WorkReassignment
Use this API to implement work reassignment functionality.
Work Reassignment allows access request reviews, certifications, and manual provisioning tasks assigned to a user to be reassigned to a different user. This is primarily used for:
- Temporarily redirecting work for users who are out of office, such as on vacation or sick leave
- Permanently redirecting work for users who should not be assigned these tasks at all, such as senior executives or service identities
Users can define reassignments for themselves, managers can add them for their team members, and administrators can configure them on any user’s behalf. Work assigned during the specified reassignment timeframes will be automatically reassigned to the designated user as it is created.
Refer to Work Reassignment for more information about this topic.
All URIs are relative to https://sailpoint.api.identitynow.com/v2024
| Method | HTTP request | Description |
|---|---|---|
| New-V2024ReassignmentConfiguration | POST /reassignment-configurations | Create a Reassignment Configuration |
| Remove-V2024ReassignmentConfiguration | DELETE /reassignment-configurations/{identityId}/{configType} | Delete Reassignment Configuration |
| Get-V2024EvaluateReassignmentConfiguration | GET /reassignment-configurations/{identityId}/evaluate/{configType} | Evaluate Reassignment Configuration |
| Get-V2024ReassignmentConfigTypes | GET /reassignment-configurations/types | List Reassignment Config Types |
| Get-V2024ReassignmentConfiguration | GET /reassignment-configurations/{identityId} | Get Reassignment Configuration |
| Get-V2024TenantConfigConfiguration | GET /reassignment-configurations/tenant-config | Get Tenant-wide Reassignment Configuration settings |
| Get-V2024ReassignmentConfigurations | GET /reassignment-configurations | List Reassignment Configurations |
| Send-V2024ReassignmentConfig | PUT /reassignment-configurations/{identityId} | Update Reassignment Configuration |
| Send-V2024TenantConfiguration | PUT /reassignment-configurations/tenant-config | Update Tenant-wide Reassignment Configuration settings |
create-reassignment-configuration
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Creates a new Reassignment Configuration for the specified identity.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Body | ConfigurationItemRequest | ConfigurationItemRequest | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 201 | The newly created Reassignment Configuration object | ConfigurationItemResponse |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$ConfigurationItemRequest = @"{
"endDate" : "2022-07-30T17:00:00Z",
"reassignedFromId" : "2c91808781a71ddb0181b9090b5c504e",
"configType" : "ACCESS_REQUESTS",
"reassignedToId" : "2c91808781a71ddb0181b9090b53504a",
"startDate" : "2022-07-21T11:13:12.345Z"
}"@
# Create a Reassignment Configuration
try {
$Result = ConvertFrom-JsonToConfigurationItemRequest -Json $ConfigurationItemRequest
New-V2024ReassignmentConfiguration -XSailPointExperimental $XSailPointExperimental -V2024ConfigurationItemRequest $Result
# Below is a request that includes all optional parameters
# New-V2024ReassignmentConfiguration -XSailPointExperimental $XSailPointExperimental -V2024ConfigurationItemRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-V2024ReassignmentConfiguration"
Write-Host $_.ErrorDetails
}
delete-reassignment-configuration
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Deletes a single reassignment configuration for the specified identity
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | IdentityId | String | True | unique identity id |
| Path | ConfigType | ConfigTypeEnum | True | |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
(empty response body)
Responses
| Code | Description | Data Type |
|---|---|---|
| 204 | Reassignment Configuration deleted | |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$IdentityId = "2c91808781a71ddb0181b9090b5c504e" # String | unique identity id
$ConfigType = "ACCESS_REQUESTS" # ConfigTypeEnum |
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete Reassignment Configuration
try {
Remove-V2024ReassignmentConfiguration -IdentityId $IdentityId -ConfigType $ConfigType -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-V2024ReassignmentConfiguration -IdentityId $IdentityId -ConfigType $ConfigType -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-V2024ReassignmentConfiguration"
Write-Host $_.ErrorDetails
}
get-evaluate-reassignment-configuration
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Evaluates the Reassignment Configuration for an Identity to determine if work items for the specified type should be reassigned. If a valid Reassignment Configuration is found for the identity & work type, then a lookup is initiated which recursively fetches the Reassignment Configuration for the next TargetIdentity until no more results are found or a max depth of 5. That lookup trail is provided in the response and the final reassigned identity in the lookup list is returned as the reassignToId property. If no Reassignment Configuration is found for the specified identity & config type then the requested Identity ID will be used as the reassignToId value and the lookupTrail node will be empty.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | IdentityId | String | True | unique identity id |
| Path | ConfigType | ConfigTypeEnum | True | Reassignment work type |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Query | ExclusionFilters | []String | (optional) | Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - SELF_REVIEW_DELEGATION: This will exclude delegations of self-review reassignments |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Evaluated Reassignment Configuration | EvaluateResponse[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$IdentityId = "2c91808781a71ddb0181b9090b5c504e" # String | unique identity id
$ConfigType = "ACCESS_REQUESTS" # ConfigTypeEnum | Reassignment work type
