CertificationCampaigns
Use this API to implement certification campaign functionality. With this functionality in place, administrators can create, customize, and manage certification campaigns for their organizations' use. Certification campaigns provide Identity Security Cloud users with an interactive review process they can use to identify and verify access to systems. Campaigns help organizations reduce risk of inappropriate access and satisfy audit requirements.
A certification refers to Identity Security Cloud's mechanism for reviewing a user's access to entitlements (sets of permissions) and approving or removing that access. These certifications serve as a way of showing that a user's access has been reviewed and approved. Multiple certifications by different reviewers are often required to approve a user's access. A set of multiple certifications is called a certification campaign.
For example, an organization may use a Manager Certification campaign as a way of showing that a user's access has been reviewed and approved by multiple managers. Once this campaign has been completed, Identity Security Cloud would provision all the access the user needs, nothing more.
Identity Security Cloud provides two simple campaign types users can create without using search queries, Manager and Source Owner campaigns:
You can create these types of campaigns without using any search queries in Identity Security Cloud:
-
ManagerCampaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access is certified by their managers. You only need to provide a name and description to create one.
-
Source Owner Campaign: Identity Security Cloud provides this campaign type as a way to ensure that an identity's access to a source is certified by its source owners. You only need to provide a name and description to create one. You can specify the sources whose owners you want involved or just run it across all sources.
For more information about these campaign types, refer to Starting a Manager or Source Owner Campaign.
One useful way to create certification campaigns in Identity Security Cloud is to use a specific search and then run a campaign on the results returned by that search. This allows you to be much more specific about whom you are certifying in your campaigns and what access you are certifying in your campaigns. For example, you can search for all identities who are managed by "Amanda.Ross" and also have the access to the "Accounting" role and then run a certification campaign based on that search to ensure that the returned identities are appropriately certified.
You can use Identity Security Cloud search queries to create these types of campaigns:
-
Identities: Use this campaign type to review and revoke access items for specific identities. You can either build a search query and create a campaign certifying all identities returned by that query, or you can search for individual identities and add those identities to the certification campaign.
-
Access Items: Use this campaign type to review and revoke a set of roles, access profiles, or entitlements from the identities that have them. You can either build a search query and create a campaign certifying all access items returned by that query, or you can search for individual access items and add those items to the certification campaign.
-
Role Composition: Use this campaign type to review a role's composition, including its title, description, and membership criteria. You can either build a search query and create a campaign certifying all roles returned by that query, or you can search for individual roles and add those roles to the certification campaign.
-
Uncorrelated Accounts: Use this campaign type to certify source accounts that aren't linked to an authoritative identity in Identity Security Cloud. You can use this campaign type to view all the uncorrelated accounts for a source and certify them.
For more information about search-based campaigns, refer to Starting a Campaign from Search.
Once you have generated your campaign, it becomes available for preview. An administrator can review the campaign and make changes, or if it's ready and accurate, activate it.
Once the campaign is active, organization administrators or certification administrators can designate other Identity Security Cloud users as certification reviewers. Those reviewers can view any of the certifications they either need to review (active) or have already reviewed (completed).
When a certification campaign is in progress, certification reviewers see the listed active certifications whose involved identities they can review. Reviewers can then make decisions to grant or revoke access, as well as reassign the certification to another reviewer. If the reviewer chooses this option, they must provide a reason for reassignment in the form of a comment.
Once a reviewer has made decisions on all the certification's involved access items, he or she must "Sign Off" to complete the review process. Doing so converts the certification into read-only status, preventing any further changes to the review decisions and deleting the work item (task) from the reviewer's list of work items.
Once all the reviewers have signed off, the certification campaign either completes or, if any reviewers decided to revoke access for any of the involved identities, it moves into a remediation phase. In the remediation phase, identities' entitlements are altered to remove any entitlements marked for revocation. In this situation, the certification campaign completes once all the remediation requests are completed.
The end of a certification campaign is determined by its deadline, its completion status, or by an administrator's decision.
For more information about certifications and certification campaigns, refer to Certifications.
