Run Report

POST /reports/run

Runs a report according to input report details. If non-concurrent task is already running then it returns, otherwise new task creates and returns.

Request

application/json

Body

required

reportType string

Possible values: [ACCOUNTS, IDENTITIES_DETAILS, IDENTITIES, IDENTITY_PROFILE_IDENTITY_ERROR, ORPHAN_IDENTITIES, SEARCH_EXPORT, UNCORRELATED_ACCOUNTS]

Use this property to define what report should be processed in the RDE service.

arguments object

The string-object map(dictionary) with the arguments needed for report processing.

oneOf

ACCOUNTS
IDENTITIES_DETAILS
IDENTITIES
IDENTITY_PROFILE_IDENTITY_ERROR
ORPHAN_IDENTITIES & UNCORRELATED_ACCOUNTS
SEARCH_EXPORT

application stringrequired

Id of the authoritative source to export related accounts e.g. identities

sourceName stringrequired

Name of the authoritative source for accounts export

defaultS3Bucket booleanrequired

Use it to set default s3 bucket where generated report will be saved. In case this argument is false and 's3Bucket' argument is null or absent there will be default s3Bucket assigned to the report.

s3Bucket string

If you want to be specific you could use this argument with defaultS3Bucket = false.

correlatedOnly booleanrequired

Default value: false

Boolean FLAG to specify if only correlated identities should be used in report processing

defaultS3Bucket booleanrequired

Use it to set default s3 bucket where generated report will be saved. In case this argument is false and 's3Bucket' argument is null or absent there will be default s3Bucket assigned to the report.

s3Bucket string

If you want to be specific you could use this argument with defaultS3Bucket = false.

correlatedOnly boolean

Default value: false

Boolean FLAG to specify if only correlated identities should be used in report processing

defaultS3Bucket booleanrequired

Use it to set default s3 bucket where generated report will be saved. In case this argument is false and 's3Bucket' argument is null or absent there will be default s3Bucket assigned to the report.

s3Bucket string

If you want to be specific you could use this argument with defaultS3Bucket = false.

selectedFormats string[]

Possible values: [CSV, PDF]

Output report file formats. This are formats for calling get endpoint as a query parameter 'fileFormat'. In case report won't have this argument there will be ['CSV', 'PDF'] as default.

defaultS3Bucket booleanrequired

Use it to set default s3 bucket where generated report will be saved. In case this argument is false and 's3Bucket' argument is null or absent there will be default s3Bucket assigned to the report.

s3Bucket string

If you want to be specific you could use this argument with defaultS3Bucket = false.

indices Index[]

Possible values: [accessprofiles, accountactivities, entitlements, events, identities, roles, *]

The names of the Elasticsearch indices in which to search. If none are provided, then all indices will be searched.

filters object

The filters to be applied for each filtered field name.

property name* Filter

type FilterType

Possible values: [EXISTS, RANGE, TERMS]

Enum representing the currently supported filter types. Additional values may be added in the future without notice.

range object

The range of values to be filtered.

lower object

The lower bound of the range.

value stringrequired

The value of the range's endpoint.

inclusive boolean

Default value: false

Indicates if the endpoint is included in the range.

upper object

The upper bound of the range.

value stringrequired

The value of the range's endpoint.

inclusive boolean

Default value: false

Indicates if the endpoint is included in the range.

terms string[]

The terms to be filtered.

exclude boolean

Default value: false

Indicates if the filter excludes results.

query objectrequired

Query parameters used to construct an Elasticsearch query object.

query string

The query using the Elasticsearch Query String Query syntax from the Query DSL extended by SailPoint to support Nested queries.

fields string[]

The fields the query will be applied to. Fields provide you with a simple way to add additional fields to search, without making the query too complicated. For example, you can use the fields to specify that you want your query of "a*" to be applied to "name", "firstName", and the "source.name". The response will include all results matching the "a*" query found in those three fields. A field's availability depends on the indices being searched. For example, if you are searching "identities", you can apply your search to the "firstName" field, but you couldn't use "firstName" with a search on "access profiles". Refer to the response schema for the respective lists of available fields.

timeZone string

The time zone to be applied to any range query related to dates.

innerHit object

The innerHit query object returns a flattened list of results for the specified nested type.

query stringrequired

The search query using the Elasticsearch Query String Query syntax from the Query DSL extended by SailPoint to support Nested queries.

type stringrequired

The nested type to use in the inner hits query. The nested type Nested Type refers to a document "nested" within another document. For example, an identity can have nested documents for access, accounts, and apps.

includeNested boolean

Default value: true

Indicates whether nested objects from returned search results should be included.

sort string[]

The fields to be used to sort the search results. Use + or - to specify the sort direction.

defaultS3Bucket booleanrequired

Use it to set default s3 bucket where generated report will be saved. In case this argument is false and 's3Bucket' argument is null or absent there will be default s3Bucket assigned to the report.

s3Bucket string

If you want to be specific you could use this argument with defaultS3Bucket = false.