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$ExclusionFilters = "MyExclusionFilters" # String[] | Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments (optional)
$ExclusionFilters = @"SELF_REVIEW_DELEGATION"@ # String[] | Exclusion filters that disable parts of the reassignment evaluation. Possible values are listed below: - `SELF_REVIEW_DELEGATION`: This will exclude delegations of self-review reassignments (optional)
# Evaluate Reassignment Configuration
try {
Get-V2024EvaluateReassignmentConfiguration -IdentityId $IdentityId -ConfigType $ConfigType -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2024EvaluateReassignmentConfiguration -IdentityId $IdentityId -ConfigType $ConfigType -XSailPointExperimental $XSailPointExperimental -ExclusionFilters $ExclusionFilters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024EvaluateReassignmentConfiguration"
Write-Host $_.ErrorDetails
}
get-reassignment-config-types
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Gets a collection of types which are available in the Reassignment Configuration UI.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | List of Reassignment Configuration Types | ConfigType[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# List Reassignment Config Types
try {
Get-V2024ReassignmentConfigTypes -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2024ReassignmentConfigTypes -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024ReassignmentConfigTypes"
Write-Host $_.ErrorDetails
}
get-reassignment-configuration
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Gets the Reassignment Configuration for an identity.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | IdentityId | String | True | unique identity id |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Reassignment Configuration for an identity | ConfigurationResponse |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$IdentityId = "2c91808781a71ddb0181b9090b5c504f" # String | unique identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Reassignment Configuration
try {
Get-V2024ReassignmentConfiguration -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2024ReassignmentConfiguration -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024ReassignmentConfiguration"
Write-Host $_.ErrorDetails
}
get-tenant-config-configuration
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Gets the global Reassignment Configuration settings for the requestor's tenant.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Tenant-wide Reassignment Configuration settings | TenantConfigurationResponse |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get Tenant-wide Reassignment Configuration settings
try {
Get-V2024TenantConfigConfiguration -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2024TenantConfigConfiguration -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024TenantConfigConfiguration"
Write-Host $_.ErrorDetails
}
list-reassignment-configurations
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Gets all Reassignment configuration for the current org.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | A list of Reassignment Configurations for an org | ConfigurationResponse[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# List Reassignment Configurations
try {
Get-V2024ReassignmentConfigurations -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-V2024ReassignmentConfigurations -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024ReassignmentConfigurations"
Write-Host $_.ErrorDetails
}
put-reassignment-config
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Replaces existing Reassignment configuration for an identity with the newly provided configuration.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | IdentityId | String | True | unique identity id |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Body | ConfigurationItemRequest | ConfigurationItemRequest | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Reassignment Configuration updated | ConfigurationItemResponse |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$IdentityId = "2c91808781a71ddb0181b9090b5c504e" # String | unique identity id
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$ConfigurationItemRequest = @"{
"endDate" : "2022-07-30T17:00:00Z",
"reassignedFromId" : "2c91808781a71ddb0181b9090b5c504e",
"configType" : "ACCESS_REQUESTS",
"reassignedToId" : "2c91808781a71ddb0181b9090b53504a",
"startDate" : "2022-07-21T11:13:12.345Z"
}"@
# Update Reassignment Configuration
try {
$Result = ConvertFrom-JsonToConfigurationItemRequest -Json $ConfigurationItemRequest
Send-V2024ReassignmentConfig -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental -V2024ConfigurationItemRequest $Result
# Below is a request that includes all optional parameters
# Send-V2024ReassignmentConfig -IdentityId $IdentityId -XSailPointExperimental $XSailPointExperimental -V2024ConfigurationItemRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2024ReassignmentConfig"
Write-Host $_.ErrorDetails
}
put-tenant-configuration
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Replaces existing Tenant-wide Reassignment Configuration settings with the newly provided settings.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Body | TenantConfigurationRequest | TenantConfigurationRequest | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Tenant-wide Reassignment Configuration settings | TenantConfigurationResponse |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$TenantConfigurationRequest = @"{
"configDetails" : {
"disabled" : true
}
}"@
# Update Tenant-wide Reassignment Configuration settings
try {
$Result = ConvertFrom-JsonToTenantConfigurationRequest -Json $TenantConfigurationRequest
Send-V2024TenantConfiguration -XSailPointExperimental $XSailPointExperimental -V2024TenantConfigurationRequest $Result
# Below is a request that includes all optional parameters
# Send-V2024TenantConfiguration -XSailPointExperimental $XSailPointExperimental -V2024TenantConfigurationRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-V2024TenantConfiguration"
Write-Host $_.ErrorDetails
}