All URIs are relative to https://sailpoint.api.identitynow.com/v3
| Method | HTTP request | Description |
|---|---|---|
| Complete-Campaign | POST /campaigns/{id}/complete | Complete a Campaign |
| New-Campaign | POST /campaigns | Create a campaign |
| New-CampaignTemplate | POST /campaign-templates | Create a Campaign Template |
| Remove-CampaignTemplate | DELETE /campaign-templates/{id} | Delete a Campaign Template |
| Remove-CampaignTemplateSchedule | DELETE /campaign-templates/{id}/schedule | Delete Campaign Template Schedule |
| Remove-Campaigns | POST /campaigns/delete | Delete Campaigns |
| Get-ActiveCampaigns | GET /campaigns | List Campaigns |
| Get-Campaign | GET /campaigns/{id} | Get Campaign |
| Get-CampaignReports | GET /campaigns/{id}/reports | Get Campaign Reports |
| Get-CampaignReportsConfig | GET /campaigns/reports-configuration | Get Campaign Reports Configuration |
| Get-CampaignTemplate | GET /campaign-templates/{id} | Get a Campaign Template |
| Get-CampaignTemplateSchedule | GET /campaign-templates/{id}/schedule | Get Campaign Template Schedule |
| Get-CampaignTemplates | GET /campaign-templates | List Campaign Templates |
| Move- | POST /campaigns/{id}/reassign | Reassign Certifications |
| Update-CampaignTemplate | PATCH /campaign-templates/{id} | Update a Campaign Template |
| Set-CampaignReportsConfig | PUT /campaigns/reports-configuration | Set Campaign Reports Configuration |
| Set-CampaignTemplateSchedule | PUT /campaign-templates/{id}/schedule | Set Campaign Template Schedule |
| Start-Campaign | POST /campaigns/{id}/activate | Activate a Campaign |
| Start-CampaignRemediationScan | POST /campaigns/{id}/run-remediation-scan | Run Campaign Remediation Scan |
| Start-CampaignReport | POST /campaigns/{id}/run-report/{type} | Run Campaign Report |
| Start-GenerateCampaignTemplate | POST /campaign-templates/{id}/generate | Generate a Campaign from Template |
| Update-Campaign | PATCH /campaigns/{id} | Update a Campaign |
complete-campaign
caution
This endpoint will run successfully for any campaigns that are past due.
This endpoint will return a content error if the campaign is not past due.
Use this API to complete a certification campaign. This functionality is provided to admins so that they can complete a certification even if all items have not been completed.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | Campaign ID. |
| Body | CampaignCompleteOptions | CampaignCompleteOptions | (optional) | Optional. Default behavior is for the campaign to auto-approve upon completion, unless autoCompleteAction=REVOKE |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Campaign ID.
$CampaignCompleteOptions = @"{
"autoCompleteAction" : "REVOKE"
}"@
# Complete a Campaign
try {
Complete-Campaign -Id $Id
# Below is a request that includes all optional parameters
# Complete-Campaign -Id $Id -CampaignCompleteOptions $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Complete-Campaign"
Write-Host $_.ErrorDetails
}
create-campaign
Use this API to create a certification campaign with the information provided in the request body.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Body | Campaign | Campaign | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | This response indicates that the requested campaign was successfully created, and the API returns its representation. | Campaign |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$Campaign = @"{
"totalCertifications" : 100,
"sourcesWithOrphanEntitlements" : [ {
"name" : "Source with orphan entitlements",
"id" : "2c90ad2a70ace7d50170acf22ca90010",
"type" : "SOURCE"
}, {
"name" : "Source with orphan entitlements",
"id" : "2c90ad2a70ace7d50170acf22ca90010",
"type" : "SOURCE"
} ],
"recommendationsEnabled" : true,
"sunsetCommentsRequired" : true,
"created" : "2020-03-03T22:15:13.611Z",
"machineAccountCampaignInfo" : {
"reviewerType" : "ACCOUNT_OWNER",
"sourceIds" : [ "0fbe863c063c4c88a35fd7f17e8a3df5" ]
},
"description" : "Everyone needs to be reviewed by their manager",
"type" : "MANAGER",
"sourceOwnerCampaignInfo" : {
"sourceIds" : [ "0fbe863c063c4c88a35fd7f17e8a3df5" ]
},
"emailNotificationEnabled" : false,
"alerts" : [ {
"level" : "ERROR",
"localizations" : [ {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
}, {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
} ]
}, {
"level" : "ERROR",
"localizations" : [ {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
}, {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
} ]
} ],
"filter" : {
"name" : "Test Filter",
"id" : "0fbe863c063c4c88a35fd7f17e8a3df5",
"type" : "CAMPAIGN_FILTER"
},
"searchCampaignInfo" : {
"identityIds" : [ "0fbe863c063c4c88a35fd7f17e8a3df5" ],
"query" : "Search Campaign query description",
