Gets the list of identity access items at a given date filterd by item type

GET 
https://sailpoint.api.identitynow.com/v2024/historical-identities/:id/snapshots/:date/access-items

experimental

This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.

This method retrieves the list of identity access items at a given date filterd by item type Requires authorization scope of 'idn:identity-history:read'

Request

Path Parameters

id stringrequired
The identity id
Example: 8c190e6787aa4ed9a90bd9d5344523fb
date stringrequired
The specified date
Example: 2007-03-01T13:00:00Z

Query Parameters

type string
The access item type
Example: account

Header Parameters

X-SailPoint-Experimental stringrequired
Use this header to enable this experimental API.
Default value: true
Example: true

Responses

200

The identity object.

application/json

Schema

Schema

Array [
oneOf
MOD1
accessTypestring
the access item type. accessProfile in this case
Example: accessProfile
idstring
the access item id
Example: 2c918087763e69d901763e72e97f006f
namestring
the access profile name
Example: sample
sourceNamestring
the name of the source
Example: DataScienceDataset
sourceIdstring
the id of the source
Example: 2793o32dwd
descriptionstring
the description for the access profile
Example: AccessProfile - Workday/Citizenship access
displayNamestring
the display name of the identity
Example: Dr. Arden Rogahn MD
entitlementCountstring
the number of entitlements the access profile will create
Example: 12
appDisplayNamestring
the name of
Example: AppName
removeDatestring
the date the access profile is no longer assigned to the specified identity
Example: 2024-07-01T06:00:00.000Z
standalonebooleanrequired
indicates whether the access profile is standalone
Example: false
revocablebooleanrequired
indicates whether the access profile is
Example: true
MOD2
accessTypestring
the access item type. account in this case
Example: account
idstring
the access item id
Example: 2c918087763e69d901763e72e97f006f
nativeIdentitystring
the native identifier used to uniquely identify an acccount
Example: dr.arden.ogahn.d
sourceNamestring
the name of the source
Example: DataScienceDataset
sourceIdstring
the id of the source
Example: 2793o32dwd
entitlementCountstring
the number of entitlements the account will create
Example: 12
displayNamestring
the display name of the identity
Example: Dr. Arden Rogahn MD
MOD3
accessTypestring
the access item type. entitlement in this case
Example: app
idstring
the access item id
Example: 2c918087763e69d901763e72e97f006f
displayNamestring
the access item display name
Example: Display Name
sourceNamestring
the associated source name if it exists
Example: appName
appRoleIdstring
the app role id
Example: 2c918087763e69d901763e72e97f006f
MOD4
accessTypestring
the access item type. entitlement in this case
Example: entitlement
idstring
the access item id
Example: 2c918087763e69d901763e72e97f006f
attributestring
the entitlement attribute
Example: groups
valuestring
the associated value
Example: Upward mobility access
entitlementTypestring
the type of entitlement
Example: entitlement
sourceNamestring
the name of the source
Example: DataScienceDataset
sourceIdstring
the id of the source
Example: 2793o32dwd
descriptionstring
the description for the entitlment
Example: Entitlement - Workday/Citizenship access
displayNamestring
the display name of the identity
Example: Dr. Arden Rogahn MD
standalonebooleanrequired
indicates whether the entitlement is standalone
Example: true
privilegedbooleanrequired
indicates whether the entitlement is privileged
Example: false
cloudGovernedbooleanrequired
indicates whether the entitlement is cloud governed
Example: true
MOD5
accessTypestring
the access item type. role in this case
Example: role
idstring
the access item id
Example: 2c918087763e69d901763e72e97f006f
displayNamestring
the role display name
Example: sample
descriptionstring
the description for the role
Example: Role - Workday/Citizenship access
sourceNamestring
the associated source name if it exists
Example: Source Name
removeDatestring
the date the role is no longer assigned to the specified identity
Example: 2024-07-01T06:00:00.000Z
revocablebooleanrequired
indicates whether the role is revocable
Example: true
]

Example (auto)

