Skip to main content

sailpoint.beta.IAIRoleMiningApi

All URIs are relative to https://sailpoint.api.identitynow.com/beta

MethodHTTP requestDescription
create-potential-role-provision-requestPOST /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/provisionCreate request to provision a potential role into an actual role.
create-role-mining-sessionsPOST /role-mining-sessionsCreate a role mining session
download-role-mining-potential-role-zipGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}/downloadExport (download) details for a potential role in a role mining session
export-role-mining-potential-roleGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/exportExport (download) details for a potential role in a role mining session
export-role-mining-potential-role-asyncPOST /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-asyncAsynchronously export details for a potential role in a role mining session and upload to S3
export-role-mining-potential-role-statusGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/export-async/{exportId}Retrieve status of a potential role export job
get-all-potential-role-summariesGET /role-mining-potential-rolesRetrieves all potential role summaries
get-entitlement-distribution-potential-roleGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularity-distributionRetrieves entitlement popularity distribution for a potential role in a role mining session
get-entitlements-potential-roleGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/entitlement-popularitiesRetrieves entitlements for a potential role in a role mining session
get-excluded-entitlements-potential-roleGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/excluded-entitlementsRetrieves excluded entitlements for a potential role in a role mining session
get-identities-potential-roleGET /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/identitiesRetrieves identities for a potential role in a role mining session
get-potential-roleGET /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}Retrieve potential role in session
get-potential-role-applicationsGET /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/applicationsRetrieves the applications of a potential role for a role mining session
get-potential-role-entitlementsGET /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}/entitlementsRetrieves the entitlements of a potential role for a role mining session
get-potential-role-source-identity-usageGET /role-mining-potential-roles/{potentialRoleId}/sources/{sourceId}/identityUsageRetrieves potential role source usage
get-potential-role-summariesGET /role-mining-sessions/{sessionId}/potential-role-summariesRetrieve session's potential role summaries
get-role-mining-potential-roleGET /role-mining-potential-roles/{potentialRoleId}Retrieves a specific potential role
get-role-mining-sessionGET /role-mining-sessions/{sessionId}Get a role mining session
get-role-mining-session-statusGET /role-mining-sessions/{sessionId}/statusGet role mining session status state
get-role-mining-sessionsGET /role-mining-sessionsRetrieves all role mining sessions
get-saved-potential-rolesGET /role-mining-potential-roles/savedRetrieves all saved potential roles
patch-potential-rolePATCH /role-mining-sessions/{sessionId}/potential-role-summaries/{potentialRoleId}Update a potential role in session
patch-role-mining-potential-rolePATCH /role-mining-potential-roles/{potentialRoleId}Update a potential role
patch-role-mining-sessionPATCH /role-mining-sessions/{sessionId}Patch a role mining session
update-entitlements-potential-rolePOST /role-mining-sessions/{sessionId}/potential-roles/{potentialRoleId}/edit-entitlementsEdit entitlements for a potential role to exclude some entitlements

create-potential-role-provision-request

Create request to provision a potential role into an actual role. This method starts a job to provision a potential role

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Querymin_entitlement_popularityint(optional) (default to 0)Minimum popularity required for an entitlement to be included in the provisioned role.
Queryinclude_common_accessbool(optional) (default to True)Boolean determining whether common access entitlements will be included in the provisioned role.
Bodyrole_mining_potential_role_provision_requestRoleMiningPotentialRoleProvisionRequest(optional)Required information to create a new role

Return type

RoleMiningPotentialRoleSummary

Responses

CodeDescriptionData TypeResponse headers
202Accepted. Returns a potential role summary including the status of the provison requestRoleMiningPotentialRoleSummary-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_provision_request import RoleMiningPotentialRoleProvisionRequest
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
min_entitlement_popularity = 0 # int | Minimum popularity required for an entitlement to be included in the provisioned role. (optional) (default to 0) # int | Minimum popularity required for an entitlement to be included in the provisioned role. (optional) (default to 0)
include_common_access = True # bool | Boolean determining whether common access entitlements will be included in the provisioned role. (optional) (default to True) # bool | Boolean determining whether common access entitlements will be included in the provisioned role. (optional) (default to True)
role_mining_potential_role_provision_request = '''{
"includeIdentities" : true,
"roleName" : "Finance - Accounting",
"ownerId" : "2b568c65bc3c4c57a43bd97e3a8e41",
"roleDescription" : "General access for accounting department",
"directlyAssignedEntitlements" : false
}''' # RoleMiningPotentialRoleProvisionRequest | Required information to create a new role (optional)

try:
# Create request to provision a potential role into an actual role.

