Create a role mining session

POST 
https://sailpoint.api.identitynow.com/beta/role-mining-sessions

This submits a create role mining session request to the role mining application.

Request

application/json

Bodyrequired

Role mining session parameters

scope object
identityIdsstring[]
The list of identities for this role mining session.
Example: ["2c918090761a5aac0176215c46a62d58","2c918090761a5aac01722015c46a62d42"]
criteriastringnullable
The "search" criteria that produces the list of identities for this role mining session.
Example: source.name:DataScienceDataset
attributeFilterCriteriaobject[]nullable
The filter criteria for this role mining session.
Example: {"displayName":{"untranslated":"Location: Miami"},"ariaLabel":{"untranslated":"Location: Miami"},"data":{"displayName":{"translateKey":"IDN.IDENTITY_ATTRIBUTES.LOCATION"},"name":"location","operator":"EQUALS","values":["Miami"]}}
pruneThresholdint32nullable
The prune threshold to be used or null to calculate prescribedPruneThreshold
Example: 50
prescribedPruneThresholdint32nullable
The calculated prescribedPruneThreshold
Example: 10
minNumIdentitiesInPotentialRoleint32nullable
Minimum number of identities in a potential role
Example: 20
potentialRoleCountint32
Number of potential roles
Example: 0
potentialRolesReadyCountint32
Number of potential roles ready
Example: 0
typestring
Role type
Possible values: [SPECIALIZED, COMMON]
Example: SPECIALIZED
emailRecipientIdstringnullable
The id of the user who will receive an email about the role mining session
Example: 2c918090761a5aac0176215c46a62d58
identityCountint32
Number of identities in the population which meet the search criteria or identity list provided
Example: 0
savedboolean
The session's saved status
Default value: false
Example: true
namestringnullable
The session's saved name
Example: Saved RM Session - 07/10

Responses

201

Submitted a role mining session request

application/json

Schema

Schema

scope object
identityIdsstring[]
The list of identities for this role mining session.
Example: ["2c918090761a5aac0176215c46a62d58","2c918090761a5aac01722015c46a62d42"]
criteriastringnullable
The "search" criteria that produces the list of identities for this role mining session.
Example: source.name:DataScienceDataset
attributeFilterCriteriaobject[]nullable
The filter criteria for this role mining session.
Example: {"displayName":{"untranslated":"Location: Miami"},"ariaLabel":{"untranslated":"Location: Miami"},"data":{"displayName":{"translateKey":"IDN.IDENTITY_ATTRIBUTES.LOCATION"},"name":"location","operator":"EQUALS","values":["Miami"]}}
minNumIdentitiesInPotentialRoleintegernullable
Minimum number of identities in a potential role
Example: 20
scopingMethodstringnullable
The scoping method of the role mining session
Example: AUTO_RM
prescribedPruneThresholdintegernullable
The computed (or prescribed) prune threshold for this session
Example: 83
pruneThresholdintegernullable
The prune threshold to be used for this role mining session
Example: 70
potentialRoleCountinteger
The number of potential roles
Example: 8
potentialRolesReadyCountinteger
The number of potential roles which have completed processing
Example: 4
status object
The role mining session status
statestring
Role mining session status
Possible values: [CREATED, UPDATED, IDENTITIES_OBTAINED, PRUNE_THRESHOLD_OBTAINED, POTENTIAL_ROLES_PROCESSING, POTENTIAL_ROLES_CREATED]
Example: CREATED
emailRecipientIdstringnullable
The id of the user who will receive an email about the role mining session
createdBy object
The session created by details
oneOf
MOD1
idstring
ID of the creator
Example: 2c918090761a5aac0176215c46a62d58
displayNamestring
The display name of the creator
Example: Ashley.Pierce
MOD2
stringnullable
Workaround to support null
Example: Dummy
identityCountinteger
The number of identities
Example: 39
savedboolean
The session's saved status
Default value: false
Example: true
namestringnullable
The session's saved name
Example: Saved RM Session - 07/10
dataFilePathstringnullable
The data file path of the role mining session
idstring
Session Id for this role mining session
Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
createdDatedate-time
The date-time when this role mining session was created.
modifiedDatedate-time
The date-time when this role mining session was completed.
typestring
Role type
Possible values: [SPECIALIZED, COMMON]
Example: SPECIALIZED

