Account Aggregation

POST 
/sources/:id/load-accounts

Starts an account aggregation on the specified source. If the target source is a delimited file source, then the CSV file needs to be included in the request body. You will also need to set the Content-Type header to multipart/form-data. A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.

Request

Path Parameters

id stringrequired
Source Id
Example: ef38f94347e94562b5bb8424a56397d8

multipart/form-data

Body

file binary

The CSV file containing the source accounts to aggregate.

disableOptimization boolean

Default value: false

Use this flag to reprocess every account whether or not the data has changed.

Responses

202

Aggregate Accounts Task

application/json

Schema

Schema

success boolean

Default value: true

The status of the result

task object
id string
System-generated unique ID of the task this taskStatus represents
type string
Type of task this task represents
name string
The name of the aggregation process
description string
The description of the task
launcher string
The user who initiated the task
created date-time
The Task creation date
launched date-timenullable
The task start date
completed date-timenullable
The task completion date
completionStatus stringnullable
Possible values: [SUCCESS, WARNING, ERROR, TERMINATED, TEMP_ERROR]
Task completion status.
parentName stringnullable
Name of the parent task if exists.
messages object[]
List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors.
Array [
type string
Possible values: [INFO, WARN, ERROR]
Type of the message.
error boolean
Default value: false
Flag whether message is an error.
warning boolean
Default value: false
Flag whether message is a warning.
key string
Message string identifier.
localizedText string
Message context with the locale based language.
]
progress stringnullable
Current task state.
attributes object
Extra attributes map(dictionary) for the task.
appId string
The id of the source
optimizedAggregation string
The indicator if the aggregation process was enabled/disabled for the aggregation job
property name* object
returns object[]
Return values from the task
Array [
displayLabel string
The display label of the return value
attributeName string
The attribute name of the return value
]

Example (from schema)

{
  "success": "true",
  "task": {
    "id": "ef38f94347e94562b5bb8424a56397d8",
    "type": "QUARTZ",
    "name": "Cloud Account Aggregation",
    "description": "Aggregate from the specified application",
    "launcher": "John Doe",
    "created": "2020-09-07T42:14:00.364Z",
    "launched": "2020-09-07T42:14:00.521Z",
    "completed": "2020-09-07T42:14:01.137Z",
    "completionStatus": "Success",
    "parentName": "Audit Report",
    "messages": [],
    "progress": "Initializing...",
    "attributes": {
      "appId": "c31386cb18bb403cbb6df4c86294ff82",
      "optimizedAggregation": "enabled"
    },
    "returns": [
      [
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS",
          "attributeName": "applications"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_TOTAL",
          "attributeName": "total"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_OPTIMIZED",
          "attributeName": "optimizedAggregation"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_IGNORED",
          "attributeName": "ignored"
        },
        {
          "displayLabel": "TASK_OUT_UNCHANGED_ACCOUNTS",
          "attributeName": "optimized"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_CREATED",
          "attributeName": "created"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_UPDATED",
          "attributeName": "updated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_DELETED",
          "attributeName": "deleted"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_MANAGER_CHANGES",
          "attributeName": "managerChanges"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_BUSINESS_ROLE_CHANGES",
          "attributeName": "detectedRoleChanges"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_EXCEPTION_CHANGES",
          "attributeName": "exceptionChanges"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_POLICIES",
          "attributeName": "policies"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_POLICY_VIOLATIONS",
          "attributeName": "policyViolations"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_POLICY_NOTIFICATIONS",
          "attributeName": "policyNotifications"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCORES_CHANGED",
          "attributeName": "scoresChanged"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SNAPSHOTS_CREATED",
          "attributeName": "snapshotsCreated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_CREATED",
          "attributeName": "scopesCreated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_CORRELATED",
          "attributeName": "scopesCorrelated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_SELECTED",
          "attributeName": "scopesSelected"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_SCOPES_DORMANT",
          "attributeName": "scopesDormant"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_UNSCOPED_IDENTITIES",
          "attributeName": "unscopedIdentities"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_CERTIFICATIONS_CREATED",
          "attributeName": "certificationsCreated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_CERTIFICATIONS_DELETED",
          "attributeName": "certificationsDeleted"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_APPLICATIONS_GENERATED",
          "attributeName": "applicationsGenerated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_MANAGED_ATTRIBUTES_PROMOTED",
          "attributeName": "managedAttributesCreated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_MANAGED_ATTRIBUTES_PROMOTED_BY_APP",
          "attributeName": "managedAttributesCreatedByApplication"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_IDENTITYENTITLEMENTS_CREATED",
          "attributeName": "identityEntitlementsCreated"
        },
        {
          "displayLabel": "TASK_OUT_ACCOUNT_AGGREGATION_GROUPS_CREATED",
          "attributeName": "groupsCreated"
        }
      ]
    ]
  }
}

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages object[]
Generic localized reason for error
Array [
locale stringnullable
The locale for the message text, a BCP 47 language tag.
localeOrigin LocaleOriginnullable
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
locale stringnullable
The locale for the message text, a BCP 47 language tag.
localeOrigin LocaleOriginnullable
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
]

Example (from schema)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error

A message describing the error

Example (from schema)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages object[]
Generic localized reason for error
Array [
locale stringnullable
The locale for the message text, a BCP 47 language tag.
localeOrigin LocaleOriginnullable
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
locale stringnullable
The locale for the message text, a BCP 47 language tag.
localeOrigin LocaleOriginnullable
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
]

Example (from schema)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema

Schema

message

A message describing the error

Example (from schema)

{
  "message": " Rate Limit Exceeded "
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages object[]
Generic localized reason for error
Array [
locale stringnullable
The locale for the message text, a BCP 47 language tag.
localeOrigin LocaleOriginnullable
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
locale stringnullable
The locale for the message text, a BCP 47 language tag.
localeOrigin LocaleOriginnullable
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
]

Example (from schema)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Loading...