Skip to main content

Edit entitlements for a potential role to exclude some entitlements

POST 
/role-mining-sessions/:sessionId/potential-roles/:potentialRoleId/edit-entitlements

This endpoint adds or removes entitlements from an exclusion list for a potential role.

Request

Path Parameters

    sessionId stringrequired

    The role mining session id

    Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
    potentialRoleId stringrequired

    A potential role id in a role mining session

    Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb

Body

required

Role mining session parameters

    ids string[]

    The list of entitlement ids to be edited

    exclude boolean

    If true, add ids to be exclusion list. If false, remove ids from the exclusion list.

Responses

Adds or removes entitlements from a potential role's entitlement exclusion list.

Schema
    createdBy object

    The session created by details.

    id string

    ID of the creator

    displayName string

    The display name of the creator

    density int32

    The density of a potential role.

    description string

    The description of a potential role.

    entitlementCount int32

    The number of entitlements in a potential role.

    excludedEntitlements string[]

    The list of entitlement ids to be excluded.

    freshness int32

    The freshness of a potential role.

    identityCount int32

    The number of identities in a potential role.

    identityDistribution object[]

    Identity attribute distribution.

  • Array [
    • attributeName string

    Id of the potential role

    distribution object[]
  • ]
    • identityIds string[]

    The list of ids in a potential role.

    name string

    Name of the potential role.

    provisionState RoleMiningPotentialRoleProvisionState

    Possible values: [POTENTIAL, PENDING, COMPLETE, FAILED]

    The provisioning state of a potential role.

    quality int32

    The quality of a potential role.

    roleId string

    The roleId of a potential role.

    saved boolean

    The potential role's saved status.

    session object

    The session parameters of the potential role.

    id string

    The ID of the role mining session

    name stringnullable

    The session's saved name

    minNumIdentitiesInPotentialRole int32nullable

    Minimum number of identities in a potential role

    pruneThreshold int32nullable

    The prune threshold to be used or null to calculate prescribedPruneThreshold

    saved boolean

    Default value: true

    The session's saved status

    scope object

    The scope of identities for this role mining session

    identityIds string[]

    The list of identities for this role mining session.

    criteria stringnullable

    The "search" criteria that produces the list of identities for this role mining session.

    attributeFilterCriteria object[]nullable

    The filter criteria for this role mining session.

    type RoleMiningRoleType

    Possible values: [SPECIALIZED, COMMON]

    Role mining potential type

    state RoleMiningSessionState

    Possible values: [CREATED, UPDATED, IDENTITIES_OBTAINED, PRUNE_THRESHOLD_OBTAINED, POTENTIAL_ROLES_PROCESSING, POTENTIAL_ROLES_CREATED]

    Role mining session state

    scopingMethod RoleMiningSessionScopingMethod

    Possible values: [MANUAL, AUTO_RM]

    Scoping method used in current role mining session

    type RoleMiningRoleType

    Possible values: [SPECIALIZED, COMMON]

    Role mining potential type.

Loading...