results = IAIRoleMiningApi(api_client).create_potential_role_provision_request(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).create_potential_role_provision_request(session_id, potential_role_id, min_entitlement_popularity, include_common_access, new_role_mining_potential_role_provision_request)
print("The response of IAIRoleMiningApi->create_potential_role_provision_request:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->create_potential_role_provision_request: %s\n" % e)

[Back to top]

create-role-mining-sessions

Create a role mining session This submits a create role mining session request to the role mining application.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Bodyrole_mining_session_dtoRoleMiningSessionDtoTrueRole mining session parameters

Return type

RoleMiningSessionResponse

Responses

CodeDescriptionData TypeResponse headers
201Submitted a role mining session requestRoleMiningSessionResponse-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_dto import RoleMiningSessionDto
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
role_mining_session_dto = '''{
"emailRecipientId" : "2c918090761a5aac0176215c46a62d58",
"prescribedPruneThreshold" : 10,
"pruneThreshold" : 50,
"saved" : true,
"potentialRolesReadyCount" : 0,
"scope" : {
"identityIds" : [ "2c918090761a5aac0176215c46a62d58", "2c918090761a5aac01722015c46a62d42" ],
"attributeFilterCriteria" : {
"displayName" : {
"untranslated" : "Location: Miami"
},
"ariaLabel" : {
"untranslated" : "Location: Miami"
},
"data" : {
"displayName" : {
"translateKey" : "IDN.IDENTITY_ATTRIBUTES.LOCATION"
},
"name" : "location",
"operator" : "EQUALS",
"values" : [ "Miami" ]
}
},
"criteria" : "source.name:DataScienceDataset"
},
"potentialRoleCount" : 0,
"name" : "Saved RM Session - 07/10",
"minNumIdentitiesInPotentialRole" : 20,
"identityCount" : 0,
"type" : "SPECIALIZED"
}''' # RoleMiningSessionDto | Role mining session parameters

try:
# Create a role mining session
new_role_mining_session_dto = RoleMiningSessionDto.from_json(role_mining_session_dto)
results = IAIRoleMiningApi(api_client).create_role_mining_sessions(role_mining_session_dto=new_role_mining_session_dto)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).create_role_mining_sessions(new_role_mining_session_dto)
print("The response of IAIRoleMiningApi->create_role_mining_sessions:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->create_role_mining_sessions: %s\n" % e)

[Back to top]

download-role-mining-potential-role-zip

Export (download) details for a potential role in a role mining session This endpoint downloads a completed export of information for a potential role in a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Pathexport_idstrTrueThe id of a previously run export job for this potential role

Return type

bytearray

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.bytearray-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/zip, application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '278359a6-04b7-4669-9468-924cf580964a' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
export_id = '4940ffd4-836f-48a3-b2b0-6d498c3fdf40' # str | The id of a previously run export job for this potential role # str | The id of a previously run export job for this potential role

try:
# Export (download) details for a potential role in a role mining session

results = IAIRoleMiningApi(api_client).download_role_mining_potential_role_zip(session_id=session_id, potential_role_id=potential_role_id, export_id=export_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).download_role_mining_potential_role_zip(session_id, potential_role_id, export_id)
print("The response of IAIRoleMiningApi->download_role_mining_potential_role_zip:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->download_role_mining_potential_role_zip: %s\n" % e)

[Back to top]

export-role-mining-potential-role

Export (download) details for a potential role in a role mining session This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session

Return type

bytearray

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role.bytearray-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/zip, application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session

try:
# Export (download) details for a potential role in a role mining session

results = IAIRoleMiningApi(api_client).export_role_mining_potential_role(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).export_role_mining_potential_role(session_id, potential_role_id)
print("The response of IAIRoleMiningApi->export_role_mining_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role: %s\n" % e)

[Back to top]

export-role-mining-potential-role-async

Asynchronously export details for a potential role in a role mining session and upload to S3 This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Bodyrole_mining_potential_role_export_requestRoleMiningPotentialRoleExportRequest(optional)

