Accepted. Returns a potential role summary including the status of the provison request
RoleMiningPotentialRoleSummary
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session$MinEntitlementPopularity=56# Int32 | Minimum popularity required for an entitlement to be included in the provisioned role. (optional) (default to 0)$IncludeCommonAccess=$true# Boolean | Boolean determining whether common access entitlements will be included in the provisioned role. (optional) (default to $true)$RoleMiningPotentialRoleProvisionRequest=@"{
"includeIdentities" : true,
"roleName" : "Finance-Accounting",
"ownerId" : "2b568c65bc3c4c57a43bd97e3a8e41",
"roleDescription" : "Generalaccessforaccountingdepartment",
"directlyAssignedEntitlements" : false
}"@# Create request to provision a potential role into an actual role.try{New-BetaPotentialRoleProvisionRequest-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# New-BetaPotentialRoleProvisionRequest -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaMinEntitlementPopularity $MinEntitlementPopularity -BetaIncludeCommonAccess $IncludeCommonAccess -BetaRoleMiningPotentialRoleProvisionRequest $RoleMiningPotentialRoleProvisionRequest }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling New-BetaPotentialRoleProvisionRequest"Write-Host$_.ErrorDetails}
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
This endpoint downloads a completed export of information for a potential role in a role mining session.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Path
PotentialRoleId
String
True
A potential role id in a role mining session
Path
ExportId
String
True
The id of a previously run export job for this potential role
Return type
System.IO.FileInfo
Responses
Code
Description
Data Type
200
Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.
System.IO.FileInfo
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/zip, application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="278359a6-04b7-4669-9468-924cf580964a"# String | A potential role id in a role mining session$ExportId="4940ffd4-836f-48a3-b2b0-6d498c3fdf40"# String | The id of a previously run export job for this potential role# Export (download) details for a potential role in a role mining sessiontry{Invoke-BetaDownloadRoleMiningPotentialRoleZip-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId-BetaExportId$ExportId# Below is a request that includes all optional parameters# Invoke-BetaDownloadRoleMiningPotentialRoleZip -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaExportId $ExportId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Invoke-BetaDownloadRoleMiningPotentialRoleZip"Write-Host$_.ErrorDetails}
This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Path
PotentialRoleId
String
True
A potential role id in a role mining session
Return type
System.IO.FileInfo
Responses
Code
Description
Data Type
200
Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.
System.IO.FileInfo
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/zip, application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session# Export (download) details for a potential role in a role mining sessiontry{Export-BetaRoleMiningPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Export-BetaRoleMiningPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Export-BetaRoleMiningPotentialRole"Write-Host$_.ErrorDetails}
This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role.
Job Submitted. Returns a reportId that can be used to download the zip once complete
RoleMiningPotentialRoleExportResponse
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="278359a6-04b7-4669-9468-924cf580964a"# String | A potential role id in a role mining session$RoleMiningPotentialRoleExportRequest=@"{
"minEntitlementPopularity" : 0,
"includeCommonAccess" : true
}"@# Asynchronously export details for a potential role in a role mining session and upload to S3try{Export-BetaRoleMiningPotentialRoleAsync-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Export-BetaRoleMiningPotentialRoleAsync -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaRoleMiningPotentialRoleExportRequest $RoleMiningPotentialRoleExportRequest }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Export-BetaRoleMiningPotentialRoleAsync"Write-Host$_.ErrorDetails}
Success. Returns the current status of this export
RoleMiningPotentialRoleExportResponse
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="278359a6-04b7-4669-9468-924cf580964a"# String | A potential role id in a role mining session$ExportId="4940ffd4-836f-48a3-b2b0-6d498c3fdf40"# String | The id of a previously run export job for this potential role# Retrieve status of a potential role export jobtry{Export-BetaRoleMiningPotentialRoleStatus-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId-BetaExportId$ExportId# Below is a request that includes all optional parameters# Export-BetaRoleMiningPotentialRoleStatus -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaExportId $ExportId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Export-BetaRoleMiningPotentialRoleStatus"Write-Host$_.ErrorDetails}
Returns all potential role summaries that match the query parameters
Parameters
Param Type
Name
Data Type
Required
Description
Query
Sorters
String
(optional)
Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate, identityCount, entitlementCount, freshness, quality
Query
Filters
String
(optional)
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, cocreatedByName: eq, sw, codescription: sw, coendDate: le, ltfreshness: eq, ge, gt, le, ltname: eq, sw, co, ge, gt, le, ltquality: eq, ge, gt, le, ltstartDate: ge, gtsaved: eqtype: eq, ge, gt, le, ltscopingMethod: eqsessionState: eqidentityAttribute: co
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns all potential role summaries that match the query parameters.
