Uploads source accounts schema template

POST 
https://sailpoint.api.identitynow.com/v3/sources/:id/schemas/accounts

This API uploads a source schema template file to configure a source's account attributes.

To retrieve the file to modify and upload, log into Identity Now.

Click Admin -> Connections -> Sources -> {SourceName} -> Import Data -> Account Schema -> Options -> Download Schema

NOTE: This API is designated only for Delimited File sources.

Request

Path Parameters

id stringrequired
The Source id
Example: 8c190e6787aa4ed9a90bd9d5344523fb

multipart/form-data

Bodyrequired

filebinary

Responses

200

Successfully uploaded the file

application/json

Schema

Schema

idstring
The id of the Schema.
Example: 2c9180835d191a86015d28455b4a2329
namestring
The name of the Schema.
Example: account
nativeObjectTypestring
The name of the object type on the native system that the schema represents.
Example: User
identityAttributestring
The name of the attribute used to calculate the unique identifier for an object in the schema.
Example: sAMAccountName
displayAttributestring
The name of the attribute used to calculate the display value for an object in the schema.
Example: distinguishedName
hierarchyAttributestring
The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.
Example: memberOf
includePermissionsboolean
Flag indicating whether or not the include permissions with the object data when aggregating the schema.
Example: false
featuresstring[]
Optional features that can be supported by a source. Modifying the features array may cause source configuration errors that are unsupportable. It is recommended to not modify this array for SailPoint supported connectors.
• AUTHENTICATE: The source supports pass-through authentication.
• COMPOSITE: The source supports composite source creation.
• DIRECT_PERMISSIONS: The source supports returning DirectPermissions.
• DISCOVER_SCHEMA: The source supports discovering schemas for users and groups.
• ENABLE The source supports reading if an account is enabled or disabled.
• MANAGER_LOOKUP: The source supports looking up managers as they are encountered in a feed. This is the opposite of NO_RANDOM_ACCESS.
• NO_RANDOM_ACCESS: The source does not support random access and the getObject() methods should not be called and expected to perform.
• PROXY: The source can serve as a proxy for another source. When an source has a proxy, all connector calls made with that source are redirected through the connector for the proxy source.
• SEARCH
• TEMPLATE
• UNLOCK: The source supports reading if an account is locked or unlocked.
• UNSTRUCTURED_TARGETS: The source supports returning unstructured Targets.
• SHAREPOINT_TARGET: The source supports returning unstructured Target data for SharePoint. It will be typically used by AD, LDAP sources.
• PROVISIONING: The source can both read and write accounts. Having this feature implies that the provision() method is implemented. It also means that direct and target permissions can also be provisioned if they can be returned by aggregation.
• GROUP_PROVISIONING: The source can both read and write groups. Having this feature implies that the provision() method is implemented.
• SYNC_PROVISIONING: The source can provision accounts synchronously.
• PASSWORD: The source can provision password changes. Since sources can never read passwords, this is should only be used in conjunction with the PROVISIONING feature.
• CURRENT_PASSWORD: Some source types support verification of the current password
• ACCOUNT_ONLY_REQUEST: The source supports requesting accounts without entitlements.
• ADDITIONAL_ACCOUNT_REQUEST: The source supports requesting additional accounts.
• NO_AGGREGATION: A source that does not support aggregation.
• GROUPS_HAVE_MEMBERS: The source models group memberships with a member attribute on the group object rather than a groups attribute on the account object. This effects the implementation of delta account aggregation.
• NO_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for accounts. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for accounts.
• NO_GROUP_PERMISSIONS_PROVISIONING: Indicates that the connector cannot provision direct or target permissions for groups. When DIRECT_PERMISSIONS and PROVISIONING features are present, it is assumed that the connector can also provision direct permissions. This feature disables that assumption and causes permission request to be converted to work items for groups.
• NO_UNSTRUCTURED_TARGETS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.
• NO_DIRECT_PERMISSIONS_PROVISIONING: This string will be replaced by NO_GROUP_PERMISSIONS_PROVISIONING and NO_PERMISSIONS_PROVISIONING.
• USES_UUID: Connectivity 2.0 flag used to indicate that the connector supports a compound naming structure.
• PREFER_UUID: Used in ISC Provisioning AND Aggregation to decide if it should prefer account.uuid to account.nativeIdentity when data is read in through aggregation OR pushed out through provisioning.
• ARM_SECURITY_EXTRACT: Indicates the application supports Security extracts for ARM
• ARM_UTILIZATION_EXTRACT: Indicates the application supports Utilization extracts for ARM
• ARM_CHANGELOG_EXTRACT: Indicates the application supports Change-log extracts for ARM
Possible values: [AUTHENTICATE, COMPOSITE, DIRECT_PERMISSIONS, DISCOVER_SCHEMA, ENABLE, MANAGER_LOOKUP, NO_RANDOM_ACCESS, PROXY, SEARCH, TEMPLATE, UNLOCK, UNSTRUCTURED_TARGETS, SHAREPOINT_TARGET, PROVISIONING, GROUP_PROVISIONING, SYNC_PROVISIONING, PASSWORD, CURRENT_PASSWORD, ACCOUNT_ONLY_REQUEST, ADDITIONAL_ACCOUNT_REQUEST, NO_AGGREGATION, GROUPS_HAVE_MEMBERS, NO_PERMISSIONS_PROVISIONING, NO_GROUP_PERMISSIONS_PROVISIONING, NO_UNSTRUCTURED_TARGETS_PROVISIONING, NO_DIRECT_PERMISSIONS_PROVISIONING, PREFER_UUID, ARM_SECURITY_EXTRACT, ARM_UTILIZATION_EXTRACT, ARM_CHANGELOG_EXTRACT, USES_UUID, APPLICATION_DISCOVERY]
Example: ["PROVISIONING","NO_PERMISSIONS_PROVISIONING","GROUPS_HAVE_MEMBERS"]
configurationobject
Holds any extra configuration data that the schema may require.
Example: {"groupMemberAttribute":"member"}
attributes object[]
The attribute definitions which form the schema.
Array [
namestring
The name of the attribute.
Example: sAMAccountName
typestring
The underlying type of the value which an AttributeDefinition represents.
Possible values: [STRING, LONG, INT, BOOLEAN]
Example: STRING
schema object
A reference to the schema on the source to the attribute values map to.
typestring
The type of object being referenced
Possible values: [CONNECTOR_SCHEMA]
Example: CONNECTOR_SCHEMA
idstring
The object ID this reference applies to.
Example: 2c91808568c529c60168cca6f90c1313
namestring
The human-readable display name of the object.
Example: group
descriptionstring
A human-readable description of the attribute.
Example: SAM Account Name
isMultiboolean
Flag indicating whether or not the attribute is multi-valued.
Default value: false
Example: false
isEntitlementboolean
Flag indicating whether or not the attribute is an entitlement.
Default value: false
Example: false
isGroupboolean
Flag indicating whether or not the attribute represents a group. This can only be true if isEntitlement is also true and there is a schema defined for the attribute..
Default value: false
Example: false
]
createddate-time
The date the Schema was created.
Example: 2019-12-24T22:32:58.104Z
modifieddate-time
The date the Schema was last modified.
Example: 2019-12-31T20:22:28.104Z

