sailpoint.beta.IAIRoleMiningApi
All URIs are relative to https://sailpoint.api.identitynow.com/beta
create-potential-role-provision-request
Create request to provision a potential role into an actual role.
This method starts a job to provision a potential role
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | min_entitlement_popularity | int | (optional) (default to 0) | Minimum popularity required for an entitlement to be included in the provisioned role. |
| Query | include_common_access | bool | (optional) (default to True) | Boolean determining whether common access entitlements will be included in the provisioned role. |
| Body | role_mining_potential_role_provision_request | RoleMiningPotentialRoleProvisionRequest | (optional) | Required information to create a new role |
Return type
RoleMiningPotentialRoleSummary
Responses
| Code | Description | Data Type | Response headers |
|---|
| 202 | Accepted. Returns a potential role summary including the status of the provison request | RoleMiningPotentialRoleSummary | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_provision_request import RoleMiningPotentialRoleProvisionRequest
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
min_entitlement_popularity = 0
include_common_access = True
role_mining_potential_role_provision_request = '''{
"includeIdentities" : true,
"roleName" : "Finance - Accounting",
"ownerId" : "2b568c65bc3c4c57a43bd97e3a8e41",
"roleDescription" : "General access for accounting department",
"directlyAssignedEntitlements" : false
}'''
try:
results = IAIRoleMiningApi(api_client).create_potential_role_provision_request(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->create_potential_role_provision_request:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->create_potential_role_provision_request: %s\n" % e)
[Back to top]
create-role-mining-sessions
Create a role mining session
This submits a create role mining session request to the role mining application.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Body | role_mining_session_dto | RoleMiningSessionDto | True | Role mining session parameters |
Return type
RoleMiningSessionResponse
Responses
| Code | Description | Data Type | Response headers |
|---|
| 201 | Submitted a role mining session request | RoleMiningSessionResponse | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_dto import RoleMiningSessionDto
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
role_mining_session_dto = '''{
"emailRecipientId" : "2c918090761a5aac0176215c46a62d58",
"prescribedPruneThreshold" : 10,
"pruneThreshold" : 50,
"saved" : true,
"potentialRolesReadyCount" : 0,
"scope" : {
"identityIds" : [ "2c918090761a5aac0176215c46a62d58", "2c918090761a5aac01722015c46a62d42" ],
"attributeFilterCriteria" : {
"displayName" : {
"untranslated" : "Location: Miami"
},
"ariaLabel" : {
"untranslated" : "Location: Miami"
},
"data" : {
"displayName" : {
"translateKey" : "IDN.IDENTITY_ATTRIBUTES.LOCATION"
},
"name" : "location",
"operator" : "EQUALS",
"values" : [ "Miami" ]
}
},
"criteria" : "source.name:DataScienceDataset"
},
"potentialRoleCount" : 0,
"name" : "Saved RM Session - 07/10",
"minNumIdentitiesInPotentialRole" : 20,
"identityCount" : 0,
"type" : "SPECIALIZED"
}'''
try:
new_role_mining_session_dto = RoleMiningSessionDto.from_json(role_mining_session_dto)
results = IAIRoleMiningApi(api_client).create_role_mining_sessions(role_mining_session_dto=new_role_mining_session_dto)
print("The response of IAIRoleMiningApi->create_role_mining_sessions:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->create_role_mining_sessions: %s\n" % e)
[Back to top]
download-role-mining-potential-role-zip
Export (download) details for a potential role in a role mining session
This endpoint downloads a completed export of information for a potential role in a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Path | export_id | str | True | The id of a previously run export job for this potential role |
Return type
bytearray
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role. | bytearray | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/zip, application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '278359a6-04b7-4669-9468-924cf580964a'
export_id = '4940ffd4-836f-48a3-b2b0-6d498c3fdf40'
try:
results = IAIRoleMiningApi(api_client).download_role_mining_potential_role_zip(session_id=session_id, potential_role_id=potential_role_id, export_id=export_id)
print("The response of IAIRoleMiningApi->download_role_mining_potential_role_zip:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->download_role_mining_potential_role_zip: %s\n" % e)
[Back to top]
export-role-mining-potential-role
Export (download) details for a potential role in a role mining session
This endpoint downloads all the information for a potential role in a role mining session. Includes identities and entitlements in the potential role.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
Return type
bytearray
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a zip file containing csv files for identities and entitlements for the potential role. | bytearray | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/zip, application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
try:
results = IAIRoleMiningApi(api_client).export_role_mining_potential_role(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->export_role_mining_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role: %s\n" % e)
[Back to top]
export-role-mining-potential-role-async
Asynchronously export details for a potential role in a role mining session and upload to S3
This endpoint uploads all the information for a potential role in a role mining session to S3 as a downloadable zip archive. Includes identities and entitlements in the potential role.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Body | role_mining_potential_role_export_request | RoleMiningPotentialRoleExportRequest | (optional) | |