RoleMiningPotentialRoleSummary[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$Sorters="createdDate"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality** (optional)$Filters='(createdByName co "int") and (createdById sw "2c9180907") and (type eq "COMMON") and ((name co "entt") or (saved eq true))'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **createdById**: *eq, sw, co* **createdByName**: *eq, sw, co* **description**: *sw, co* **endDate**: *le, lt* **freshness**: *eq, ge, gt, le, lt* **name**: *eq, sw, co, ge, gt, le, lt* **quality**: *eq, ge, gt, le, lt* **startDate**: *ge, gt* **saved**: *eq* **type**: *eq, ge, gt, le, lt* **scopingMethod**: *eq* **sessionState**: *eq* **identityAttribute**: *co* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves all potential role summariestry{Get-BetaAllPotentialRoleSummaries# Below is a request that includes all optional parameters# Get-BetaAllPotentialRoleSummaries -BetaSorters $Sorters -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaAllPotentialRoleSummaries"Write-Host$_.ErrorDetails}
This method returns entitlement popularity distribution for a potential role in a role mining session.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Path
PotentialRoleId
String
True
A potential role id in a role mining session
Query
IncludeCommonAccess
Boolean
(optional)
Boolean determining whether common access entitlements will be included or not
Return type
System.Collections.Hashtable
Responses
Code
Description
Data Type
200
Succeeded. Returns a map containing entitlement popularity distribution for a potential role.
System.Collections.Hashtable
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session$IncludeCommonAccess=$true# Boolean | Boolean determining whether common access entitlements will be included or not (optional)# Retrieves entitlement popularity distribution for a potential role in a role mining sessiontry{Get-BetaEntitlementDistributionPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaEntitlementDistributionPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaIncludeCommonAccess $IncludeCommonAccess }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaEntitlementDistributionPotentialRole"Write-Host$_.ErrorDetails}
This method returns entitlements for a potential role in a role mining session.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Path
PotentialRoleId
String
True
A potential role id in a role mining session
Query
IncludeCommonAccess
Boolean
(optional) (default to $true)
Boolean determining whether common access entitlements will be included or not
Query
Sorters
String
(optional)
Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity, entitlementName, applicationName The default sort is popularity in descending order.
Query
Filters
String
(optional)
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: swentitlementRef.name: sw
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of entitlements for a potential role.
RoleMiningEntitlement[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session$IncludeCommonAccess=$true# Boolean | Boolean determining whether common access entitlements will be included or not (optional) (default to $true)$Sorters="popularity"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **popularity, entitlementName, applicationName** The default sort is **popularity** in descending order. (optional)$Filters='applicationName sw "AD"'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* **entitlementRef.name**: *sw* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves entitlements for a potential role in a role mining sessiontry{Get-BetaEntitlementsPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaEntitlementsPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaIncludeCommonAccess $IncludeCommonAccess -BetaSorters $Sorters -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaEntitlementsPotentialRole"Write-Host$_.ErrorDetails}
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: swentitlementRef.name: sw
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of excluded entitlements for a potential roles.