"description" : "Search Campaign description",
"reviewer" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"type" : "ACCESS",
"accessConstraints" : [ {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
} ]
},
"autoRevokeAllowed" : false,
"name" : "Manager Campaign",
"mandatoryCommentRequirement" : "NO_DECISIONS",
"modified" : "2020-03-03T22:20:12.674Z",
"roleCompositionCampaignInfo" : {
"remediatorRef" : {
"name" : "Role Admin",
"id" : "2c90ad2a70ace7d50170acf22ca90010",
"type" : "IDENTITY"
},
"roleIds" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"query" : "Search Query",
"description" : "Role Composition Description",
"reviewer" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}
},
"completedCertifications" : 10,
"id" : "2c9079b270a266a60170a2779fcb0007",
"deadline" : "2020-03-15T10:00:01.456Z",
"status" : "ACTIVE",
"correlatedStatus" : "CORRELATED"
}"@
# Create a campaign
try {
$Result = ConvertFrom-JsonToCampaign -Json $Campaign
New-Campaign -Campaign $Result
# Below is a request that includes all optional parameters
# New-Campaign -Campaign $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-Campaign"
Write-Host $_.ErrorDetails
}
create-campaign-template
Use this API to create a certification campaign template based on campaign.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Body | CampaignTemplate | CampaignTemplate | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Created successfully. | CampaignTemplate |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$CampaignTemplate = @"{
"ownerRef" : {
"name" : "Mister Manager",
"id" : "2c918086676d3e0601677611dbde220f",
"type" : "IDENTITY",
"email" : "mr.manager@example.com"
},
"deadlineDuration" : "P2W",
"created" : "2020-03-05T22:44:00.364Z",
"scheduled" : false,
"name" : "Manager Campaign Template",
"description" : "Template for the annual manager campaign.",
"modified" : "2020-03-05T22:52:09.969Z",
"campaign" : {
"totalCertifications" : 100,
"sourcesWithOrphanEntitlements" : [ {
"name" : "Source with orphan entitlements",
"id" : "2c90ad2a70ace7d50170acf22ca90010",
"type" : "SOURCE"
}, {
"name" : "Source with orphan entitlements",
"id" : "2c90ad2a70ace7d50170acf22ca90010",
"type" : "SOURCE"
} ],
"recommendationsEnabled" : true,
"sunsetCommentsRequired" : true,
"created" : "2020-03-03T22:15:13.611Z",
"machineAccountCampaignInfo" : {
"reviewerType" : "ACCOUNT_OWNER",
"sourceIds" : [ "0fbe863c063c4c88a35fd7f17e8a3df5" ]
},
"description" : "Everyone needs to be reviewed by their manager",
"type" : "MANAGER",
"sourceOwnerCampaignInfo" : {
"sourceIds" : [ "0fbe863c063c4c88a35fd7f17e8a3df5" ]
},
"emailNotificationEnabled" : false,
"alerts" : [ {
"level" : "ERROR",
"localizations" : [ {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
}, {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
} ]
}, {
"level" : "ERROR",
"localizations" : [ {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
}, {
"localeOrigin" : "DEFAULT",
"text" : "The request was syntactically correct but its content is semantically invalid.",
"locale" : "en-US"
} ]
} ],
"filter" : {
"name" : "Test Filter",
"id" : "0fbe863c063c4c88a35fd7f17e8a3df5",
"type" : "CAMPAIGN_FILTER"
},
"searchCampaignInfo" : {
"identityIds" : [ "0fbe863c063c4c88a35fd7f17e8a3df5" ],
"query" : "Search Campaign query description",
"description" : "Search Campaign description",
"reviewer" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
},
"type" : "ACCESS",
"accessConstraints" : [ {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
}, {
"ids" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"type" : "ENTITLEMENT",
"operator" : "SELECTED"
} ]
},
"autoRevokeAllowed" : false,
"name" : "Manager Campaign",
"mandatoryCommentRequirement" : "NO_DECISIONS",
"modified" : "2020-03-03T22:20:12.674Z",
"roleCompositionCampaignInfo" : {
"remediatorRef" : {
"name" : "Role Admin",
"id" : "2c90ad2a70ace7d50170acf22ca90010",
"type" : "IDENTITY"
},
"roleIds" : [ "2c90ad2a70ace7d50170acf22ca90010" ],
"query" : "Search Query",
"description" : "Role Composition Description",
"reviewer" : {
"name" : "William Wilson",
"id" : "2c91808568c529c60168cca6f90c1313",
"type" : "IDENTITY"
}
},
"completedCertifications" : 10,
"id" : "2c9079b270a266a60170a2779fcb0007",
"deadline" : "2020-03-15T10:00:01.456Z",
"status" : "ACTIVE",
"correlatedStatus" : "CORRELATED"
},
"id" : "2c9079b270a266a60170a277bb960008"
}"@
# Create a Campaign Template
try {
$Result = ConvertFrom-JsonToCampaignTemplate -Json $CampaignTemplate
New-CampaignTemplate -CampaignTemplate $Result
# Below is a request that includes all optional parameters
# New-CampaignTemplate -CampaignTemplate $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-CampaignTemplate"
Write-Host $_.ErrorDetails
