Use this API to build an integration between Identity Security Cloud and a service desk ITSM (IT service management) solution.
Once an administrator builds this integration between Identity Security Cloud and a service desk, users can use Identity Security Cloud to raise and track tickets that are synchronized between Identity Security Cloud and the service desk.
In Identity Security Cloud, administrators can create a service desk integration (sometimes also called an SDIM, or Service Desk Integration Module) by going to Admin > Connections > Service Desk and selecting 'Create.'
To create a Generic Service Desk integration, for example, administrators must provide the required information on the General Settings page, the Connectivity and Authentication information, Ticket Creation information, Status Mapping information, and Requester Source information on the Configure page.
Refer to Integrating SailPoint with Generic Service Desk for more information about the process of setting up a Generic Service Desk in Identity Security Cloud.
Administrators can create various service desk integrations, all with their own nuances.
The following service desk integrations are available:
All URIs are relative to https://sailpoint.api.identitynow.com/v3
create-service-desk-integration
Create a new Service Desk integration.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Body | ServiceDeskIntegrationDto | ServiceDeskIntegrationDto | True | The specifics of a new integration to create |
Return type
ServiceDeskIntegrationDto
Responses
| Code | Description | Data Type |
|---|
| 200 | Details of the created integration | ServiceDeskIntegrationDto |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: application/json
- Accept: application/json
Example
$ServiceDeskIntegrationDto = @"{
"ownerRef" : "",
"cluster" : "xyzzy999",
"created" : "2024-01-17T18:45:25.994Z",
"description" : "A very nice Service Desk integration",
"clusterRef" : "",
"type" : "ServiceNowSDIM",
"managedSources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"provisioningConfig" : {
"managedResourceRefs" : [ {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb051111",
"name" : "My Source 1"
}, {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb052222",
"name" : "My Source 2"
} ],
"provisioningRequestExpiration" : 7,
"noProvisioningRequests" : true,
"universalManager" : true,
"planInitializerScript" : {
"source" : "<?xml version='1.0' encoding='UTF-8'?>\\r\\n<!DOCTYPE Rule PUBLIC \\\"sailpoint.dtd\\\" \\\"sailpoint.dtd\\\">\\r\\n<Rule name=\\\"Example Rule\\\" type=\\\"BeforeProvisioning\\\">\\r\\n <Description>Before Provisioning Rule which changes disables and enables to a modify.</Description>\\r\\n <Source><![CDATA[\\r\\nimport sailpoint.object.*;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest.Operation;\\r\\nimport sailpoint.object.ProvisioningPlan.AttributeRequest;\\r\\nimport sailpoint.object.ProvisioningPlan;\\r\\nimport sailpoint.object.ProvisioningPlan.Operation;\\r\\n\\r\\nfor ( AccountRequest accountRequest : plan.getAccountRequests() ) {\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Disable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Enable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n}\\r\\n\\r\\n ]]></Source>\n"
}
},
"name" : "Service Desk Integration Name",
"modified" : "2024-02-18T18:45:25.994Z",
"attributes" : {
"property" : "value",
"key" : "value"
},
"id" : "62945a496ef440189b1f03e3623411c8",
"beforeProvisioningRule" : ""
}"@
try {
$Result = ConvertFrom-JsonToServiceDeskIntegrationDto -Json $ServiceDeskIntegrationDto
New-ServiceDeskIntegration -ServiceDeskIntegrationDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
[Back to top]
delete-service-desk-integration
Delete an existing Service Desk integration by ID.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | Id | String | True | ID of Service Desk integration to delete |
Return type
(empty response body)
Responses
| Code | Description | Data Type |
|---|
| 204 | Service Desk integration with the given ID successfully deleted | |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "anId"
try {
Remove-ServiceDeskIntegration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
[Back to top]
