Patch accessprofile

nidhipriya · June 18, 2025, 1:23pm

Hi All,

Facing error in updating accessprofile with entitlements and governance group using PATCH API
v2024/access-profiles/{id
I am using python script for this.

Can someone help with their insights?

Error: Access profile update failed. Status code: 415 {“timestamp”:“2025-06-18T13:22:13.596+00:00”,“status”:415,“error”:“Unsupported Media Type”,“path”:“/access-profiles/eab146821c1146948f4aa691502cf502”}

    payload = json.dumps({
    "op": "add",
    "path": "/entitlements/0",
    "value": {
        "id": get_entitlement_id(entitlement_name, env_var),
        "type": "ENTITLEMENT",
        "name": "testgroup"
    },
     "owner": {
     "type": "IDENTITY",
     "id": "XXXXX"
    },
     "source": {
      "id": "XXX"
        "type": "SOURCE"
     },
    "requestable": True,
    "accessRequestConfig": {
       "commentsRequired": True,
      "denialCommentsRequired": True,
       "approvalSchemes": [
         {
             "approverType": "MANAGER"
        },
          {
             "approverType": "GOVERNANCE_GROUP",
               "approverId": "XXXX"
         }
     ]
   }
})

vbdm · June 18, 2025, 2:11pm

Hi @nidhipriya ,

Sorry, I did not face this error previously, so I dont have anythign from the top of my head. However, if I were you, I would try the following:

Did this work from postman? If yes, could you please share the request?
Did the script work on a different api version?

nidhipriya · June 18, 2025, 3:12pm

Hi @vbdm - same error from postman as well
is my payload and path for the entitlement is correct?

vbdm · June 18, 2025, 6:53pm

Can you please share your postman call and the response?

udayputta · June 18, 2025, 7:10pm

hi @nidhipriya, based on the input and the error messages these are my observations

Error says Unsupported Media Type: Can you validate if you are passing the correct header values when you are making the request both from postman and from your script.
Since the access profile is already created with the particular source you do not need to again pass source, owner inside value json.
Can you correct this and try again in postman to see it is working

jrossicare · June 19, 2025, 4:54am

sounds like you are passing the wrong headers with your request.

nidhipriya · June 24, 2025, 1:31pm

Error: Access profile update failed. Status code: 400 {“messages”:[{“localeOrigin”:“REQUEST”,“text”:“The request could not be parsed.”,“locale”:“en-US”},{“localeOrigin”:“DEFAULT”,“text”:“The request could not be parsed.”,“locale”:“en-US”}],“detailCode”:“400.0 Bad request syntax”,“trackingId”:“a184503d69814c6d99e5a0a9f4ee5903”}
tried with different header still getting error msg as above

YanCoelho · June 24, 2025, 2:33pm

Hello,

Your payload should be like this:

payload = json.dumps([
  {
    "op": "add",
    "path": "/entitlements/0",
    "value": {
      "id": get_entitlement_id(entitlement_name, env_var),
      "type": "ENTITLEMENT"
    }
  }
])

There is no need to pass any additional information, as the Access Profile ID will be referenced in the URL.

If you want to edit more than one data your payload should be like this:

payload = json.dumps([
  {
    "op": "add",
    "path": "/entitlements/0",
    "value": {
      "id": get_entitlement_id(entitlement_name, env_var),
      "type": "ENTITLEMENT"
    }
  },
  {
    "op": "replace",
    "path": "/accessRequestConfig",
    "value": {
      "commentsRequired": True,
      "denialCommentsRequired": True,
      "approvalSchemes": [
        {
          "approverType": "GOVERNANCE_GROUP",
          "approverId": f"{group_id}"
        }
      ]
    }
  }
])

Other options:

payload = json.dumps([
  {
    "op": "replace",
    "path": "/name",
    "value": "Debug Add Entitlement"
  },
  {
    "op": "replace",
    "path": "/description",
    "value": "Debug Add Entitlement"
  },
  {
    "op": "replace",
    "path": "/owner",
    "value": {
      "type": "IDENTITY",
      "id": "12321321",
      "name": "Yan Coelho"
    }
  },
  {
    "op": "replace",
    "path": "/enabled",
    "value": False
  },
  {
    "op": "replace",
    "path": "/requestable",
    "value": True
  },
  {
    "op": "replace",
    "path": "/accessRequestConfig",
    "value": {
      "commentsRequired": True,
      "denialCommentsRequired": True,
      "approvalSchemes": [
        {
          "approverType": "GOVERNANCE_GROUP",
          "approverId": f"{group_id}"
        }
      ]
    }
  },
  {
    "op": "replace",
    "path": "/revocationRequestConfig",
    "value": {
      "approvalSchemes": []
    }
  },
  {
    "op": "replace",
    "path": "/entitlements",
    "value": []
  },
  {
    "op": "replace",
    "path": "/provisioningCriteria",
    "value": None
  }
])

Thanks

nidhipriya · June 24, 2025, 5:14pm

[quote=“Yan Coelho, post:8, topic:145754, username:YanCoelho”]

[
        {
          "approverType": "GOVERNANCE_GROUP",
          "approverId": f"{group_id}"
        }
      ]

@YanCoelho - thank you so much, it worked

system · August 23, 2025, 5:15pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
API to Add New Entitlements to Existing Access Profiles Idea Discussions apis , identity-security-cloud , access-profiles , entitlements	5	612	March 20, 2025
Unable to patch v3 access profile API ISC Discussion and Questions apis , identity-security-cloud	5	254	September 23, 2023
V2024/access-profiles/:id Throwing 500 error when trying to update entitlements Bugs apis , identity-security-cloud , access-profiles , not-a-bug	2	85	February 4, 2025
API Patch Role - Entitlements ISC Discussion and Questions apis , identity-security-cloud , roles , entitlements	8	175	September 15, 2024
POST /api/v2/access-profiles Non-Public API Deprecations deprecated	10	1203	March 7, 2024

Patch accessprofile

Related topics