Hey,
I would like to get all the user permissions only in Sailpoint - like Org Admin, Cert Admin, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN, etc…
Is there a way to get it?
Thanks.
Hi,
You can use this search query: @access(source.name.exact:IdentityNow)
Or
You can use the V3/Search API with the same query to get detailed report.
POST {{baseUrl}}/v3/search
Body:
{
"indices": [
"identities"
],
"query": {
"query": "@access(source.name.exact:IdentityNow)"
}
}
3 Likes
Hello @atarodia
Would this work in case users from other sources are given any admin access?
Thanks for replying
Yes, this will work for all sources.
1 Like
I get a 403 error:
detailCode":"403 Forbidden","localeOrigin":"DEFAULT","text":"The server understood the request but refuses to authorize it."},{"locale":"und","localeOrigin":"REQUEST","text":"The server understood the request but refuses to authorize it
What are the scopes to grant using search API?
Doesn’t mention in the API reference.
Not all endpoints have scopes yet, which appears to be the case with the search API. Scopes are an ongoing process and being rolled out slowly. In lieu of using scopes, you can instead apply the Report Admin user level to the user that is authenticating to the API to restrict their API access. You can learn more about user levels here: User Level Matrix - SailPoint Identity Services
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.