Return type
RoleMiningPotentialRoleExportResponse
Responses
| Code | Description | Data Type | Response headers |
|---|
| 202 | Job Submitted. Returns a reportId that can be used to download the zip once complete | RoleMiningPotentialRoleExportResponse | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_export_request import RoleMiningPotentialRoleExportRequest
from sailpoint.beta.models.role_mining_potential_role_export_response import RoleMiningPotentialRoleExportResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '278359a6-04b7-4669-9468-924cf580964a'
role_mining_potential_role_export_request = '''{
"minEntitlementPopularity" : 0,
"includeCommonAccess" : true
}'''
try:
results = IAIRoleMiningApi(api_client).export_role_mining_potential_role_async(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->export_role_mining_potential_role_async:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role_async: %s\n" % e)
[Back to top]
export-role-mining-potential-role-status
Retrieve status of a potential role export job
This endpoint retrieves information about the current status of a potential role export.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Path | export_id | str | True | The id of a previously run export job for this potential role |
Return type
RoleMiningPotentialRoleExportResponse
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Success. Returns the current status of this export | RoleMiningPotentialRoleExportResponse | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_export_response import RoleMiningPotentialRoleExportResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '278359a6-04b7-4669-9468-924cf580964a'
export_id = '4940ffd4-836f-48a3-b2b0-6d498c3fdf40'
try:
results = IAIRoleMiningApi(api_client).export_role_mining_potential_role_status(session_id=session_id, potential_role_id=potential_role_id, export_id=export_id)
print("The response of IAIRoleMiningApi->export_role_mining_potential_role_status:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->export_role_mining_potential_role_status: %s\n" % e)
[Back to top]
get-all-potential-role-summaries
Retrieves all potential role summaries
Returns all potential role summaries that match the query parameters
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate, identityCount, entitlementCount, freshness, quality |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, co createdByName: eq, sw, co description: sw, co endDate: le, lt freshness: eq, ge, gt, le, lt name: eq, sw, co, ge, gt, le, lt quality: eq, ge, gt, le, lt startDate: ge, gt saved: eq type: eq, ge, gt, le, lt scopingMethod: eq sessionState: eq identityAttribute: co |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningPotentialRoleSummary]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns all potential role summaries that match the query parameters. | List[RoleMiningPotentialRoleSummary] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
sorters = 'createdDate'
filters = '(createdByName co \"int\") and (createdById sw \"2c9180907\") and (type eq \"COMMON\") and ((name co \"entt\") or (saved eq true))'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_all_potential_role_summaries()
print("The response of IAIRoleMiningApi->get_all_potential_role_summaries:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_all_potential_role_summaries: %s\n" % e)
[Back to top]
get-entitlement-distribution-potential-role
Retrieves entitlement popularity distribution for a potential role in a role mining session
This method returns entitlement popularity distribution for a potential role in a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | include_common_access | bool | (optional) | Boolean determining whether common access entitlements will be included or not |
Return type
Dict[str, int]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a map containing entitlement popularity distribution for a potential role. | Dict[str, int] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
include_common_access = True
try:
results = IAIRoleMiningApi(api_client).get_entitlement_distribution_potential_role(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_entitlement_distribution_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_entitlement_distribution_potential_role: %s\n" % e)
[Back to top]
get-entitlements-potential-role
Retrieves entitlements for a potential role in a role mining session
This method returns entitlements for a potential role in a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | include_common_access | bool | (optional) (default to True) | Boolean determining whether common access entitlements will be included or not |
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity, entitlementName, applicationName The default sort is popularity in descending order. |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw entitlementRef.name: sw |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningEntitlement]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of entitlements for a potential role. | List[RoleMiningEntitlement] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_entitlement import RoleMiningEntitlement
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
include_common_access = True
sorters = 'popularity'
filters = 'applicationName sw \"AD\"'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_entitlements_potential_role(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_entitlements_potential_role:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_entitlements_potential_role: %s\n" % e)
[Back to top]
get-excluded-entitlements-potential-role
Retrieves excluded entitlements for a potential role in a role mining session