RoleMiningEntitlement[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session$Sorters="populariity"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **popularity** (optional)$Filters='applicationName sw "AD"'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* **entitlementRef.name**: *sw* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves excluded entitlements for a potential role in a role mining sessiontry{Get-BetaExcludedEntitlementsPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaExcludedEntitlementsPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaSorters $Sorters -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaExcludedEntitlementsPotentialRole"Write-Host$_.ErrorDetails}
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of identities for a potential role.
RoleMiningIdentity[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session$Sorters="name"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)$Filters='MyFilters'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves identities for a potential role in a role mining sessiontry{Get-BetaIdentitiesPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaIdentitiesPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaSorters $Sorters -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaIdentitiesPotentialRole"Write-Host$_.ErrorDetails}
Succeeded. Returns a list of potential roles for a role mining session.
RoleMiningPotentialRole
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session# Retrieve potential role in sessiontry{Get-BetaPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaPotentialRole"Write-Host$_.ErrorDetails}
This method returns the applications of a potential role for a role mining session.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Path
PotentialRoleId
String
True
A potential role id in a role mining session
Query
Filters
String
(optional)
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of potential roles for a role mining session.
RoleMiningPotentialRoleApplication[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="62f28d91-7d9f-4d17-be15-666d5b41d77f"# String | A potential role id in a role mining session$Filters='applicationName sw "test"'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves the applications of a potential role for a role mining sessiontry{Get-BetaPotentialRoleApplications-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaPotentialRoleApplications -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaPotentialRoleApplications"Write-Host$_.ErrorDetails}
This method returns the entitlements of a potential role for a role mining session.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Path
PotentialRoleId
String
True
A potential role id in a role mining session
Query
Filters
String
(optional)
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: entitlementRef.name: sw
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns the entitlements of a potential role for a role mining session.
RoleMiningPotentialRoleEntitlements[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="62f28d91-7d9f-4d17-be15-666d5b41d77f"# String | A potential role id in a role mining session$Filters='entitlementRef.name sw "test"'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **entitlementRef.name**: *sw* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves the entitlements of a potential role for a role mining sessiontry{Get-BetaPotentialRoleEntitlements-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaPotentialRoleEntitlements -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaPotentialRoleEntitlements"Write-Host$_.ErrorDetails}
This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.
Parameters
Param Type
Name
Data Type
Required
Description
Path
PotentialRoleId
String
True
A potential role id
Path
SourceId
String
True
A source id
Query
Sorters
String
(optional)
Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: displayName, email, usageCount
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of source usage for the identities in a potential role.
RoleMiningPotentialRoleSourceUsage[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$PotentialRoleId="e0cc5d7d-bf7f-4f81-b2af-8885b09d9923"# String | A potential role id$SourceId="2c9180877620c1460176267f336a106f"# String | A source id$Sorters="-usageCount"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount** (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves potential role source usagetry{Get-BetaPotentialRoleSourceIdentityUsage-BetaPotentialRoleId$PotentialRoleId-BetaSourceId$SourceId# Below is a request that includes all optional parameters# Get-BetaPotentialRoleSourceIdentityUsage -BetaPotentialRoleId $PotentialRoleId -BetaSourceId $SourceId -BetaSorters $Sorters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaPotentialRoleSourceIdentityUsage"Write-Host$_.ErrorDetails}
This method returns the potential role summaries for a role mining session.
Parameters
Param Type
Name
Data Type
Required
Description
Path
SessionId
String
True
The role mining session id
Query
Sorters
String
(optional)
Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate
Query
Filters
String
(optional)
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, cocreatedByName: eq, sw, codescription: sw, coendDate: le, ltfreshness: eq, ge, gt, le, ltname: eq, sw, coquality: eq, ge, gt, le, ltstartDate: ge, gtsaved: eqtype: eq
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of potential role summaries for a role mining session.