Return type

RoleMiningPotentialRoleExportResponse

Responses

CodeDescriptionData TypeResponse headers
202Job Submitted. Returns a reportId that can be used to download the zip once completeRoleMiningPotentialRoleExportResponse-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_export_request import RoleMiningPotentialRoleExportRequest
from sailpoint.beta.models.role_mining_potential_role_export_response import RoleMiningPotentialRoleExportResponse
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '278359a6-04b7-4669-9468-924cf580964a' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
role_mining_potential_role_export_request = '''{
"minEntitlementPopularity" : 0,
"includeCommonAccess" : true
}''' # RoleMiningPotentialRoleExportRequest | (optional)

try:
# Asynchronously export details for a potential role in a role mining session and upload to S3

results = IAIRoleMiningApi(api_client).export_role_mining_potential_role_async(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).export_role_mining_potential_role_async(session_id, potential_role_id, new_role_mining_potential_role_export_request)
print("The response of IAIRoleMiningApi->export_role_mining_potential_role_async:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role_async: %s\n" % e)

[Back to top]

export-role-mining-potential-role-status

Retrieve status of a potential role export job This endpoint retrieves information about the current status of a potential role export.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Pathexport_idstrTrueThe id of a previously run export job for this potential role

Return type

RoleMiningPotentialRoleExportResponse

Responses

CodeDescriptionData TypeResponse headers
200Success. Returns the current status of this exportRoleMiningPotentialRoleExportResponse-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_export_response import RoleMiningPotentialRoleExportResponse
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '278359a6-04b7-4669-9468-924cf580964a' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
export_id = '4940ffd4-836f-48a3-b2b0-6d498c3fdf40' # str | The id of a previously run export job for this potential role # str | The id of a previously run export job for this potential role

try:
# Retrieve status of a potential role export job

results = IAIRoleMiningApi(api_client).export_role_mining_potential_role_status(session_id=session_id, potential_role_id=potential_role_id, export_id=export_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).export_role_mining_potential_role_status(session_id, potential_role_id, export_id)
print("The response of IAIRoleMiningApi->export_role_mining_potential_role_status:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role_status: %s\n" % e)

[Back to top]

get-all-potential-role-summaries

Retrieves all potential role summaries Returns all potential role summaries that match the query parameters

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate, identityCount, entitlementCount, freshness, quality
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, co createdByName: eq, sw, co description: sw, co endDate: le, lt freshness: eq, ge, gt, le, lt name: eq, sw, co, ge, gt, le, lt quality: eq, ge, gt, le, lt startDate: ge, gt saved: eq type: eq, ge, gt, le, lt scopingMethod: eq sessionState: eq identityAttribute: co
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleSummary]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns all potential role summaries that match the query parameters.List[RoleMiningPotentialRoleSummary]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
sorters = 'createdDate' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdDate, identityCount, entitlementCount, freshness, quality** (optional)
filters = '(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **createdById**: *eq, sw, co* **createdByName**: *eq, sw, co* **description**: *sw, co* **endDate**: *le, lt* **freshness**: *eq, ge, gt, le, lt* **name**: *eq, sw, co, ge, gt, le, lt* **quality**: *eq, ge, gt, le, lt* **startDate**: *ge, gt* **saved**: *eq* **type**: *eq, ge, gt, le, lt* **scopingMethod**: *eq* **sessionState**: *eq* **identityAttribute**: *co* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **createdById**: *eq, sw, co* **createdByName**: *eq, sw, co* **description**: *sw, co* **endDate**: *le, lt* **freshness**: *eq, ge, gt, le, lt* **name**: *eq, sw, co, ge, gt, le, lt* **quality**: *eq, ge, gt, le, lt* **startDate**: *ge, gt* **saved**: *eq* **type**: *eq, ge, gt, le, lt* **scopingMethod**: *eq* **sessionState**: *eq* **identityAttribute**: *co* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves all potential role summaries

results = IAIRoleMiningApi(api_client).get_all_potential_role_summaries()
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_all_potential_role_summaries(sorters, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_all_potential_role_summaries:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_all_potential_role_summaries: %s\n" % e)

