role
        
        api_response = api_instance.get_role_mining_potential_role(potential_role_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_role_mining_potential_role(potential_role_id)
        print("The response of IAIRoleMiningApi->get_role_mining_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_role_mining_potential_role: %s\n" % e)

[Back to top]

get-role-mining-session

Get a role mining session The method retrieves a role mining session.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id to be retrieved.

Return type

RoleMiningSessionResponse

Responses

Code	Description	Data Type	Response headers
200	Returns a role mining session	RoleMiningSessionResponse	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id to be retrieved. # str | The role mining session id to be retrieved.

    try:
        # Get a role mining session
        
        api_response = api_instance.get_role_mining_session(session_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_role_mining_session(session_id)
        print("The response of IAIRoleMiningApi->get_role_mining_session:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_role_mining_session: %s\n" % e)

[Back to top]

get-role-mining-session-status

Get role mining session status state This method returns a role mining session status for a customer.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id

Return type

RoleMiningSessionStatus

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns session status	RoleMiningSessionStatus	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_session_status import RoleMiningSessionStatus
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id

    try:
        # Get role mining session status state
        
        api_response = api_instance.get_role_mining_session_status(session_id)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_role_mining_session_status(session_id)
        print("The response of IAIRoleMiningApi->get_role_mining_session_status:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_role_mining_session_status: %s\n" % e)

[Back to top]

get-role-mining-sessions

Retrieves all role mining sessions Returns all role mining sessions that match the query parameters

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Query	filters	str	(optional)	Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: saved: eq name: eq, sw
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdBy, createdDate
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningSessionResponse]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns all role mining sessions that match the query parameters.	List[RoleMiningSessionResponse]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.beta.rest import ApiException
from pprint import pprint

    filters = 'saved eq \"true\" and name sw \"RM Session\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **saved**: *eq*  **name**: *eq, sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **saved**: *eq*  **name**: *eq, sw* (optional)
    sorters = 'createdBy,createdDate' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **createdBy, createdDate** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **createdBy, createdDate** (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves all role mining sessions
        
        api_response = api_instance.get_role_mining_sessions()
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_role_mining_sessions(filters, sorters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_role_mining_sessions:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_role_mining_sessions: %s\n" % e)

[Back to top]

get-saved-potential-roles

Retrieves all saved potential roles This method returns all saved potential roles (draft roles).

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Query	sorters	str	(optional)	Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: modified
Query	offset	int	(optional) (default to 0)	Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Query	limit	int	(optional) (default to 250)	Max number of results to return. See V3 API Standard Collection Parameters for more information.
Query	count	bool	(optional) (default to False)	If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningSessionDraftRoleDto]

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns a list of draft roles for a role mining session.	List[RoleMiningSessionDraftRoleDto]	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: Not defined
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_session_draft_role_dto import RoleMiningSessionDraftRoleDto
from sailpoint.beta.rest import ApiException
from pprint import pprint

    sorters = 'modified' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified** (optional)
    offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
    limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
    count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

    try:
        # Retrieves all saved potential roles
        
        api_response = api_instance.get_saved_potential_roles()
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.get_saved_potential_roles(sorters, offset, limit, count)
        print("The response of IAIRoleMiningApi->get_saved_potential_roles:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->get_saved_potential_roles: %s\n" % e)

[Back to top]

patch-potential-role

Update a potential role in session This method updates an existing potential role using the role mining session id and the potential role summary id.

The following fields can be modified:

• description

• name

• saved

NOTE: All other fields cannot be modified.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	The potential role summary id
Body	patch_potential_role_request_inner	[]PatchPotentialRoleRequestInner	True

Return type

object

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns the potential role summary based on the potentialRoleId provided.	object	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json-patch+json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.patch_potential_role_request_inner import PatchPotentialRoleRequestInner
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The potential role summary id # str | The potential role summary id
    [{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}] # List[PatchPotentialRoleRequestInner] | 
     patch_potential_role_request_inner = [{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}] # List[PatchPotentialRoleRequestInner] | 
    

    try:
        # Update a potential role in session
        Result = patch_potential_role_request_inner.from_json(patch_potential_role_request_inner)
        api_response = api_instance.patch_potential_role(session_id, potential_role_id, Result)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.patch_potential_role(session_id, potential_role_id, Result)
        print("The response of IAIRoleMiningApi->patch_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->patch_potential_role: %s\n" % e)

[Back to top]

patch-role-mining-potential-role

Update a potential role This method updates an existing potential role.

