Skip to main content

Edit entitlements for a potential role to exclude some entitlements

POST 

https://sailpoint.api.identitynow.com/beta/role-mining-sessions/:sessionId/potential-roles/:potentialRoleId/edit-entitlements

This endpoint adds or removes entitlements from an exclusion list for a potential role.

Request

Path Parameters

    sessionId stringrequired

    The role mining session id

    Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
    potentialRoleId stringrequired

    A potential role id in a role mining session

    Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb

Bodyrequired

Role mining session parameters

    idsstring[]

    The list of entitlement ids to be edited

    excludeboolean

    If true, add ids to be exclusion list. If false, remove ids from the exclusion list.

Responses

Adds or removes entitlements from a potential role's entitlement exclusion list.

Schema
    createdBy object

    The session created by details

    oneOf
    idstring

    ID of the creator

    Example: 2c918090761a5aac0176215c46a62d58
    displayNamestring

    The display name of the creator

    Example: Ashley.Pierce
    densityint32

    The density of a potential role.

    Example: 75
    descriptionstringnullable

    The description of a potential role.

    Example: Potential Role for Accounting dept
    entitlementCountint32

    The number of entitlements in a potential role.

    Example: 25
    excludedEntitlementsstring[]nullable

    The list of entitlement ids to be excluded.

    Example: ["07a0b4e2","13b4e2a0"]
    freshnessint32

    The freshness of a potential role.

    Example: 75
    identityCountint32

    The number of identities in a potential role.

    Example: 25
    identityDistribution object[]nullable

    Identity attribute distribution.

  • Array [
  • attributeNamestring

    Id of the potential role

    Example: department
    distributionobject[]
    Example: [{"attributeValue":"NM Tier 3","count":6}]
  • ]
  • identityIdsstring[]

    The list of ids in a potential role.

    Example: ["07a0b4e2","13b4e2a0"]
    namestring

    Name of the potential role.

    Example: Saved Potential Role - 07/10
    provisionStatestring

    Provision state

    Possible values: [POTENTIAL, PENDING, COMPLETE, FAILED]

    Example: POTENTIAL
    qualityint32

    The quality of a potential role.

    Example: 100
    roleIdstringnullable

    The roleId of a potential role.

    Example: 07a0b4e2-7a76-44fa-bd0b-c64654b66519
    savedboolean

    The potential role's saved status.

    Example: true
    session object
    idstring

    The ID of the role mining session

    Example: 9f36f5e5-1e81-4eca-b087-548959d91c71
    namestringnullable

    The session's saved name

    Example: Saved RM Session - 07/10
    minNumIdentitiesInPotentialRoleint32nullable

    Minimum number of identities in a potential role

    Example: 20
    pruneThresholdint32nullable

    The prune threshold to be used or null to calculate prescribedPruneThreshold

    Example: 5
    savedboolean

    The session's saved status

    Default value: true
    Example: true
    scope object

    The scope of identities for this role mining session

    identityIdsstring[]

    The list of identities for this role mining session.

    Example: ["2c918090761a5aac0176215c46a62d58","2c918090761a5aac01722015c46a62d42"]
    criteriastringnullable

    The "search" criteria that produces the list of identities for this role mining session.

    Example: source.name:DataScienceDataset
    attributeFilterCriteriaobject[]nullable

    The filter criteria for this role mining session.

    Example: {"displayName":{"untranslated":"Location: Miami"},"ariaLabel":{"untranslated":"Location: Miami"},"data":{"displayName":{"translateKey":"IDN.IDENTITY_ATTRIBUTES.LOCATION"},"name":"location","operator":"EQUALS","values":["Miami"]}}
    typestring

    Role mining potential type

    Possible values: [SPECIALIZED, COMMON]

    Example: SPECIALIZED
    statestring

    Role mining session state

    Possible values: [CREATED, UPDATED, IDENTITIES_OBTAINED, PRUNE_THRESHOLD_OBTAINED, POTENTIAL_ROLES_PROCESSING, POTENTIAL_ROLES_CREATED]

    Example: CREATED
    scopingMethodstring

    The scoping method used in the current role mining session.

    Possible values: [MANUAL, AUTO_RM]

    Example: MANUAL
    typestring

    Role type

    Possible values: [SPECIALIZED, COMMON]

    Example: SPECIALIZED
    idstring

    Id of the potential role

    Example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923
    createdDatedate-time

    The date-time when this potential role was created.

    modifiedDatedate-time

    The date-time when this potential role was modified.

Authorization: oauth2

type: Personal Access Token
scopes: sp:scopes:all
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://sailpoint.api.identitynow.com/beta/role-mining-sessions/:sessionId/potential-roles/:potentialRoleId/edit-entitlements"
method := "POST"

payload := strings.NewReader(`{
"ids": [
"entId1",
"entId2"
],
"exclude": true
}`)

client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)

if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Bearer <TOKEN>")

res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()

body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
Request Collapse all
Base URL
https://sailpoint.api.identitynow.com/beta
Auth
Parameters
— pathrequired
— pathrequired
Body required
{
  "ids": [
    "entId1",
    "entId2"
  ],
  "exclude": true
}
ResponseClear

Click the Send API Request button above and see the response here!