Query to list entitlements in a role

mario_rod · October 28, 2025, 8:30pm

Is there a query that can list the entitlements in a role - something similar to this?

There does not seem to be a way in the ui. Also the entitlements and roles API don’t list the source info. Tried the search API but so far no luck

Would appreciate any feedback.

markomanium · October 28, 2025, 10:13pm

@mario_rod Hello, have You maybe checked this v2024 API endpoint? get-role-entitlements | SailPoint Developer Community

mario_rod · October 28, 2025, 11:15pm

Hi @markomanium thanks for the response. Yes I tried that but the issue is getting the JSON response formatted….
I tried jsonpath.com but not having luck playing with the query

markomanium · October 28, 2025, 11:36pm

@mario_rod in jsonpath.com , have you tried extracting data, using something like this $[*].name? That should extract all entitlements’ names from the role.

mario_rod · October 28, 2025, 11:51pm

@markomanium jsonpath is not as flexible as jmespath as it does not seem to allow concatenation of elements (or maybe I don’t know how to do it).

This jmespath query using the “/roles/:id/entitlements“ endpoint

[*].{entitlementName: name, entitlementDescription: attributes.description, sourceName: source.name, owner: owner}

produces this output

[
  {
    "entitlementName": "IAM Admin",
    "entitlementDescription": "IAM Team Members",
    "sourceName": "Salesforce",
    "owner": null
  },
  {
    "entitlementName": "Administrator",
    "entitlementDescription": null,
    "sourceName": "IdentityNow",
    "owner": null
  },
  {
    "entitlementName": "Priv Admin",
    "entitlementDescription": "Full administrative access to IdentityNow",
    "sourceName": "Identity Cloud Governance",
    "owner": null
  },

but now I need to save to an excel file and uploading data to online converters is not an option for obvious reasons. Using the excel import feature does not seem to work cleanly either.

Is the best option at this point using Pyton or the powershell sdk?

markomanium · October 29, 2025, 12:12am

@mario_rod Extracting this data into excel file should be fairly easy with Python/Java e.g. Or you can use Chatgpt to create an excel file for you out of the data provided (if you are sure you aren’t providing sensitive information, but in this case, doesn’t look sensitive to me).

David_Norris · October 29, 2025, 1:39am

Something like this:

get-v2025roles| foreach {write-host "Role: $($_.name)"; Get-V2025RoleEntitlements $_.id | foreach {write-host "$($_.source.name): $($_.name) ($($_.description))"};write-host}

mario_rod · October 29, 2025, 1:49am

Thanks @David_Norris I will download the posh sdk and try that out

system · December 28, 2025, 1:50am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Query to get filter only specific "entitlement type" from a source ISC Discussion and Questions identity-security-cloud	6	159	February 9, 2025
API call or search query to retrieve the list of identities in a Role ISC Discussion and Questions	5	3914	July 19, 2023
Getting list entitlements for all roles ISC Discussion and Questions identity-security-cloud	2	77	April 4, 2025
How to see report of entitlements of role through query ISC Discussion and Questions identity-security-cloud	3	95	June 17, 2025
Fetching direct entitlements associated to roles IIQ Discussion and Questions apis , identityiq	2	443	July 25, 2023

Query to list entitlements in a role

Related topics