[Back to top]

get-entitlement-distribution-potential-role

Retrieves entitlement popularity distribution for a potential role in a role mining session This method returns entitlement popularity distribution for a potential role in a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Queryinclude_common_accessbool(optional)Boolean determining whether common access entitlements will be included or not

Return type

Dict[str, int]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a map containing entitlement popularity distribution for a potential role.Dict[str, int]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
include_common_access = True # bool | Boolean determining whether common access entitlements will be included or not (optional) # bool | Boolean determining whether common access entitlements will be included or not (optional)

try:
# Retrieves entitlement popularity distribution for a potential role in a role mining session

results = IAIRoleMiningApi(api_client).get_entitlement_distribution_potential_role(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_entitlement_distribution_potential_role(session_id, potential_role_id, include_common_access)
print("The response of IAIRoleMiningApi->get_entitlement_distribution_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_entitlement_distribution_potential_role: %s\n" % e)

[Back to top]

get-entitlements-potential-role

Retrieves entitlements for a potential role in a role mining session This method returns entitlements for a potential role in a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Queryinclude_common_accessbool(optional) (default to True)Boolean determining whether common access entitlements will be included or not
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity, entitlementName, applicationName The default sort is popularity in descending order.
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw entitlementRef.name: sw
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningEntitlement]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of entitlements for a potential role.List[RoleMiningEntitlement]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_entitlement import RoleMiningEntitlement
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
include_common_access = True # bool | Boolean determining whether common access entitlements will be included or not (optional) (default to True) # bool | Boolean determining whether common access entitlements will be included or not (optional) (default to True)
sorters = 'popularity' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **popularity, entitlementName, applicationName** The default sort is **popularity** in descending order. (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **popularity, entitlementName, applicationName** The default sort is **popularity** in descending order. (optional)
filters = 'applicationName sw \"AD\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* **entitlementRef.name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* **entitlementRef.name**: *sw* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves entitlements for a potential role in a role mining session

results = IAIRoleMiningApi(api_client).get_entitlements_potential_role(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_entitlements_potential_role(session_id, potential_role_id, include_common_access, sorters, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_entitlements_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_entitlements_potential_role: %s\n" % e)

[Back to top]

get-excluded-entitlements-potential-role

Retrieves excluded entitlements for a potential role in a role mining session This method returns excluded entitlements for a potential role in a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw entitlementRef.name: sw
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningEntitlement]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of excluded entitlements for a potential roles.List[RoleMiningEntitlement]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_entitlement import RoleMiningEntitlement
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
sorters = 'populariity' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **popularity** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **popularity** (optional)
filters = 'applicationName sw \"AD\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* **entitlementRef.name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* **entitlementRef.name**: *sw* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves excluded entitlements for a potential role in a role mining session

results = IAIRoleMiningApi(api_client).get_excluded_entitlements_potential_role(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_excluded_entitlements_potential_role(session_id, potential_role_id, sorters, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_excluded_entitlements_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_excluded_entitlements_potential_role: %s\n" % e)

[Back to top]

get-identities-potential-role

Retrieves identities for a potential role in a role mining session This method returns identities for a potential role in a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningIdentity]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of identities for a potential role.List[RoleMiningIdentity]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_identity import RoleMiningIdentity
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
sorters = 'name' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **name** (optional)
filters = 'filters_example' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **name**: *sw* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves identities for a potential role in a role mining session

results = IAIRoleMiningApi(api_client).get_identities_potential_role(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_identities_potential_role(session_id, potential_role_id, sorters, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_identities_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_identities_potential_role: %s\n" % e)

[Back to top]

get-potential-role

Retrieve potential role in session This method returns a specific potential role for a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session

Return type

RoleMiningPotentialRole

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of potential roles for a role mining session.RoleMiningPotentialRole-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session

try:
# Retrieve potential role in session

results = IAIRoleMiningApi(api_client).get_potential_role(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_potential_role(session_id, potential_role_id)
print("The response of IAIRoleMiningApi->get_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role: %s\n" % e)

