Skip to main content

Accounts List

GET 
/accounts

This returns a list of accounts.
A token with ORG_ADMIN, SOURCE_ADMIN, SOURCE_SUBADMIN, or HELPDESK authority is required to call this API.

Request

Query Parameters

    detailLevel string

    Possible values: [SLIM, FULL]

    Determines whether Slim, or increased level of detail is provided for each account in the returned list. FULL is the default behavior.

    Example: FULL
    limit int32

    Possible values: <= 250

    Default value: 250

    Max number of results to return. See V3 API Standard Collection Parameters for more information.

    Example: 250
    offset int32

    Default value: 0

    Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.

    Example: 0
    count boolean

    If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored.

    Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used.

    See V3 API Standard Collection Parameters for more information.

    Example: true
    filters string

    Filter results using the standard syntax described in V3 API Standard Collection Parameters

    Filtering is supported for the following fields and operators:

    id: eq, in, sw

    identityId: eq, in, sw

    name: eq, in, sw

    nativeIdentity: eq, in, sw

    sourceId: eq, in, sw

    uncorrelated: eq

    entitlements: eq

    origin: eq, in

    manuallyCorrelated: eq

    identity.name: eq, in, sw

    identity.correlated: eq

    identity.identityState: eq, in

    source.displayableName: eq, in

    source.authoritative: eq

    source.connectionType: eq, in

    recommendation.method: eq, in, isnull

    Example: identityId eq "2c9180858082150f0180893dbaf44201"
    sorters comma-separated

    Sort results using the standard syntax described in V3 API Standard Collection Parameters

    Sorting is supported for the following fields: id, name, created, modified, sourceId, identityId, identity.id, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType

    Example: id,name

Responses

List of account objects

Schema

  • Array [

    • id string

    System-generated unique ID of the Object

    name stringrequired

    Name of the Object

    created date-time

    Creation date of the Object

    modified date-time

    Last modification date of the Object

    sourceId stringrequired

    The unique ID of the source this account belongs to

    sourceName stringnullablerequired

    The display name of the source this account belongs to

    identityId string

    The unique ID of the identity this account is correlated to

    cloudLifecycleState stringnullable

    The lifecycle state of the identity this account is correlated to

    identityState stringnullable

    The identity state of the identity this account is correlated to

    connectionType stringnullable

    The connection type of the source this account is from

    isMachine boolean

    Indicates if the account is of machine type

    recommendation

    object

    nullable

    Indicates that the account is currently classified to be one type but is recommended to be a different one

    type stringrequired

    Possible values: [HUMAN, MACHINE]

    Recommended type of account.

    method stringrequired

    Possible values: [DISCOVERY, SOURCE, CRITERIA]

    Method used to produce the recommendation. DISCOVERY - suggested by AI, SOURCE - the account comes from a source flagged as containing machine accounts, CRITERIA - the account satisfies classification criteria.

    attributes

    object

    nullable

    required

    The account attributes that are aggregated

    property name* anynullable

    The account attributes that are aggregated

    authoritative booleanrequired

    Indicates if this account is from an authoritative source

    description stringnullable

    A description of the account

    disabled booleanrequired

    Indicates if the account is currently disabled

    locked booleanrequired

    Indicates if the account is currently locked

    nativeIdentity stringrequired

    The unique ID of the account generated by the source system

    systemAccount booleanrequired

    If true, this is a user account within IdentityNow. If false, this is an account from a source system.

    uncorrelated booleanrequired

    Indicates if this account is not correlated to an identity

    uuid stringnullable

    The unique ID of the account as determined by the account schema

    manuallyCorrelated booleanrequired

    Indicates if the account has been manually correlated to an identity

    hasEntitlements booleanrequired

    Indicates if the account has entitlements

    identity

    object

    The identity this account is correlated to

    type DtoType (string)

    Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, MACHINE_IDENTITY, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]

    DTO type

    id string

    ID of the object to which this reference applies

    name string

    Human-readable display name of the object to which this reference applies

    sourceOwner

    object

    nullable

    The owner of the source this account belongs to.

    type DtoType (string)

    Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, MACHINE_IDENTITY, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]

    DTO type

    id string

    ID of the object to which this reference applies

    name string

    Human-readable display name of the object to which this reference applies

    features stringnullable

    A string list containing the owning source's features

    origin stringnullable

    Possible values: [AGGREGATED, PROVISIONED, null]

    The origin of the account either aggregated or provisioned

    ownerIdentity

    object

    nullable

    The identity who owns this account, used only for machine accounts

    type DtoType (string)

    Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, MACHINE_IDENTITY, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]

    DTO type

    id string

    ID of the object to which this reference applies

    name string

    Human-readable display name of the object to which this reference applies

  • ]

Loading...