The following fields can be modified:

• description

• name

• saved

NOTE: All other fields cannot be modified.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	potential_role_id	str	True	The potential role summary id
Body	patch_potential_role_request_inner	[]PatchPotentialRoleRequestInner	True

Return type

object

Responses

Code	Description	Data Type	Response headers
200	Succeeded. Returns the potential role summary based on the potentialRoleId provided.	object	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json-patch+json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.patch_potential_role_request_inner import PatchPotentialRoleRequestInner
from sailpoint.beta.rest import ApiException
from pprint import pprint

    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The potential role summary id # str | The potential role summary id
    [{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}] # List[PatchPotentialRoleRequestInner] | 
     patch_potential_role_request_inner = [{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}] # List[PatchPotentialRoleRequestInner] | 
    

    try:
        # Update a potential role
        Result = patch_potential_role_request_inner.from_json(patch_potential_role_request_inner)
        api_response = api_instance.patch_role_mining_potential_role(potential_role_id, Result)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.patch_role_mining_potential_role(potential_role_id, Result)
        print("The response of IAIRoleMiningApi->patch_role_mining_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->patch_role_mining_potential_role: %s\n" % e)

[Back to top]

patch-role-mining-session

Patch a role mining session The method updates an existing role mining session using PATCH. Supports op in {"replace"} and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id to be patched
Body	json_patch_operation	[]JsonPatchOperation	True	Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.

Return type

object

Responses

Code	Description	Data Type	Response headers
202	Accepted - Returned if the request was successfully accepted into the system.	object	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
404	Not Found - returned if the request URL refers to a resource or object that does not exist	ErrorResponseDto	-
429	Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.	ListAccessModelMetadataAttribute429Response	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json-patch+json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.json_patch_operation import JsonPatchOperation
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id to be patched # str | The role mining session id to be patched
    [{op=replace, path=/pruneThreshold, value=83}, {op=replace, path=/minNumIdentitiesInPotentialRole, value=10}, {op=replace, path=/saved, value=false}, {op=replace, path=/name, value=RM Session - 07/10/22}, {op=add, path=/name, value=RM Session - 07/10/22}] # List[JsonPatchOperation] | Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.
     json_patch_operation = {
          "op" : "replace",
          "path" : "/description",
          "value" : "New description"
        } # List[JsonPatchOperation] | Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.
    

    try:
        # Patch a role mining session
        Result = json_patch_operation.from_json(json_patch_operation)
        api_response = api_instance.patch_role_mining_session(session_id, Result)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.patch_role_mining_session(session_id, Result)
        print("The response of IAIRoleMiningApi->patch_role_mining_session:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->patch_role_mining_session: %s\n" % e)

[Back to top]

update-entitlements-potential-role

Edit entitlements for a potential role to exclude some entitlements This endpoint adds or removes entitlements from an exclusion list for a potential role.

API Spec

Parameters

Param Type	Name	Data Type	Required	Description
Path	session_id	str	True	The role mining session id
Path	potential_role_id	str	True	A potential role id in a role mining session
Body	role_mining_potential_role_edit_entitlements	RoleMiningPotentialRoleEditEntitlements	True	Role mining session parameters

Return type

RoleMiningPotentialRole

Responses

Code	Description	Data Type	Response headers
201	Adds or removes entitlements from a potential role's entitlement exclusion list.	RoleMiningPotentialRole	-
400	Client Error - Returned if the request body is invalid.	ErrorResponseDto	-
401	Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.	ListAccessModelMetadataAttribute401Response	-
403	Forbidden - Returned if the user you are running as, doesn't have access to this end-point.	ErrorResponseDto	-
500	Internal Server Error - Returned if there is an unexpected error.	ErrorResponseDto	-

HTTP request headers

• Content-Type: application/json
• Accept: application/json

Example

import sailpoint.beta
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.beta.models.role_mining_potential_role_edit_entitlements import RoleMiningPotentialRoleEditEntitlements
from sailpoint.beta.rest import ApiException
from pprint import pprint

    session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
    potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
    role_mining_potential_role_edit_entitlements = {
          "ids" : [ "entId1", "entId2" ],
          "exclude" : true
        } # RoleMiningPotentialRoleEditEntitlements | Role mining session parameters

    try:
        # Edit entitlements for a potential role to exclude some entitlements
        Result = role_mining_potential_role_edit_entitlements.from_json(role_mining_potential_role_edit_entitlements)
        api_response = api_instance.update_entitlements_potential_role(session_id, potential_role_id, Result)
        
        # Below is a request that includes all optional parameters
        # api_response = api_instance.update_entitlements_potential_role(session_id, potential_role_id, Result)
        print("The response of IAIRoleMiningApi->update_entitlements_potential_role:\n")
        pprint(api_response)
    except Exception as e:
        print("Exception when calling IAIRoleMiningApi->update_entitlements_potential_role: %s\n" % e)

[Back to top]