[Back to top]

get-potential-role-applications

Retrieves the applications of a potential role for a role mining session This method returns the applications of a potential role for a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleApplication]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of potential roles for a role mining session.List[RoleMiningPotentialRoleApplication]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_application import RoleMiningPotentialRoleApplication
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '62f28d91-7d9f-4d17-be15-666d5b41d77f' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
filters = 'applicationName sw \"test\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **applicationName**: *sw* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves the applications of a potential role for a role mining session

results = IAIRoleMiningApi(api_client).get_potential_role_applications(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_potential_role_applications(session_id, potential_role_id, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_potential_role_applications:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_applications: %s\n" % e)

[Back to top]

get-potential-role-entitlements

Retrieves the entitlements of a potential role for a role mining session This method returns the entitlements of a potential role for a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: entitlementRef.name: sw
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleEntitlements]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns the entitlements of a potential role for a role mining session.List[RoleMiningPotentialRoleEntitlements]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_entitlements import RoleMiningPotentialRoleEntitlements
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '62f28d91-7d9f-4d17-be15-666d5b41d77f' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
filters = 'entitlementRef.name sw \"test\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **entitlementRef.name**: *sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **entitlementRef.name**: *sw* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves the entitlements of a potential role for a role mining session

results = IAIRoleMiningApi(api_client).get_potential_role_entitlements(session_id=session_id, potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_potential_role_entitlements(session_id, potential_role_id, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_potential_role_entitlements:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_entitlements: %s\n" % e)

[Back to top]

get-potential-role-source-identity-usage

Retrieves potential role source usage This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathpotential_role_idstrTrueA potential role id
Pathsource_idstrTrueA source id
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: displayName, email, usageCount
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleSourceUsage]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of source usage for the identities in a potential role.List[RoleMiningPotentialRoleSourceUsage]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_source_usage import RoleMiningPotentialRoleSourceUsage
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
potential_role_id = 'e0cc5d7d-bf7f-4f81-b2af-8885b09d9923' # str | A potential role id # str | A potential role id
source_id = '2c9180877620c1460176267f336a106f' # str | A source id # str | A source id
sorters = '-usageCount' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **displayName, email, usageCount** (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves potential role source usage

results = IAIRoleMiningApi(api_client).get_potential_role_source_identity_usage(potential_role_id=potential_role_id, source_id=source_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_potential_role_source_identity_usage(potential_role_id, source_id, sorters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_potential_role_source_identity_usage:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_source_identity_usage: %s\n" % e)

[Back to top]

get-potential-role-summaries

Retrieve session's potential role summaries This method returns the potential role summaries for a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, co createdByName: eq, sw, co description: sw, co endDate: le, lt freshness: eq, ge, gt, le, lt name: eq, sw, co quality: eq, ge, gt, le, lt startDate: ge, gt saved: eq type: eq
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningPotentialRoleSummary]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of potential role summaries for a role mining session.List[RoleMiningPotentialRoleSummary]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
sorters = 'createdDate' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdDate** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdDate** (optional)
filters = '(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **createdById**: *eq, sw, co* **createdByName**: *eq, sw, co* **description**: *sw, co* **endDate**: *le, lt* **freshness**: *eq, ge, gt, le, lt* **name**: *eq, sw, co* **quality**: *eq, ge, gt, le, lt* **startDate**: *ge, gt* **saved**: *eq* **type**: *eq* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **createdById**: *eq, sw, co* **createdByName**: *eq, sw, co* **description**: *sw, co* **endDate**: *le, lt* **freshness**: *eq, ge, gt, le, lt* **name**: *eq, sw, co* **quality**: *eq, ge, gt, le, lt* **startDate**: *ge, gt* **saved**: *eq* **type**: *eq* (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieve session's potential role summaries

results = IAIRoleMiningApi(api_client).get_potential_role_summaries(session_id=session_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_potential_role_summaries(session_id, sorters, filters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_potential_role_summaries:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_summaries: %s\n" % e)

[Back to top]

get-role-mining-potential-role

Retrieves a specific potential role This method returns a specific potential role.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathpotential_role_idstrTrueA potential role id

Return type

RoleMiningPotentialRole

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of potential roles for a role mining session.RoleMiningPotentialRole-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id # str | A potential role id

try:
# Retrieves a specific potential role

results = IAIRoleMiningApi(api_client).get_role_mining_potential_role(potential_role_id=potential_role_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_role_mining_potential_role(potential_role_id)
print("The response of IAIRoleMiningApi->get_role_mining_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_potential_role: %s\n" % e)

[Back to top]

get-role-mining-session

Get a role mining session The method retrieves a role mining session.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id to be retrieved.