}
delete-campaign-template
Use this API to delete a certification campaign template by ID.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template being deleted. |
Return type
(empty response body)
Responses
| Code | Description | Data Type |
|---|---|---|
| 204 | No content - indicates the request was successful but there is no content to be returned in the response. | |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c9180835d191a86015d28455b4a2329" # String | ID of the campaign template being deleted.
# Delete a Campaign Template
try {
Remove-CampaignTemplate -Id $Id
# Below is a request that includes all optional parameters
# Remove-CampaignTemplate -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-CampaignTemplate"
Write-Host $_.ErrorDetails
}
delete-campaign-template-schedule
Use this API to delete the schedule for a certification campaign template. The API returns a 404 if there is no schedule set.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template whose schedule is being deleted. |
Return type
(empty response body)
Responses
| Code | Description | Data Type |
|---|---|---|
| 204 | No content - indicates the request was successful but there is no content to be returned in the response. | |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "04bedce387bd47b2ae1f86eb0bb36dee" # String | ID of the campaign template whose schedule is being deleted.
# Delete Campaign Template Schedule
try {
Remove-CampaignTemplateSchedule -Id $Id
# Below is a request that includes all optional parameters
# Remove-CampaignTemplateSchedule -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-CampaignTemplateSchedule"
Write-Host $_.ErrorDetails
}
delete-campaigns
Use this API to delete certification campaigns whose IDs are specified in the provided list of campaign IDs.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Body | CampaignsDeleteRequest | CampaignsDeleteRequest | True | IDs of the campaigns to delete. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$CampaignsDeleteRequest = @"{
"ids" : [ "2c9180887335cee10173490db1776c26", "2c9180836a712436016a7125a90c0021" ]
}"@
# Delete Campaigns
try {
$Result = ConvertFrom-JsonToCampaignsDeleteRequest -Json $CampaignsDeleteRequest
Remove-Campaigns -CampaignsDeleteRequest $Result
# Below is a request that includes all optional parameters
# Remove-Campaigns -CampaignsDeleteRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-Campaigns"
Write-Host $_.ErrorDetails
}
get-active-campaigns
Use this API to get a list of campaigns. This API can provide increased level of detail for each campaign for the correct provided query.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Query | Detail | String | (optional) | Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior. |
| Query | Limit | Int32 | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | Offset | Int32 | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | Count | Boolean | (optional) (default to $false) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
| Query | Filters | String | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: id: eq, in name: eq, sw status: eq, in |
| Query | Sorters | String | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name, created |
Return type
GetActiveCampaigns200ResponseInner[]
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | A list of campaign objects. By default list of SLIM campaigns is returned. | GetActiveCampaigns200ResponseInner[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Detail = "SLIM" # String | Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior. (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'name eq "Manager Campaign"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, sw* **status**: *eq, in* (optional)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created** (optional)
# List Campaigns
try {
Get-ActiveCampaigns
# Below is a request that includes all optional parameters
# Get-ActiveCampaigns -Detail $Detail -Limit $Limit -Offset $Offset -Count $Count -Filters $Filters -Sorters $Sorters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ActiveCampaigns"
Write-Host $_.ErrorDetails
}
get-campaign
Use this API to get information for an existing certification campaign by the campaign's ID.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign to be retrieved. |
| Query | Detail | String | (optional) | Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior. |
Return type
GetActiveCampaigns200ResponseInner
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Requested campaign object. | GetActiveCampaigns200ResponseInner |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the campaign to be retrieved.