RoleMiningPotentialRoleSummary[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$Sorters="createdDate"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdDate** (optional)$Filters='(createdByName co "int")and (createdById sw "2c9180907")and (type eq "COMMON")and ((name co "entt")or (saved eq true))'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **createdById**: *eq, sw, co* **createdByName**: *eq, sw, co* **description**: *sw, co* **endDate**: *le, lt* **freshness**: *eq, ge, gt, le, lt* **name**: *eq, sw, co* **quality**: *eq, ge, gt, le, lt* **startDate**: *ge, gt* **saved**: *eq* **type**: *eq* (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieve session's potential role summariestry{Get-BetaPotentialRoleSummaries-BetaSessionId$SessionId# Below is a request that includes all optional parameters# Get-BetaPotentialRoleSummaries -BetaSessionId $SessionId -BetaSorters $Sorters -BetaFilters $Filters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaPotentialRoleSummaries"Write-Host$_.ErrorDetails}
Succeeded. Returns a list of potential roles for a role mining session.
RoleMiningPotentialRole
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id# Retrieves a specific potential roletry{Get-BetaRoleMiningPotentialRole-BetaPotentialRoleId$PotentialRoleId# Below is a request that includes all optional parameters# Get-BetaRoleMiningPotentialRole -BetaPotentialRoleId $PotentialRoleId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaRoleMiningPotentialRole"Write-Host$_.ErrorDetails}
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Client Error - Returned if the request body is invalid.
ErrorResponseDto
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id to be retrieved.# Get a role mining sessiontry{Get-BetaRoleMiningSession-BetaSessionId$SessionId# Below is a request that includes all optional parameters# Get-BetaRoleMiningSession -BetaSessionId $SessionId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaRoleMiningSession"Write-Host$_.ErrorDetails}
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id# Get role mining session status statetry{Get-BetaRoleMiningSessionStatus-BetaSessionId$SessionId# Below is a request that includes all optional parameters# Get-BetaRoleMiningSessionStatus -BetaSessionId $SessionId }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaRoleMiningSessionStatus"Write-Host$_.ErrorDetails}
Returns all role mining sessions that match the query parameters
Parameters
Param Type
Name
Data Type
Required
Description
Query
Filters
String
(optional)
Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: saved: eqname: eq, sw
Query
Sorters
String
(optional)
Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdBy, createdDate
Query
Offset
Int32
(optional) (default to 0)
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns all role mining sessions that match the query parameters.
RoleMiningSessionResponse[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$Filters='saved eq "true" and name sw "RM Session"'# String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **saved**: *eq* **name**: *eq, sw* (optional)$Sorters="createdBy,createdDate"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdBy, createdDate** (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves all role mining sessionstry{Get-BetaRoleMiningSessions# Below is a request that includes all optional parameters# Get-BetaRoleMiningSessions -BetaFilters $Filters -BetaSorters $Sorters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaRoleMiningSessions"Write-Host$_.ErrorDetails}
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.
Succeeded. Returns a list of draft roles for a role mining session.
RoleMiningSessionDraftRoleDto[]
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: Not defined
Accept: application/json
Example
$Sorters="modified"# String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified** (optional)$Offset=0# Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)$Limit=250# Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)$Count=$true# Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)# Retrieves all saved potential rolestry{Get-BetaSavedPotentialRoles# Below is a request that includes all optional parameters# Get-BetaSavedPotentialRoles -BetaSorters $Sorters -BetaOffset $Offset -BetaLimit $Limit -BetaCount $Count }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Get-BetaSavedPotentialRoles"Write-Host$_.ErrorDetails}
Succeeded. Returns the potential role summary based on the potentialRoleId provided.