Return type

RoleMiningSessionResponse

Responses

CodeDescriptionData TypeResponse headers
200Returns a role mining sessionRoleMiningSessionResponse-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Client Error - Returned if the request body is invalid.ErrorResponseDto-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id to be retrieved. # str | The role mining session id to be retrieved.

try:
# Get a role mining session

results = IAIRoleMiningApi(api_client).get_role_mining_session(session_id=session_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_role_mining_session(session_id)
print("The response of IAIRoleMiningApi->get_role_mining_session:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_session: %s\n" % e)

[Back to top]

get-role-mining-session-status

Get role mining session status state This method returns a role mining session status for a customer.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id

Return type

RoleMiningSessionStatus

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns session statusRoleMiningSessionStatus-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_status import RoleMiningSessionStatus
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id

try:
# Get role mining session status state

results = IAIRoleMiningApi(api_client).get_role_mining_session_status(session_id=session_id)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_role_mining_session_status(session_id)
print("The response of IAIRoleMiningApi->get_role_mining_session_status:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_session_status: %s\n" % e)

[Back to top]

get-role-mining-sessions

Retrieves all role mining sessions Returns all role mining sessions that match the query parameters

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Queryfiltersstr(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: saved: eq name: eq, sw
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdBy, createdDate
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningSessionResponse]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns all role mining sessions that match the query parameters.List[RoleMiningSessionResponse]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
filters = 'saved eq \"true\" and name sw \"RM Session\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **saved**: *eq* **name**: *eq, sw* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **saved**: *eq* **name**: *eq, sw* (optional)
sorters = 'createdBy,createdDate' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdBy, createdDate** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **createdBy, createdDate** (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves all role mining sessions

results = IAIRoleMiningApi(api_client).get_role_mining_sessions()
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_role_mining_sessions(filters, sorters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_role_mining_sessions:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_sessions: %s\n" % e)

[Back to top]

get-saved-potential-roles

Retrieves all saved potential roles This method returns all saved potential roles (draft roles).

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Querysortersstr(optional)Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: modified
Queryoffsetint(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
Querylimitint(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
Querycountbool(optional) (default to False)If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information.

Return type

List[RoleMiningSessionDraftRoleDto]

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns a list of draft roles for a role mining session.List[RoleMiningSessionDraftRoleDto]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_draft_role_dto import RoleMiningSessionDraftRoleDto
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
sorters = 'modified' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/) Sorting is supported for the following fields: **modified** (optional)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)

try:
# Retrieves all saved potential roles

results = IAIRoleMiningApi(api_client).get_saved_potential_roles()
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).get_saved_potential_roles(sorters, offset, limit, count)
print("The response of IAIRoleMiningApi->get_saved_potential_roles:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_saved_potential_roles: %s\n" % e)

[Back to top]

patch-potential-role

Update a potential role in session This method updates an existing potential role using the role mining session id and the potential role summary id.

The following fields can be modified:

  • description

  • name

  • saved

NOTE: All other fields cannot be modified.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueThe potential role summary id
Bodypatch_potential_role_request_inner[]PatchPotentialRoleRequestInnerTrue

Return type

object

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns the potential role summary based on the potentialRoleId provided.object-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json-patch+json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.patch_potential_role_request_inner import PatchPotentialRoleRequestInner
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The potential role summary id # str | The potential role summary id
patch_potential_role_request_inner = '''[{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}]''' # List[PatchPotentialRoleRequestInner] |

try:
# Update a potential role in session
new_patch_potential_role_request_inner = PatchPotentialRoleRequestInner.from_json(patch_potential_role_request_inner)
results = IAIRoleMiningApi(api_client).patch_potential_role(session_id=session_id, potential_role_id=potential_role_id, patch_potential_role_request_inner=new_patch_potential_role_request_inner)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).patch_potential_role(session_id, potential_role_id, new_patch_potential_role_request_inner)
print("The response of IAIRoleMiningApi->patch_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->patch_potential_role: %s\n" % e)

[Back to top]

patch-role-mining-potential-role

Update a potential role This method updates an existing potential role.

