How to retrieve from API the application on which an access profile is contained

Hello everyone,

I’m implementing a custom script in my environment that sends an email to the recipient of an access items only when the access items is effectively provisioned (ISC allows only to send mail when the access items is approved, but now when it is provisioned). In this context I need to identify from the access request , if has been requested an access profile and if yes, I have to see if that access profile is contained inside a logical application. Do you have idea on which API I can use to see if an access profile is contained inside a logical application?

Thanks

Hi @s_tartaglione

I’m not aware of any endpoint that can do exactly what you’re looking for, but a combination of the two endpoints below could do what you need.

1. Call the “List all source apps” endpoint to get a list of all apps
   1. list-all-source-app | SailPoint Developer Community
2. For each app returned, run the list access profiles for the specific source app endpoint to see if it matches with your access profile.
   1. list-access-profiles-for-source-app | SailPoint Developer Community

Hi @s_tartaglione

Try this API - it provides access request details, including provisioning completion status, the type of access requested (access profile or entitlement), and the application name under requestedAppName within clientMetadata - list-access-request-status | SailPoint Developer Community

1. Monitor provisioning (list-access-request-status):
   Use the /v3/access-request-status API to identify requests that have moved to a “Provisioned” state.

2. Identify Access Profiles (get-access-profile):
   Use the /v3/access-profiles/{id} API. The response includes the source object, which links the access profile to its parent application.

3. Validate Logical App:
   Check if the source.type or related details in the access profile response correspond to a logical application container.