Skip to main content

Predict SOD violations for identity.

POST 

/sod-violations/predict

This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused.

Request

Body

required

    identityId stringrequired

    Identity id to be checked.

    accessRefs

    object[]

    required

    The list of entitlements to consider for possible violations in a preventive check.

  • Array [

  • type string

    Possible values: [ENTITLEMENT]

    Entitlement's DTO type.

    id string

    Entitlement's ID.

    name string

    Entitlement's display name.

  • ]

Responses

Violation Contexts

Schema

    violationContexts

    object[]

    List of Violation Contexts

  • Array [

  • policy

    object

    The types of objects supported for SOD violations

    type

    Possible values: [ENTITLEMENT]

    The type of object that is referenced

    type string

    Possible values: [SOD_POLICY]

    SOD policy DTO type.

    id string

    SOD policy ID.

    name string

    SOD policy display name.

    conflictingAccessCriteria

    object

    The object which contains the left and right hand side of the entitlements that got violated according to the policy.

    leftCriteria

    object

    criteriaList

    object[]

    List of exception criteria. There is a min of 1 and max of 50 items in the list.

  • Array [

  • type

    Possible values: [ENTITLEMENT]

    The type of object that is referenced

  • ]

  • rightCriteria

    object

    criteriaList

    object[]

    List of exception criteria. There is a min of 1 and max of 50 items in the list.

  • Array [

  • type

    Possible values: [ENTITLEMENT]

    The type of object that is referenced

  • ]

  • ]

Loading...