Skip to main content

Patch a SOD policy

PATCH 

/sod-policies/:id

deprecated

This endpoint has been deprecated and may be replaced or removed in future versions of the API.

Allows updating SOD Policy fields other than ["id","created","creatorId","policyQuery","type"] using the JSON Patch standard. Requires role of ORG_ADMIN. This endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception.

Request

Path Parameters

    id stringrequired

    The ID of the SOD policy being modified.

    Example: 2c9180835d191a86015d28455b4a2329

Body

array

required

A list of SOD Policy update operations according to the JSON Patch standard.

The following fields are patchable:

  • name

  • description

  • ownerRef

  • externalPolicyReference

  • compensatingControls

  • correctionAdvice

  • state

  • tags

  • violationOwnerAssignmentConfig

  • scheduled

  • conflictingAccessCriteria

  • Array [

  • object

  • ]

Responses

Indicates the PATCH operation succeeded, and returns the SOD policy's new representation.

Schema

    id string

    Policy ID.

    name string

    Policy business name.

    created date-time

    The time when this SOD policy is created.

    modified date-time

    The time when this SOD policy is modified.

    description stringnullable

    Optional description of the SOD policy.

    ownerRef

    object

    The owner of the SOD policy.

    type string

    Possible values: [IDENTITY, GOVERNANCE_GROUP]

    Owner type.

    id string

    Owner's ID.

    name string

    Owner's name.

    externalPolicyReference stringnullable

    Optional external policy reference.

    policyQuery string

    Search query of the SOD policy.

    compensatingControls stringnullable

    Optional compensating controls (Mitigating Controls).

    correctionAdvice stringnullable

    Optional correction advice.

    state string

    Possible values: [ENFORCED, NOT_ENFORCED]

    Whether the policy is enforced or not.

    tags string[]

    Tags for the policy object.

    creatorId string

    Policy's creator ID.

    modifierId stringnullable

    Policy's modifier ID.

    violationOwnerAssignmentConfig

    object

    nullable

    assignmentRule stringnullable

    Possible values: [MANAGER, STATIC, null]

    Details about the violations owner. MANAGER - identity's manager STATIC - Governance Group or Identity

    ownerRef

    object

    nullable

    The owner of the violation assignment config.

    type string

    Possible values: [IDENTITY, GOVERNANCE_GROUP, MANAGER, null]

    Owner type.

    id string

    Owner's ID.

    name string

    Owner's name.

    scheduled boolean

    Defines whether a policy has been scheduled or not.

    type string

    Possible values: [GENERAL, CONFLICTING_ACCESS_BASED]

    Default value: GENERAL

    Whether a policy is query based or conflicting access based.

    conflictingAccessCriteria

    object

    leftCriteria

    object

    name string

    Business name for the access construct list

    criteriaList

    object[]

    List of criteria. There is a min of 1 and max of 50 items in the list.

  • Array [

  • type string

    Possible values: [ENTITLEMENT]

    DTO type

    id string

    ID of the object to which this reference applies to

    name string

    Human-readable display name of the object to which this reference applies to

  • ]

  • rightCriteria

    object

    name string

    Business name for the access construct list

    criteriaList

    object[]

    List of criteria. There is a min of 1 and max of 50 items in the list.

  • Array [

  • type string

    Possible values: [ENTITLEMENT]

    DTO type

    id string

    ID of the object to which this reference applies to

    name string

    Human-readable display name of the object to which this reference applies to

  • ]

Loading...