The following fields can be modified:

  • description

  • name

  • saved

NOTE: All other fields cannot be modified.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathpotential_role_idstrTrueThe potential role summary id
Bodypatch_potential_role_request_inner[]PatchPotentialRoleRequestInnerTrue

Return type

object

Responses

CodeDescriptionData TypeResponse headers
200Succeeded. Returns the potential role summary based on the potentialRoleId provided.object-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json-patch+json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.patch_potential_role_request_inner import PatchPotentialRoleRequestInner
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The potential role summary id # str | The potential role summary id
patch_potential_role_request_inner = '''[{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}]''' # List[PatchPotentialRoleRequestInner] |

try:
# Update a potential role
new_patch_potential_role_request_inner = PatchPotentialRoleRequestInner.from_json(patch_potential_role_request_inner)
results = IAIRoleMiningApi(api_client).patch_role_mining_potential_role(potential_role_id=potential_role_id, patch_potential_role_request_inner=new_patch_potential_role_request_inner)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).patch_role_mining_potential_role(potential_role_id, new_patch_potential_role_request_inner)
print("The response of IAIRoleMiningApi->patch_role_mining_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->patch_role_mining_potential_role: %s\n" % e)

[Back to top]

patch-role-mining-session

Patch a role mining session The method updates an existing role mining session using PATCH. Supports op in replace and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id to be patched
Bodyjson_patch_operation[]JsonPatchOperationTrueReplace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.

Return type

object

Responses

CodeDescriptionData TypeResponse headers
202Accepted - Returned if the request was successfully accepted into the system.object-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json-patch+json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.json_patch_operation import JsonPatchOperation
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id to be patched # str | The role mining session id to be patched
json_patch_operation = '''[{op=replace, path=/pruneThreshold, value=83}, {op=replace, path=/minNumIdentitiesInPotentialRole, value=10}, {op=replace, path=/saved, value=false}, {op=replace, path=/name, value=RM Session - 07/10/22}, {op=add, path=/name, value=RM Session - 07/10/22}]''' # List[JsonPatchOperation] | Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session.

try:
# Patch a role mining session
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = IAIRoleMiningApi(api_client).patch_role_mining_session(session_id=session_id, json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).patch_role_mining_session(session_id, new_json_patch_operation)
print("The response of IAIRoleMiningApi->patch_role_mining_session:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->patch_role_mining_session: %s\n" % e)

[Back to top]

update-entitlements-potential-role

Edit entitlements for a potential role to exclude some entitlements This endpoint adds or removes entitlements from an exclusion list for a potential role.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Pathsession_idstrTrueThe role mining session id
Pathpotential_role_idstrTrueA potential role id in a role mining session
Bodyrole_mining_potential_role_edit_entitlementsRoleMiningPotentialRoleEditEntitlementsTrueRole mining session parameters

Return type

RoleMiningPotentialRole

Responses

CodeDescriptionData TypeResponse headers
201Adds or removes entitlements from a potential role's entitlement exclusion list.RoleMiningPotentialRole-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.beta.models.role_mining_potential_role_edit_entitlements import RoleMiningPotentialRoleEditEntitlements
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | The role mining session id # str | The role mining session id
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb' # str | A potential role id in a role mining session # str | A potential role id in a role mining session
role_mining_potential_role_edit_entitlements = '''{
"ids" : [ "entId1", "entId2" ],
"exclude" : true
}''' # RoleMiningPotentialRoleEditEntitlements | Role mining session parameters

try:
# Edit entitlements for a potential role to exclude some entitlements
new_role_mining_potential_role_edit_entitlements = RoleMiningPotentialRoleEditEntitlements.from_json(role_mining_potential_role_edit_entitlements)
results = IAIRoleMiningApi(api_client).update_entitlements_potential_role(session_id=session_id, potential_role_id=potential_role_id, role_mining_potential_role_edit_entitlements=new_role_mining_potential_role_edit_entitlements)
# Below is a request that includes all optional parameters
# results = IAIRoleMiningApi(api_client).update_entitlements_potential_role(session_id, potential_role_id, new_role_mining_potential_role_edit_entitlements)
print("The response of IAIRoleMiningApi->update_entitlements_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->update_entitlements_potential_role: %s\n" % e)

[Back to top]