Responses

Details about running report task.

application/json

Schema
Example (from schema)
identityDetailsReport
searchExportReport

Schema

type string

Possible values: [QUARTZ, QPOC, MENTOS, QUEUED_TASK]

Type of the job or task underlying in the report processing. It could be a quartz task, QPOC or MENTOS jobs or a refresh/sync task.

id string

Unique task definition identifier.

reportType

Possible values: [ACCOUNTS, IDENTITIES_DETAILS, IDENTITIES, IDENTITY_PROFILE_IDENTITY_ERROR, ORPHAN_IDENTITIES, SEARCH_EXPORT, UNCORRELATED_ACCOUNTS]

Use this property to define what report should be processed in the RDE service.

description string

Description of the report purpose and/or contents.

parentName stringnullable

Name of the parent task/report if exists.

launcher string

Name of the report processing initiator.

created date-time

Report creation date

launched date-timenullable

Report start date

completed date-timenullable

Report completion date

completionStatus stringnullable

Possible values: [SUCCESS, WARNING, ERROR, TERMINATED, TEMP_ERROR]

Report completion status.

messages object[]

List of the messages dedicated to the report. From task definition perspective here usually should be warnings or errors.

Array [

type string

Possible values: [INFO, WARN, ERROR]

Type of the message.

error boolean

Default value: false

Flag whether message is an error.

warning boolean

Default value: false

Flag whether message is a warning.

key string

Message string identifier.

localizedText string

Message context with the locale based language.

]

returns object[]

Task definition results, if necessary.

Array [

displayLabel string

Attribute description.

attributeName string

System or database attribute name.

]

attributes object

Extra attributes map(dictionary) needed for the report.

property name* object

progress stringnullable

Current report state.

{
  "type": "MENTOS",
  "id": "a248c16fe22222b2bd49615481311111",
  "reportType": "IDENTITIES_DETAILS",
  "description": "A detailed view of the identities in the system.",
  "parentName": "Audit Report",
  "launcher": "cloudadmin",
  "created": "2020-09-07T42:14:00.364Z",
  "launched": "2020-09-07T42:14:00.521Z",
  "completed": "2020-09-07T42:14:01.137Z",
  "completionStatus": "Success",
  "messages": [],
  "returns": [],
  "attributes": {
    "org": "an-org"
  },
  "progress": "Initializing..."
}

Identities Details Report task result.

{
  "reportType": "IDENTITIES_DETAILS",
  "taskDefName": "Identities Details Report",
  "type": "QUARTZ",
  "id": "a248c16fe22222b2bd49615481311111",
  "created": "2023-09-07T42:14:00.364Z",
  "description": "A detailed view of the identities in the system.",
  "parentName": "Audit Report",
  "launcher": "9832285",
  "launched": "2023-09-07T42:14:00.521Z",
  "completed": "2023-09-07T42:14:01.137Z",
  "messages": [],
  "returns": [],
  "attributes": {
    "org": "an-org"
  },
  "progress": "Initializing..."
}

Identities Details Report task result.

{
  "reportType": "SEARCH_EXPORT",
  "taskDefName": "Search Export",
  "type": "QUARTZ",
  "id": "a248c16fe22222b2bd49615481311111",
  "created": "2023-09-07T42:14:11.137Z",
  "description": "Extract query data from ElasticSearch to CSV",
  "parentName": null,
  "launcher": "T05293",
  "launched": "2020-09-07T42:14:11.137Z",
  "completed": "2020-09-07T42:14:13.451Z",
  "messages": [],
  "returns": [],
  "attributes": {
    "queryHash": "5e12cf79c67d92e23d4d8cb3e974f87d164e86d4a48d32ecf89645cacfd3f2",
    "org": "an-org",
    "queryParams": {
      "columns": "displayName,firstName,lastName,email,created,attributes.cloudLifecycleState,tags,access.spread,apps.pread,accounts.spread",
      "indices": "identities",
      "ownerId": "95ecba5c5444439c999aec638ce2a777",
      "query": 700007,
      "sort": "displayName"
    }
  },
  "progress": "Initializing..."
}

Client Error - Returned if the request body is invalid.

application/json

Schema
Example (from schema)

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOriginnullable

Possible values: [DEFAULT, REQUEST, null]

An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.

text string

Actual text of the error message in the indicated locale.

]

causes object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOriginnullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema
Example (from schema)

Schema

error

A message describing the error

{
  "error": "JWT validation failed: JWT is expired"
}

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema
Example (from schema)
403

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOriginnullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

causes object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOriginnullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema
Example (from schema)

Schema

message

A message describing the error

{
  "message": " Rate Limit Exceeded "
}

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema
Example (from schema)
500

Schema

detailCode string

Fine-grained error code providing more detail of the error.

trackingId string

Unique tracking id for the error.

messages object[]

Generic localized reason for error

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOriginnullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

causes object[]

Plain-text descriptive reasons to provide additional detail to the text provided in the messages field

Array [

locale stringnullable

The locale for the message text, a BCP 47 language tag.

localeOrigin LocaleOriginnullable

Possible values: [DEFAULT, REQUEST, null]

text string

Actual text of the error message in the indicated locale.

]

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Run Report

/reports/run

Request​

Body

Responses​

Request

Responses