get-service-desk-integration
Get an existing Service Desk integration by ID.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | Id | String | True | ID of the Service Desk integration to get |
Return type
ServiceDeskIntegrationDto
Responses
| Code | Description | Data Type |
|---|
| 200 | ServiceDeskIntegrationDto with the given ID | ServiceDeskIntegrationDto |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "anId"
try {
Get-ServiceDeskIntegration -Id $Id
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
[Back to top]
get-service-desk-integration-template
This API endpoint returns an existing Service Desk integration template by scriptName.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | ScriptName | String | True | The scriptName value of the Service Desk integration template to get |
Return type
ServiceDeskIntegrationTemplateDto
Responses
| Code | Description | Data Type |
|---|
| 200 | Responds with the ServiceDeskIntegrationTemplateDto with the specified scriptName. | ServiceDeskIntegrationTemplateDto |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: Not defined
- Accept: application/json
Example
$ScriptName = "aScriptName"
try {
Get-ServiceDeskIntegrationTemplate -ScriptName $ScriptName
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegrationTemplate"
Write-Host $_.ErrorDetails
}
[Back to top]
get-service-desk-integration-types
This API endpoint returns the current list of supported Service Desk integration types.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
Return type
ServiceDeskIntegrationTemplateType[]
Responses
| Code | Description | Data Type |
|---|
| 200 | Responds with an array of the currently supported Service Desk integration types. | ServiceDeskIntegrationTemplateType[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: Not defined
- Accept: application/json
Example
try {
Get-ServiceDeskIntegrationTypes
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegrationTypes"
Write-Host $_.ErrorDetails
}
[Back to top]
get-service-desk-integrations
Get a list of Service Desk integration objects.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Query | Offset | Int32 | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | Limit | Int32 | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | Sorters | String | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name |
| Query | Filters | String | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: id: eq, in name: eq type: eq, in cluster: eq, in |
| Query | Count | Boolean | (optional) (default to $false) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
ServiceDeskIntegrationDto[]
Responses
| Code | Description | Data Type |
|---|
| 200 | List of ServiceDeskIntegrationDto | ServiceDeskIntegrationDto[] |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: Not defined
- Accept: application/json
Example
$Offset = 0
$Limit = 250
$Sorters = "name"
$Filters = 'name eq "John Doe"'
$Count = $true
try {
Get-ServiceDeskIntegrations
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-ServiceDeskIntegrations"
Write-Host $_.ErrorDetails
}
[Back to top]
get-status-check-details
Get the time check configuration of queued SDIM tickets.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
Return type
QueuedCheckConfigDetails
Responses
| Code | Description | Data Type |
|---|
| 200 | QueuedCheckConfigDetails containing the configured values | QueuedCheckConfigDetails |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: Not defined
- Accept: application/json
Example
try {
Get-StatusCheckDetails
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-StatusCheckDetails"
Write-Host $_.ErrorDetails
}
[Back to top]
patch-service-desk-integration
Update an existing Service Desk integration by ID with a PATCH request.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | Id | String | True | ID of the Service Desk integration to update |
| Body | PatchServiceDeskIntegrationRequest | PatchServiceDeskIntegrationRequest | True | A list of SDIM update operations according to the JSON Patch standard. Only replace operations are accepted by this endpoint. A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed. |
Return type
ServiceDeskIntegrationDto
Responses
| Code | Description | Data Type |