Example (auto)

{
  "id": "2c9180835d191a86015d28455b4a2329",
  "name": "account",
  "nativeObjectType": "User",
  "identityAttribute": "sAMAccountName",
  "displayAttribute": "distinguishedName",
  "hierarchyAttribute": "memberOf",
  "includePermissions": false,
  "features": [
    "PROVISIONING",
    "NO_PERMISSIONS_PROVISIONING",
    "GROUPS_HAVE_MEMBERS"
  ],
  "configuration": {
    "groupMemberAttribute": "member"
  },
  "attributes": [
    {
      "name": "sAMAccountName",
      "type": "STRING",
      "isMultiValued": false,
      "isEntitlement": false,
      "isGroup": false
    },
    {
      "name": "memberOf",
      "type": "STRING",
      "schema": {
        "type": "CONNECTOR_SCHEMA",
        "id": "2c9180887671ff8c01767b4671fc7d60",
        "name": "group"
      },
      "description": "Group membership",
      "isMultiValued": true,
      "isEntitlement": true,
      "isGroup": true
    }
  ],
  "created": "2019-12-24T22:32:58.104Z",
  "modified": "2019-12-31T20:22:28.104Z"
}

400

Client Error - Returned if the request body is invalid.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema

Schema

error
A message describing the error
Example: JWT validation failed: JWT is expired

Example (auto)

{
  "error": "JWT validation failed: JWT is expired"
}

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

403

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema

Schema

message
A message describing the error
Example: Rate Limit Exceeded

Example (auto)

{
  "message": " Rate Limit Exceeded "
}

500

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema

Schema

detailCodestring
Fine-grained error code providing more detail of the error.
Example: 400.1 Bad Request Content
trackingIdstring
Unique tracking id for the error.
Example: e7eab60924f64aa284175b9fa3309599
messages object[]
Generic localized reason for error
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
Array [
localestringnullable
The locale for the message text, a BCP 47 language tag.
Example: en-US
localeOriginstringnullable
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Possible values: [DEFAULT, REQUEST, null]
Example: DEFAULT
textstring
Actual text of the error message in the indicated locale.
Example: The request was syntactically correct but its content is semantically invalid.
]

Example (auto)

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

500

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Authorization: oauth2

type: Personal Access Token
scopes: idn:source-schema:manage

• go
• powershell
  SailPoint SDK
• python
  SailPoint SDK
• csharp
• curl
• dart
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• r
• ruby
• rust
• shell
• swift

• NATIVE

package main

import (
  "fmt"
  "net/http"
  "io"
)

func main() {

  url := "https://sailpoint.api.identitynow.com/v3/sources/:id/schemas/accounts"
  method := "POST"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "multipart/form-data")
  req.Header.Add("Accept", "application/json")
  req.Header.Add("Authorization", "Bearer <TOKEN>")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

Request Collapse all

Base URL

https://sailpoint.api.identitynow.com/v3

Auth

Bearer Token

Parameters

id — pathrequired

Body required

file

file

ResponseClear

Click the Send API Request button above and see the response here!