List Identities
GET/identities
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
This API returns a list of identities.
Request
Query Parameters
Filter results using the standard syntax described in V3 API Standard Collection Parameters
Filtering is supported for the following fields and operators:
id: eq, in
name: eq, sw
alias: eq, sw
firstname: eq, sw
lastname: eq, sw
email: eq, sw
cloudStatus: eq
processingState: eq
correlated: eq
protected: eq
Sort results using the standard syntax described in V3 API Standard Collection Parameters
Sorting is supported for the following fields: name, alias, cloudStatus
Possible values: [CORRELATED_ONLY, NONE]
Default value: CORRELATED_ONLY
Adds additional filter to filters query parameter.
CORRELATED_ONLY adds correlated=true and returns only identities that are correlated.
NONE does not add any and returns all identities that satisfy filters query parameter.
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored.
Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used.
See V3 API Standard Collection Parameters for more information.
Possible values: <= 250
Default value: 250
Max number of results to return. See V3 API Standard Collection Parameters for more information.
Default value: 0
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Header Parameters
Default value: true
Use this header to enable this experimental API.
Responses
- 200
- 400
- 401
- 403
- 429
- 500
List of identities.
- application/json
- Schema
- Example (from schema)
Schema
Array [
]
System-generated unique ID of the identity
The identity's name is equivalent to its Display Name attribute.
Creation date of the identity
Last modification date of the identity
The identity's alternate unique identifier is equivalent to its Account Name on the authoritative source account schema.
The email address of the identity
Possible values: [ERROR, OK, null]
The processing state of the identity
Possible values: [UNREGISTERED, REGISTERED, PENDING, WARNING, DISABLED, ACTIVE, DEACTIVATED, TERMINATED, ERROR, LOCKED]
The identity's status in the system
managerRef
object
nullable
Identity's manager
Possible values: [IDENTITY]
DTO type of identity's manager
ID of identity's manager
Human-readable display name of identity's manager
Whether this identity is a manager of another identity
The last time the identity was refreshed by the system
A map with the identity attributes for the identity
lifecycleState
object
Lifecycle state details that include lifecycle state name and whether this lifecycle state has been set manually
The name of the lifecycle state
Whether the lifecycle state has been manually or automatically set
[
{
"id": "01f04e428c484542a241dc89c303b178",
"name": "Walter White",
"created": "2023-01-03T21:16:22.432Z",
"modified": "2023-01-03T21:16:22.432Z",
"alias": "walter.white",
"emailAddress": "[email protected]",
"processingState": "ERROR",
"identityStatus": "LOCKED",
"managerRef": {
"type": "IDENTITY",
"id": "2c4180a46faadee4016fb4e018c20626",
"name": "Robert Robinson"
},
"isManager": true,
"lastRefresh": "2020-11-22T15:42:31.123Z",
"attributes": {
"uid": "86754",
"firstname": "Walter",
"cloudStatus": "UNREGISTERED",
"displayName": "Walter White",
"identificationNumber": "86754",
"lastSyncDate": 1470348809380,
"email": "[email protected]",
"lastname": "White"
},
"lifecycleState": {
"stateName": "active",
"manuallyUpdated": true
}
}
]
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (from schema)
Schema
Array [
]
Array [
]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages
object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes
object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (from schema)
Schema
A message describing the error
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (from schema)
- 403
Schema
Array [
]
Array [
]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages
object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes
object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (from schema)
Schema
A message describing the error
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (from schema)
- 500
Schema
Array [
]
Array [
]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages
object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes
object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT, REQUEST, null]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}