Example (auto)

{
  "scope": {
    "identityIds": [],
    "criteria": "source.name:DataScienceDataset",
    "attributeFilterCriteria": null
  },
  "scopingMethod": "AUTO_RM",
  "minNumIdentitiesInPotentialRole": 20,
  "pruneThreshold": 70,
  "prescribedPruneThreshold": 83,
  "potentialRoleCount": 8,
  "potentialRolesReadyCount": 4,
  "status": {
    "state": "POTENTIAL_ROLES_PROCESSING"
  },
  "type": "SPECIALIZED",
  "emailRecipientId": null,
  "createdBy": null,
  "identityCount": 0,
  "saved": false,
  "name": null,
  "dataFilePath": null,
  "id": "602ba738-cf48-499b-a780-7b67b3fc1ecf",
  "createdDate": "2021-09-08T16:11:05.348Z",
  "modifiedDate": "2021-09-08T16:11:05.348Z"
}

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error
A message describing the error
Example: JWT validation failed: JWT is expired

Example (auto)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema

Schema

message
A message describing the error
Example: Rate Limit Exceeded

Example (auto)

{
  "message": " Rate Limit Exceeded "
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Authorization: oauth2

type: Personal Access Token
scopes: sp:scopes:all

• go
• powershell
  SailPoint SDK
• python
  SailPoint SDK
• csharp
• curl
• dart
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• r
• ruby
• rust
• shell
• swift

• NATIVE

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "https://sailpoint.api.identitynow.com/beta/role-mining-sessions"
  method := "POST"

  payload := strings.NewReader(`{
  "scope": {
    "identityIds": [
      "2c918090761a5aac0176215c46a62d58",
      "2c918090761a5aac01722015c46a62d42"
    ],
    "criteria": "source.name:DataScienceDataset",
    "attributeFilterCriteria": {
      "displayName": {
        "untranslated": "Location: Miami"
      },
      "ariaLabel": {
        "untranslated": "Location: Miami"
      },
      "data": {
        "displayName": {
          "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION"
        },
        "name": "location",
        "operator": "EQUALS",
        "values": [
          "Miami"
        ]
      }
    }
  },
  "pruneThreshold": 50,
  "prescribedPruneThreshold": 10,
  "minNumIdentitiesInPotentialRole": 20,
  "potentialRoleCount": 0,
  "potentialRolesReadyCount": 0,
  "type": "SPECIALIZED",
  "emailRecipientId": "2c918090761a5aac0176215c46a62d58",
  "identityCount": 0,
  "saved": true,
  "name": "Saved RM Session - 07/10"
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Accept", "application/json")
  req.Header.Add("Authorization", "Bearer <TOKEN>")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

Request Collapse all

Base URL

https://sailpoint.api.identitynow.com/beta

Auth

Bearer Token

Body required

{
  "scope": {
    "identityIds": [
      "2c918090761a5aac0176215c46a62d58",
      "2c918090761a5aac01722015c46a62d42"
    ],
    "criteria": "source.name:DataScienceDataset",
    "attributeFilterCriteria": {
      "displayName": {
        "untranslated": "Location: Miami"
      },
      "ariaLabel": {
        "untranslated": "Location: Miami"
      },
      "data": {
        "displayName": {
          "translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION"
        },
        "name": "location",
        "operator": "EQUALS",
        "values": [
          "Miami"
        ]
      }
    }
  },
  "pruneThreshold": 50,
  "prescribedPruneThreshold": 10,
  "minNumIdentitiesInPotentialRole": 20,
  "potentialRoleCount": 0,
  "potentialRolesReadyCount": 0,
  "type": "SPECIALIZED",
  "emailRecipientId": "2c918090761a5aac0176215c46a62d58",
  "identityCount": 0,
  "saved": true,
  "name": "Saved RM Session - 07/10"
}

ResponseClear

Click the Send API Request button above and see the response here!