[
  {
    "accessType": "accessProfile",
    "id": "2c918087763e69d901763e72e97f006f",
    "name": "sample",
    "sourceName": "DataScienceDataset",
    "sourceId": "2793o32dwd",
    "description": "AccessProfile - Workday/Citizenship access",
    "displayName": "Dr. Arden Rogahn MD",
    "entitlementCount": 12,
    "appDisplayName": "AppName",
    "removeDate": "2024-07-01T06:00:00.000Z",
    "standalone": false,
    "revocable": true
  },
  {
    "accessType": "account",
    "id": "2c918087763e69d901763e72e97f006f",
    "nativeIdentity": "dr.arden.ogahn.d",
    "sourceName": "DataScienceDataset",
    "sourceId": "2793o32dwd",
    "entitlementCount": 12,
    "displayName": "Dr. Arden Rogahn MD"
  },
  {
    "accessType": "app",
    "id": "2c918087763e69d901763e72e97f006f",
    "displayName": "Display Name",
    "sourceName": "appName",
    "appRoleId": "2c918087763e69d901763e72e97f006f"
  },
  {
    "accessType": "entitlement",
    "id": "2c918087763e69d901763e72e97f006f",
    "attribute": "groups",
    "value": "Upward mobility access",
    "entitlementType": "entitlement",
    "sourceName": "DataScienceDataset",
    "sourceId": "2793o32dwd",
    "description": "Entitlement - Workday/Citizenship access",
    "displayName": "Dr. Arden Rogahn MD",
    "standalone": true,
    "privileged": false,
    "cloudGoverned": true
  },
  {
    "accessType": "role",
    "id": "2c918087763e69d901763e72e97f006f",
    "displayName": "sample",
    "description": "Role - Workday/Citizenship access",
    "sourceName": "Source Name",
    "removeDate": "2024-07-01T06:00:00.000Z",
    "revocable": true
  }
]

Access Item AccessProfile Response

[
  {
    "type": "accessProfile",
    "id": "2c918087763e69d901763e72e97f006f",
    "name": "sample",
    "sourceName": "DataScienceDataset",
    "sourceId": "2793o32dwd",
    "description": "AccessProfile - Workday/Citizenship access",
    "displayName": "Dr. Arden Rogahn MD",
    "entitlementCount": 12,
    "appDisplayName": "AppName"
  }
]

Access Item Account Response

[
  {
    "type": "account",
    "id": "2c918087763e69d901763e72e97f006f",
    "nativeIdentity": "dr.arden.ogahn.d",
    "sourceName": "DataScienceDataset",
    "sourceId": "2793o32dwd",
    "entitlementCount": 12,
    "displayName": "Dr. Arden Rogahn MD"
  }
]

Access Item App Response

[
  {
    "type": "app",
    "id": "2c918087763e69d901763e72e97f006f",
    "name": "appName"
  }
]

Access Item Entitlement Response

[
  {
    "type": "entitlement",
    "id": "2c918087763e69d901763e72e97f006f",
    "attribute": "groups",
    "value": "Upward mobility access",
    "entitlementType": "entitlement",
    "sourceName": "DataScienceDataset",
    "sourceId": "2793o32dwd",
    "description": "Entitlement - Workday/Citizenship access",
    "displayName": "Dr. Arden Rogahn MD"
  }
]

Access Item Role Response

[
  {
    "type": "role",
    "id": "2c918087763e69d901763e72e97f006f",
    "name": "sample",
    "description": "Role - Workday/Citizenship access"
  }
]

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error
A message describing the error
Example: JWT validation failed: JWT is expired

Example (auto)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

404

Not Found - returned if the request URL refers to a resource or object that does not exist

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

404

An example of a 404 response object

{
  "detailCode": "404 Not found",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server did not find a current representation for the target resource."
    }
  ]
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Authorization: oauth2

type: Personal Access Token
scopes: sp:scopes:all

• go
• powershell
  SailPoint SDK
• python
  SailPoint SDK
• csharp
• curl
• dart
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• r
• ruby
• rust
• shell
• swift

• NATIVE

package main

import (
  "fmt"
  "net/http"
  "io"
)

func main() {

  url := "https://sailpoint.api.identitynow.com/v2024/historical-identities/:id/snapshots/:date/access-items"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Accept", "application/json")
  req.Header.Add("Authorization", "Bearer <TOKEN>")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

Request Collapse all

Base URL

https://sailpoint.api.identitynow.com/v2024

Auth

Bearer Token

Parameters

id — pathrequired

date — pathrequired

X-SailPoint-Experimental — headerrequired

type — query

ResponseClear

Click the Send API Request button above and see the response here!