SystemCollectionsHashtable
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json-patch+json
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The potential role summary id$PatchPotentialRoleRequestInner=@"[{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}]"@# PatchPotentialRoleRequestInner[] | # Update a potential role in sessiontry{$Result=ConvertFrom-JsonToPatchPotentialRoleRequestInner-Json$PatchPotentialRoleRequestInnerUpdate-BetaPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId-BetaPatchPotentialRoleRequestInner$Result# Below is a request that includes all optional parameters# Update-BetaPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaPatchPotentialRoleRequestInner $PatchPotentialRoleRequestInner }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Update-BetaPotentialRole"Write-Host$_.ErrorDetails}
Succeeded. Returns the potential role summary based on the potentialRoleId provided.
SystemCollectionsHashtable
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json-patch+json
Accept: application/json
Example
$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The potential role summary id$PatchPotentialRoleRequestInner=@"[{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}]"@# PatchPotentialRoleRequestInner[] | # Update a potential roletry{$Result=ConvertFrom-JsonToPatchPotentialRoleRequestInner-Json$PatchPotentialRoleRequestInnerUpdate-BetaRoleMiningPotentialRole-BetaPotentialRoleId$PotentialRoleId-BetaPatchPotentialRoleRequestInner$Result# Below is a request that includes all optional parameters# Update-BetaRoleMiningPotentialRole -BetaPotentialRoleId $PotentialRoleId -BetaPatchPotentialRoleRequestInner $PatchPotentialRoleRequestInner }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Update-BetaRoleMiningPotentialRole"Write-Host$_.ErrorDetails}
The method updates an existing role mining session using PATCH. Supports op in {"replace"} and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.
Accepted - Returned if the request was successfully accepted into the system.
SystemCollectionsHashtable
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
404
Not Found - returned if the request URL refers to a resource or object that does not exist
ErrorResponseDto
429
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
ListAccessModelMetadataAttribute429Response
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json-patch+json
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id to be patched$JsonPatchOperation=@"{
"op" : "replace",
"path" : "/description",
"value" : "Newdescription"
}"@# JsonPatchOperation[] | Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.# Patch a role mining sessiontry{$Result=ConvertFrom-JsonToJsonPatchOperation-Json$JsonPatchOperationUpdate-BetaRoleMiningSession-BetaSessionId$SessionId-BetaJsonPatchOperation$Result# Below is a request that includes all optional parameters# Update-BetaRoleMiningSession -BetaSessionId $SessionId -BetaJsonPatchOperation $JsonPatchOperation }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Update-BetaRoleMiningSession"Write-Host$_.ErrorDetails}
Adds or removes entitlements from a potential role's entitlement exclusion list.
RoleMiningPotentialRole
400
Client Error - Returned if the request body is invalid.
ErrorResponseDto
401
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
ListAccessModelMetadataAttribute401Response
403
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
ErrorResponseDto
500
Internal Server Error - Returned if there is an unexpected error.
ErrorResponseDto
HTTP request headers
Content-Type: application/json
Accept: application/json
Example
$SessionId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | The role mining session id$PotentialRoleId="8c190e67-87aa-4ed9-a90b-d9d5344523fb"# String | A potential role id in a role mining session$RoleMiningPotentialRoleEditEntitlements=@"{
"ids" : [ "entId1", "entId2" ],
"exclude" : true
}"@# Edit entitlements for a potential role to exclude some entitlementstry{$Result=ConvertFrom-JsonToRoleMiningPotentialRoleEditEntitlements-Json$RoleMiningPotentialRoleEditEntitlementsUpdate-BetaEntitlementsPotentialRole-BetaSessionId$SessionId-BetaPotentialRoleId$PotentialRoleId-BetaRoleMiningPotentialRoleEditEntitlements$Result# Below is a request that includes all optional parameters# Update-BetaEntitlementsPotentialRole -BetaSessionId $SessionId -BetaPotentialRoleId $PotentialRoleId -BetaRoleMiningPotentialRoleEditEntitlements $RoleMiningPotentialRoleEditEntitlements }catch{Write-Host$_.Exception.Response.StatusCode.value__"Exception occurred when calling Update-BetaEntitlementsPotentialRole"Write-Host$_.ErrorDetails}
