Create source app

POST 
https://sailpoint.api.identitynow.com/v2025/source-apps

experimental

This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.

This endpoint creates a source app using the given source app payload

Request

Header Parameters

X-SailPoint-Experimental stringrequired
Use this header to enable this experimental API.
Default value: true
Example: true

application/json

Bodyrequired

namestringrequired
The source app name
Example: my app
descriptionstringrequired
The description of the source app
Example: the source app for engineers
matchAllAccountsboolean
True if the source app match all accounts
Default value: false
Example: true
accountSource objectrequired
idstringrequired
The source ID
Example: 2c9180827ca885d7017ca8ce28a000eb
typestring
The source type, will always be "SOURCE"
Example: SOURCE
namestring
The source name
Example: ODS-AD-Source

Responses

200

Responds with the source app as created.

application/json

Schema

Schema

idstring
The source app id
Example: 2c91808874ff91550175097daaec161c
cloudAppIdstring
The deprecated source app id
Example: 9854520
namestring
The source app name
Example: my app
createddate-time
Time when the source app was created
Example: 2020-10-08T18:33:52.029Z
modifieddate-time
Time when the source app was last modified
Example: 2020-10-08T18:33:52.029Z
enabledboolean
True if the source app is enabled
Default value: false
Example: true
provisionRequestEnabledboolean
True if the source app is provision request enabled
Default value: false
Example: true
descriptionstring
The description of the source app
Example: the source app for engineers
matchAllAccountsboolean
True if the source app match all accounts
Default value: false
Example: true
appCenterEnabledboolean
True if the source app is shown in the app center
Default value: true
Example: true
accountSource objectnullable
idstring
The source ID
Example: 2c9180827ca885d7017ca8ce28a000eb
typestring
The source type, will always be "SOURCE"
Example: SOURCE
namestring
The source name
Example: ODS-AD-Source
useForPasswordManagementboolean
If the source is used for password management
Default value: false
Example: ture
passwordPolicies object[]nullable
The password policies for the source
Array [
typestring
An enumeration of the types of DTOs supported within the IdentityNow infrastructure.
Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, MACHINE_IDENTITY, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]
Example: IDENTITY
idstring
ID of the object to which this reference applies
Example: 2c91808568c529c60168cca6f90c1313
namestring
Human-readable display name of the object to which this reference applies
Example: William Wilson
]
owner objectnullable
The owner of source app
typestring
An enumeration of the types of DTOs supported within the IdentityNow infrastructure.
Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, MACHINE_IDENTITY, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]
Example: IDENTITY
idstring
ID of the object to which this reference applies
Example: 2c91808568c529c60168cca6f90c1313
namestring
Human-readable display name of the object to which this reference applies
Example: William Wilson

Example (auto)

{
  "id": "2c91808874ff91550175097daaec161c",
  "cloudAppId": "9854520",
  "name": "my app",
  "created": "2020-10-08T18:33:52.029Z",
  "modified": "2020-10-08T18:33:52.029Z",
  "enabled": true,
  "provisionRequestEnabled": true,
  "description": "the source app for engineers",
  "matchAllAccounts": true,
  "appCenterEnabled": true,
  "accountSource": {
    "id": "2c9180827ca885d7017ca8ce28a000eb",
    "type": "SOURCE",
    "name": "ODS-AD-Source",
    "useForPasswordManagement": "ture",
    "passwordPolicies": [
      {
        "type": "PASSWORD_POLICY",
        "id": "006a072ecc6647f68bba9f4a4ad34649",
        "name": "Password Policy 1"
      }
    ]
  },
  "owner": {
    "id": "85d173e7d57e496569df763231d6deb6a",
    "type": "IDENTITY",
    "name": "John Doe"
  }
}

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error
A message describing the error
Example: JWT validation failed: JWT is expired

Example (auto)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema

Schema

message
A message describing the error
Example: Rate Limit Exceeded

Example (auto)

{
  "message": " Rate Limit Exceeded "
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Authorization: oauth2

type: Personal Access Token
scopes: idn:app-roles:manage

• go
• powershell
  SailPoint SDK
• python
  SailPoint SDK
• csharp
• curl
• dart
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• r
• ruby
• rust
• shell
• swift

• NATIVE

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "https://sailpoint.api.identitynow.com/v2025/source-apps"
  method := "POST"

  payload := strings.NewReader(`{
  "name": "my app",
  "description": "the source app for engineers",
  "matchAllAccounts": true,
  "accountSource": {
    "id": "2c9180827ca885d7017ca8ce28a000eb",
    "type": "SOURCE",
    "name": "ODS-AD-Source"
  }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Accept", "application/json")
  req.Header.Add("Authorization", "Bearer <TOKEN>")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

Request Collapse all

Base URL

https://sailpoint.api.identitynow.com/v2025

Auth

Bearer Token

Parameters

X-SailPoint-Experimental — headerrequired

Body required

• Example (from schema)
• Example

{
  "name": "my app",
  "description": "the source app for engineers",
  "matchAllAccounts": true,
  "accountSource": {
    "id": "2c9180827ca885d7017ca8ce28a000eb",
    "type": "SOURCE",
    "name": "ODS-AD-Source"
  }
}

ResponseClear

Click the Send API Request button above and see the response here!