|---|
| 200 | ServiceDeskIntegrationDto as updated | ServiceDeskIntegrationDto |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: application/json-patch+json
- Accept: application/json
Example
$Id = "anId"
$PatchServiceDeskIntegrationRequest = @""@
try {
$Result = ConvertFrom-JsonToPatchServiceDeskIntegrationRequest -Json $PatchServiceDeskIntegrationRequest
Update-ServiceDeskIntegration -Id $Id -PatchServiceDeskIntegrationRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
[Back to top]
put-service-desk-integration
Update an existing Service Desk integration by ID.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | Id | String | True | ID of the Service Desk integration to update |
| Body | ServiceDeskIntegrationDto | ServiceDeskIntegrationDto | True | The specifics of the integration to update |
Return type
ServiceDeskIntegrationDto
Responses
| Code | Description | Data Type |
|---|
| 200 | ServiceDeskIntegrationDto as updated | ServiceDeskIntegrationDto |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: application/json
- Accept: application/json
Example
$Id = "anId"
$ServiceDeskIntegrationDto = @"{
"ownerRef" : "",
"cluster" : "xyzzy999",
"created" : "2024-01-17T18:45:25.994Z",
"description" : "A very nice Service Desk integration",
"clusterRef" : "",
"type" : "ServiceNowSDIM",
"managedSources" : [ "2c9180835d191a86015d28455b4a2329", "2c5680835d191a85765d28455b4a9823" ],
"provisioningConfig" : {
"managedResourceRefs" : [ {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb051111",
"name" : "My Source 1"
}, {
"type" : "SOURCE",
"id" : "2c9180855d191c59015d291ceb052222",
"name" : "My Source 2"
} ],
"provisioningRequestExpiration" : 7,
"noProvisioningRequests" : true,
"universalManager" : true,
"planInitializerScript" : {
"source" : "<?xml version='1.0' encoding='UTF-8'?>\\r\\n<!DOCTYPE Rule PUBLIC \\\"sailpoint.dtd\\\" \\\"sailpoint.dtd\\\">\\r\\n<Rule name=\\\"Example Rule\\\" type=\\\"BeforeProvisioning\\\">\\r\\n <Description>Before Provisioning Rule which changes disables and enables to a modify.</Description>\\r\\n <Source><![CDATA[\\r\\nimport sailpoint.object.*;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest;\\r\\nimport sailpoint.object.ProvisioningPlan.AccountRequest.Operation;\\r\\nimport sailpoint.object.ProvisioningPlan.AttributeRequest;\\r\\nimport sailpoint.object.ProvisioningPlan;\\r\\nimport sailpoint.object.ProvisioningPlan.Operation;\\r\\n\\r\\nfor ( AccountRequest accountRequest : plan.getAccountRequests() ) {\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Disable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n if ( accountRequest.getOp().equals( ProvisioningPlan.ObjectOperation.Enable ) ) {\\r\\n accountRequest.setOp( ProvisioningPlan.ObjectOperation.Modify );\\r\\n }\\r\\n}\\r\\n\\r\\n ]]></Source>\n"
}
},
"name" : "Service Desk Integration Name",
"modified" : "2024-02-18T18:45:25.994Z",
"attributes" : {
"property" : "value",
"key" : "value"
},
"id" : "62945a496ef440189b1f03e3623411c8",
"beforeProvisioningRule" : ""
}"@
try {
$Result = ConvertFrom-JsonToServiceDeskIntegrationDto -Json $ServiceDeskIntegrationDto
Send-ServiceDeskIntegration -Id $Id -ServiceDeskIntegrationDto $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Send-ServiceDeskIntegration"
Write-Host $_.ErrorDetails
}
[Back to top]
update-status-check-details
Update the time check configuration of queued SDIM tickets.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Body | QueuedCheckConfigDetails | QueuedCheckConfigDetails | True | The modified time check configuration |
Return type
QueuedCheckConfigDetails
Responses
| Code | Description | Data Type |
|---|
| 200 | QueuedCheckConfigDetails as updated | QueuedCheckConfigDetails |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto |
- Content-Type: application/json
- Accept: application/json
Example
$QueuedCheckConfigDetails = @"{
"provisioningStatusCheckIntervalMinutes" : "30",
"provisioningMaxStatusCheckDays" : "2"
}"@
try {
$Result = ConvertFrom-JsonToQueuedCheckConfigDetails -Json $QueuedCheckConfigDetails
Update-StatusCheckDetails -QueuedCheckConfigDetails $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-StatusCheckDetails"
Write-Host $_.ErrorDetails
}
[Back to top]