Retrieves a specific potential role
GEThttps://sailpoint.api.identitynow.com/v2025/role-mining-sessions/:sessionId/potential-role-summaries/:potentialRoleId
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true
to use this endpoint.
This method returns a specific potential role for a role mining session.
Request
Path Parameters
The role mining session id
A potential role id in a role mining session
Header Parameters
Use this header to enable this experimental API.
true
Responses
- 200
- 400
- 401
- 403
- 429
- 500
Succeeded. Returns a list of potential roles for a role mining session.
- application/json
- Schema
- Example (auto)
Schema
createdBy object
The density of a potential role.
75
The description of a potential role.
Potential Role for Accounting dept
The number of entitlements in a potential role.
25
The list of entitlement ids to be excluded.
["07a0b4e2","13b4e2a0"]
The freshness of a potential role.
75
The number of identities in a potential role.
25
identityDistribution object[]nullable
The list of ids in a potential role.
["07a0b4e2","13b4e2a0"]
Name of the potential role.
Saved Potential Role - 07/10
The provisioning state of a potential role.
Possible values: [POTENTIAL
, PENDING
, COMPLETE
, FAILED
, null
]
POTENTIAL
The quality of a potential role.
100
The roleId of a potential role.
07a0b4e2-7a76-44fa-bd0b-c64654b66519
The potential role's saved status.
true
session object
Role type
Possible values: [SPECIALIZED
, COMMON
]
SPECIALIZED
Id of the potential role
e0cc5d7d-bf7f-4f81-b2af-8885b09d9923
The date-time when this potential role was created.
The date-time when this potential role was modified.
{
"createdBy": {
"id": "2c918090761a5aac0176215c46a62d58",
"displayName": "Ashley.Pierce"
},
"density": 75,
"description": "Potential Role for Accounting dept",
"entitlementCount": 25,
"excludedEntitlements": [
"07a0b4e2",
"13b4e2a0"
],
"freshness": 75,
"identityCount": 25,
"identityDistribution": [
{
"attributeName": "department",
"distribution": [
{
"attributeValue": "NM Tier 3",
"count": 6
}
]
}
],
"identityIds": [
"07a0b4e2",
"13b4e2a0"
],
"name": "Saved Potential Role - 07/10",
"provisionState": "POTENTIAL",
"quality": 100,
"roleId": "07a0b4e2-7a76-44fa-bd0b-c64654b66519",
"saved": true,
"session": {
"id": "9f36f5e5-1e81-4eca-b087-548959d91c71",
"name": "Saved RM Session - 07/10",
"minNumIdentitiesInPotentialRole": 20,
"pruneThreshold": 5,
"saved": true,
"scope": {
"identityIds": [],
"criteria": "source.name:DataScienceDataset",
"attributeFilterCriteria": {
"displayName": {
"untranslated": "Location: Miami"
},
"ariaLabel": {
"untranslated": "Location: Miami"
},
"data": {
"displayName": {
"translateKey": "IDN.IDENTITY_ATTRIBUTES.LOCATION"
},
"name": "location",
"operator": "EQUALS",
"values": [
"Miami"
]
}
}
},
"type": "SPECIALIZED",
"state": "CREATED",
"scopingMethod": "MANUAL"
},
"type": "SPECIALIZED",
"id": "e0cc5d7d-bf7f-4f81-b2af-8885b09d9923",
"createdDate": "2024-07-29T15:51:28.071Z",
"modifiedDate": "2024-07-29T15:51:28.071Z"
}
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (auto)
Schema
Fine-grained error code providing more detail of the error.
400.1 Bad Request Content
Unique tracking id for the error.
e7eab60924f64aa284175b9fa3309599
messages object[]
causes object[]
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (auto)
Schema
A message describing the error
JWT validation failed: JWT is expired
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (auto)
- 403
Schema
Fine-grained error code providing more detail of the error.
400.1 Bad Request Content
Unique tracking id for the error.
e7eab60924f64aa284175b9fa3309599
messages object[]
causes object[]
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (auto)
Schema
A message describing the error
Rate Limit Exceeded
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (auto)
- 500
Schema
Fine-grained error code providing more detail of the error.
400.1 Bad Request Content
Unique tracking id for the error.
e7eab60924f64aa284175b9fa3309599
messages object[]
causes object[]
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}
Authorization: oauth2
type: Personal Access Tokenscopes: sp:scopes:all
- go
- powershellSailPoint SDK
- pythonSailPoint SDK
- csharp
- curl
- dart
- http
- java
- javascript
- kotlin
- c
- nodejs
- objective-c
- ocaml
- php
- r
- ruby
- rust
- shell
- swift
- NATIVE
package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://sailpoint.api.identitynow.com/v2025/role-mining-sessions/:sessionId/potential-role-summaries/:potentialRoleId"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Bearer <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}