$Detail = "SLIM" # String | Determines whether slim, or increased level of detail is provided for each campaign in the returned list. Slim is the default behavior. (optional)
# Get Campaign
try {
Get-Campaign -Id $Id
# Below is a request that includes all optional parameters
# Get-Campaign -Id $Id -Detail $Detail
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-Campaign"
Write-Host $_.ErrorDetails
}
get-campaign-reports
Use this API to fetch all reports for a certification campaign by campaign ID.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign whose reports are being fetched. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Array of campaign report objects. | CampaignReport[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the campaign whose reports are being fetched.
# Get Campaign Reports
try {
Get-CampaignReports -Id $Id
# Below is a request that includes all optional parameters
# Get-CampaignReports -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignReports"
Write-Host $_.ErrorDetails
}
get-campaign-reports-config
Use this API to fetch the configuration for certification campaign reports. The configuration includes only one element - identity attributes defined as custom report columns.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Campaign report configuration. | CampaignReportsConfig |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
# Get Campaign Reports Configuration
try {
Get-CampaignReportsConfig
# Below is a request that includes all optional parameters
# Get-CampaignReportsConfig
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignReportsConfig"
Write-Host $_.ErrorDetails
}
get-campaign-template
Use this API to fetch a certification campaign template by ID.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | Requested campaign template's ID. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Data for the campaign matching the given ID. | CampaignTemplate |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c9180835d191a86015d28455b4a2329" # String | Requested campaign template's ID.
# Get a Campaign Template
try {
Get-CampaignTemplate -Id $Id
# Below is a request that includes all optional parameters
# Get-CampaignTemplate -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignTemplate"
Write-Host $_.ErrorDetails
}
get-campaign-template-schedule
Use this API to get the schedule for a certification campaign template. The API returns a 404 if there is no schedule set.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template whose schedule is being fetched. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Current schedule for the campaign template. See the Set Campaign Template Schedule endpoint documentation for more examples. | Schedule |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "04bedce387bd47b2ae1f86eb0bb36dee" # String | ID of the campaign template whose schedule is being fetched.
# Get Campaign Template Schedule
try {
Get-CampaignTemplateSchedule -Id $Id
# Below is a request that includes all optional parameters
# Get-CampaignTemplateSchedule -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignTemplateSchedule"
Write-Host $_.ErrorDetails
}
get-campaign-templates
Use this API to get a list of all campaign templates. Scope can be reduced through standard V3 query params.
