List role assignments

GET 
https://sailpoint.api.identitynow.com/beta/identities/:identityId/role-assignments

This returns either a list of Role Assignments when querying with either a Role Id or Role Name, or a list of Role Assignment References if querying with only identity Id.

Request

Path Parameters

identityId stringrequired
Identity Id to get the role assignments for
Example: ef38f94347e94562b5bb8424a56397d8

Query Parameters

roleId string
Role Id to filter the role assignments with
Example: e7697a1e96d04db1ac7b0f4544915d2c
roleName string
Role name to filter the role assignments with
Example: Engineer

Responses

200

A role assignment object

application/json

Schema

Schema

Array [
anyOf
MOD1
idstring
Assignment Id
Example: 1cbb0705b38c4226b1334eadd8874086
role object
idstring
the application ID
Example: ff8081814d977c21014da056804a0af3
namestring
the application name
Example: Github
MOD2
idstring
Assignment Id
Example: 1cbb0705b38c4226b1334eadd8874086
role object
idstring
the application ID
Example: ff8081814d977c21014da056804a0af3
namestring
the application name
Example: Github
commentsstring
Comments added by the user when the assignment was made
Example: I'm a new Engineer and need this role to do my work
assignmentSourcestring
Source describing how this assignment was made
Example: UI
assigner object
idstring
the application ID
Example: ff8081814d977c21014da056804a0af3
namestring
the application name
Example: Github
assignedDimensions object[]
Dimensions assigned related to this role
Array [
idstring
the application ID
Example: ff8081814d977c21014da056804a0af3
namestring
the application name
Example: Github
]
assignmentContext object
requested object
contextAttributes object[]
Array [
attributestring
The name of the attribute
Example: location
value object
The value of the attribute. This can be either a string or a multi-valued string
oneOf
MOD1
string
Example: Austin
MOD2
Array [
string
Example: ["Austin","Houston","Dallas"]
]
derivedboolean
True if the attribute was derived.
Default value: false
Example: false
]
matched object[]
Array [
roleRef object
Role Id and Name related to this match
idstring
the application ID
Example: ff8081814d977c21014da056804a0af3
namestring
the application name
Example: Github
matchedAttributes object[]
Array [
attributestring
The name of the attribute
Example: location
value object
The value of the attribute. This can be either a string or a multi-valued string
oneOf
MOD1
string
Example: Austin
MOD2
Array [
string
Example: ["Austin","Houston","Dallas"]
]
derivedboolean
True if the attribute was derived.
Default value: false
Example: false
]
]
computedDatestring
Date that the assignment will was evaluated
Example: Wed Feb 14 10:58:42
accountTargets object[]
Array [
source object
Source Id and Name related to this assignment
idstring
the application ID
Example: ff8081814d977c21014da056804a0af3
namestring
the application name
Example: Github
accountInfo object
nativeIdentitystring
The unique ID of the account generated by the source system
Example: CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com
displayNamestring
Display name for this account
Example: Abby.Smith
uuidstring
UUID associated with this account
Example: {ad9fc391-246d-40af-b248-b6556a2b7c01}
roleNamestring
Specific role name for this target if using multiple accounts
Example: Marketing
]
removeDatestring
Date that the assignment will be removed
Example: Wed Feb 14 10:58:42
]

Example (auto)

[
  {
    "id": "1cbb0705b38c4226b1334eadd8874086",
    "role": {
      "id": "ff8081814d977c21014da056804a0af3",
      "name": "Github"
    }
  },
  {
    "id": "1cbb0705b38c4226b1334eadd8874086",
    "role": {
      "id": "ff8081814d977c21014da056804a0af3",
      "name": "Github"
    },
    "comments": "I'm a new Engineer and need this role to do my work",
    "assignmentSource": "UI",
    "assigner": {
      "id": "ff8081814d977c21014da056804a0af3",
      "name": "Github"
    },
    "assignedDimensions": [
      {
        "id": "1acc8ffe5fcf457090de28bee2af36ee",
        "type": "DIMENSION",
        "name": "Northeast region"
      }
    ],
    "assignmentContext": {
      "requested": {
        "contextAttributes": [
          {
            "attribute": "location",
            "value": "Austin",
            "derived": false
          }
        ]
      },
      "matched": [
        {
          "roleRef": {
            "id": "e7697a1e96d04db1ac7b0f4544915d2c",
            "type": "DIMENSION",
            "name": "Engineer"
          },
          "matchedAttributes": [
            {
              "attribute": "location",
              "value": "Austin",
              "derived": false
            }
          ]
        }
      ],
      "computedDate": "Wed Feb 14 10:58:42"
    },
    "accountTargets": [
      {
        "source": {
          "id": "d18b74853739439986501ad180b27db6",
          "type": "SOURCE",
          "name": "Active Directory"
        },
        "accountInfo": {
          "nativeIdentity": "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com",
          "displayName": "Abby.Smith",
          "uuid": "{ad9fc391-246d-40af-b248-b6556a2b7c01}"
        },
        "roleName": "Marketing"
      }
    ],
    "removeDate": "Wed Feb 14 10:58:42"
  }
]

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error
A message describing the error
Example: JWT validation failed: JWT is expired

Example (auto)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

404

Not Found - returned if the request URL refers to a resource or object that does not exist

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

404

An example of a 404 response object

{
  "detailCode": "404 Not found",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server did not find a current representation for the target resource."
    }
  ]
}

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema

Schema

message
A message describing the error
Example: Rate Limit Exceeded

Example (auto)

{
  "message": " Rate Limit Exceeded "
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Authorization: oauth2

type: Personal Access Token
scopes: idn:identity:read

• go
• powershell
  SailPoint SDK
• python
  SailPoint SDK
• csharp
• curl
• dart
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• r
• ruby
• rust
• shell
• swift

• NATIVE

package main

import (
  "fmt"
  "net/http"
  "io"
)

func main() {

  url := "https://sailpoint.api.identitynow.com/beta/identities/:identityId/role-assignments"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Accept", "application/json")
  req.Header.Add("Authorization", "Bearer <TOKEN>")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

Request Collapse all

Base URL

https://sailpoint.api.identitynow.com/beta

Auth

Bearer Token

Parameters

identityId — pathrequired

roleId — query

roleName — query

ResponseClear

Click the Send API Request button above and see the response here!