The API returns all campaign templates matching the query parameters.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Query | Limit | Int32 | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | Offset | Int32 | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | Count | Boolean | (optional) (default to $false) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
| Query | Sorters | String | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name, created, modified |
| Query | Filters | String | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: eq, ge, gt, in, le, lt, ne, sw id: eq, ge, gt, in, le, lt, ne, sw |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | List of campaign template objects. | CampaignTemplate[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Sorters = "name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name, created, modified** (optional)
$Filters = 'name eq "manager template"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *eq, ge, gt, in, le, lt, ne, sw* **id**: *eq, ge, gt, in, le, lt, ne, sw* (optional)
# List Campaign Templates
try {
Get-CampaignTemplates
# Below is a request that includes all optional parameters
# Get-CampaignTemplates -Limit $Limit -Offset $Offset -Count $Count -Sorters $Sorters -Filters $Filters
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-CampaignTemplates"
Write-Host $_.ErrorDetails
}
move
This API reassigns the specified certifications from one identity to another.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | The certification campaign ID |
| Body | AdminReviewReassign | AdminReviewReassign | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 202 | The reassign task that has been submitted. | CertificationTask |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | The certification campaign ID
$AdminReviewReassign = @"{
"certificationIds" : [ "af3859464779471211bb8424a563abc1", "af3859464779471211bb8424a563abc2", "af3859464779471211bb8424a563abc3" ],
"reason" : "reassigned for some reason",
"reassignTo" : {
"id" : "ef38f94347e94562b5bb8424a56397d8",
"type" : "IDENTITY"
}
}"@
# Reassign Certifications
try {
$Result = ConvertFrom-JsonToAdminReviewReassign -Json $AdminReviewReassign
Move- -Id $Id -AdminReviewReassign $Result
# Below is a request that includes all optional parameters
# Move- -Id $Id -AdminReviewReassign $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Move-"
Write-Host $_.ErrorDetails
}
patch-campaign-template
Use this API to update individual fields on a certification campaign template, using the JSON Patch standard.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template being modified. |
| Body | JsonPatchOperation | []JsonPatchOperation | True | A list of campaign update operations according to the JSON Patch standard. The following fields are patchable: * name * description * deadlineDuration * campaign (all fields that are allowed during create) |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | This response indicates that the PATCH operation succeeded, and the API returns the template's new representation. | CampaignTemplate |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json-patch+json
- Accept: application/json
Example
$Id = "2c9180835d191a86015d28455b4a2329" # String | ID of the campaign template being modified.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of campaign update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * deadlineDuration * campaign (all fields that are allowed during create)
# Update a Campaign Template
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-CampaignTemplate -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-CampaignTemplate -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-CampaignTemplate"
Write-Host $_.ErrorDetails
}
set-campaign-reports-config
Use this API to overwrite the configuration for campaign reports.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Body | CampaignReportsConfig | CampaignReportsConfig | True | Campaign report configuration. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | The persisted campaign report configuration. | CampaignReportsConfig |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$CampaignReportsConfig = @"{
"identityAttributeColumns" : [ "firstname", "lastname" ]
}"@
# Set Campaign Reports Configuration
try {
$Result = ConvertFrom-JsonToCampaignReportsConfig -Json $CampaignReportsConfig
Set-CampaignReportsConfig -CampaignReportsConfig $Result
# Below is a request that includes all optional parameters
# Set-CampaignReportsConfig -CampaignReportsConfig $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-CampaignReportsConfig"
Write-Host $_.ErrorDetails
}
set-campaign-template-schedule
Use this API to set the schedule for a certification campaign template. If a schedule already exists, the API overwrites it with the new one.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template being scheduled. |
| Body | Schedule | Schedule | (optional) |
Return type
(empty response body)
Responses
| Code | Description | Data Type |
|---|---|---|
| 204 | No content - indicates the request was successful but there is no content to be returned in the response. | |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$Id = "04bedce387bd47b2ae1f86eb0bb36dee" # String | ID of the campaign template being scheduled.
$Schedule = @"{
"hours" : {
"values" : [ "1" ],
"interval" : 2,
"type" : "LIST"
},
"months" : {
"values" : [ "1" ],
"interval" : 2,
"type" : "LIST"
},
"timeZoneId" : "CST",
"days" : {
"values" : [ "1" ],
"interval" : 2,
"type" : "LIST"
},
"expiration" : "2000-01-23T04:56:07.000+00:00",
"type" : "WEEKLY"
}"@
# Set Campaign Template Schedule
try {
Set-CampaignTemplateSchedule -Id $Id
# Below is a request that includes all optional parameters
# Set-CampaignTemplateSchedule -Id $Id -Schedule $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-CampaignTemplateSchedule"
Write-Host $_.ErrorDetails
}
start-campaign
Use this API to submit a job to activate the certified campaign with the specified ID. The campaign must be staged.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | Campaign ID. |
| Body | ActivateCampaignOptions | ActivateCampaignOptions | (optional) | Optional. If no timezone is specified, the standard UTC timezone is used (i.e. UTC+00:00). Although this can take any timezone, the intended value is the caller's timezone. The activation time calculated from the given timezone may cause the campaign deadline time to be modified, but it will remain within the original date. The timezone must be in a valid ISO 8601 format. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Campaign ID.
$ActivateCampaignOptions = @"{
"timeZone" : "-05:00"
}"@
# Activate a Campaign
try {
Start-Campaign -Id $Id
# Below is a request that includes all optional parameters
# Start-Campaign -Id $Id -ActivateCampaignOptions $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-Campaign"
Write-Host $_.ErrorDetails
}
start-campaign-remediation-scan
Use this API to run a remediation scan task for a certification campaign.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign the remediation scan is being run for. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the campaign the remediation scan is being run for.
# Run Campaign Remediation Scan
try {
Start-CampaignRemediationScan -Id $Id
# Below is a request that includes all optional parameters
# Start-CampaignRemediationScan -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-CampaignRemediationScan"
Write-Host $_.ErrorDetails
}
start-campaign-report
Use this API to run a report for a certification campaign.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign the report is being run for. |
| Path | Type | ReportType | True | Type of the report to run. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 202 | Accepted - Returned if the request was successfully accepted into the system. | SystemCollectionsHashtable |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the campaign the report is being run for.
$Type = "CAMPAIGN_COMPOSITION_REPORT" # ReportType | Type of the report to run.
# Run Campaign Report
try {
Start-CampaignReport -Id $Id -Type $Type
# Below is a request that includes all optional parameters
# Start-CampaignReport -Id $Id -Type $Type
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-CampaignReport"
Write-Host $_.ErrorDetails
}
start-generate-campaign-template
Use this API to generate a new certification campaign from a campaign template.
The campaign object contained in the template has special formatting applied to its name and description fields that determine the generated campaign's name/description. Placeholders in those fields are formatted with the current date and time upon generation.
Placeholders consist of a percent sign followed by a letter indicating what should be inserted. For example, "%Y" inserts the current year, and a campaign template named "Campaign for %y" generates a campaign called "Campaign for 2020" (assuming the year at generation time is 2020).
Valid placeholders are the date/time conversion suffix characters supported by java.util.Formatter.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template to use for generation. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | This response indicates that a campaign was successfully generated from this template, and the API returns a reference to the new campaign. | CampaignReference |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "2c9180835d191a86015d28455b4a2329" # String | ID of the campaign template to use for generation.
# Generate a Campaign from Template
try {
Start-GenerateCampaignTemplate -Id $Id
# Below is a request that includes all optional parameters
# Start-GenerateCampaignTemplate -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-GenerateCampaignTemplate"
Write-Host $_.ErrorDetails
}
update-campaign
Use this API to update individual fields on a certification campaign, using the JSON Patch standard.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | ID of the campaign template being modified. |
| Body | JsonPatchOperation | []JsonPatchOperation | True | A list of campaign update operations according to the JSON Patch standard. The fields that can be patched differ based on the status of the campaign. When the campaign is in the STAGED status, you can patch these fields: * name * description * recommendationsEnabled * deadline * emailNotificationEnabled * autoRevokeAllowed When the campaign is in the ACTIVE status, you can patch these fields: * deadline |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | This response indicates that the PATCH operation succeeded, and the API returns the campaign's new representation. | SlimCampaign |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
HTTP request headers
- Content-Type: application/json-patch+json
- Accept: application/json
Example
$Id = "2c91808571bcfcf80171c23e4b4221fc" # String | ID of the campaign template being modified.
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@ # JsonPatchOperation[] | A list of campaign update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The fields that can be patched differ based on the status of the campaign. When the campaign is in the *STAGED* status, you can patch these fields: * name * description * recommendationsEnabled * deadline * emailNotificationEnabled * autoRevokeAllowed When the campaign is in the *ACTIVE* status, you can patch these fields: * deadline
# Update a Campaign
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-Campaign -Id $Id -JsonPatchOperation $Result
# Below is a request that includes all optional parameters
# Update-Campaign -Id $Id -JsonPatchOperation $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-Campaign"
Write-Host $_.ErrorDetails
}