This method returns excluded entitlements for a potential role in a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: popularity |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw entitlementRef.name: sw |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningEntitlement]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of excluded entitlements for a potential roles. | List[RoleMiningEntitlement] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_entitlement import RoleMiningEntitlement
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
sorters = 'populariity'
filters = 'applicationName sw \"AD\"'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_excluded_entitlements_potential_role(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_excluded_entitlements_potential_role:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_excluded_entitlements_potential_role: %s\n" % e)
[Back to top]
get-identities-potential-role
Retrieves identities for a potential role in a role mining session
This method returns identities for a potential role in a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: name |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: name: sw |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningIdentity]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of identities for a potential role. | List[RoleMiningIdentity] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_identity import RoleMiningIdentity
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
sorters = 'name'
filters = 'filters_example'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_identities_potential_role(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_identities_potential_role:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_identities_potential_role: %s\n" % e)
[Back to top]
get-potential-role
Retrieve potential role in session
This method returns a specific potential role for a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
Return type
RoleMiningPotentialRole
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of potential roles for a role mining session. | RoleMiningPotentialRole | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
try:
results = IAIRoleMiningApi(api_client).get_potential_role(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role: %s\n" % e)
[Back to top]
get-potential-role-applications
Retrieves the applications of a potential role for a role mining session
This method returns the applications of a potential role for a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: applicationName: sw |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningPotentialRoleApplication]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of potential roles for a role mining session. | List[RoleMiningPotentialRoleApplication] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_application import RoleMiningPotentialRoleApplication
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '62f28d91-7d9f-4d17-be15-666d5b41d77f'
filters = 'applicationName sw \"test\"'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_potential_role_applications(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_potential_role_applications:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_applications: %s\n" % e)
[Back to top]
get-potential-role-entitlements
Retrieves the entitlements of a potential role for a role mining session
This method returns the entitlements of a potential role for a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: entitlementRef.name: sw |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningPotentialRoleEntitlements]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns the entitlements of a potential role for a role mining session. | List[RoleMiningPotentialRoleEntitlements] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_entitlements import RoleMiningPotentialRoleEntitlements
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '62f28d91-7d9f-4d17-be15-666d5b41d77f'
filters = 'entitlementRef.name sw \"test\"'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_potential_role_entitlements(session_id=session_id, potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_potential_role_entitlements:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_entitlements: %s\n" % e)
[Back to top]
get-potential-role-source-identity-usage
Retrieves potential role source usage
This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | potential_role_id | str | True | A potential role id |
| Path | source_id | str | True | A source id |
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: displayName, email, usageCount |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningPotentialRoleSourceUsage]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of source usage for the identities in a potential role. | List[RoleMiningPotentialRoleSourceUsage] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_source_usage import RoleMiningPotentialRoleSourceUsage
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
potential_role_id = 'e0cc5d7d-bf7f-4f81-b2af-8885b09d9923'
source_id = '2c9180877620c1460176267f336a106f'
sorters = '-usageCount'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_potential_role_source_identity_usage(potential_role_id=potential_role_id, source_id=source_id)
print("The response of IAIRoleMiningApi->get_potential_role_source_identity_usage:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_source_identity_usage: %s\n" % e)
[Back to top]
get-potential-role-summaries
Retrieve session's potential role summaries
This method returns the potential role summaries for a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdDate |
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: createdById: eq, sw, co createdByName: eq, sw, co description: sw, co endDate: le, lt freshness: eq, ge, gt, le, lt name: eq, sw, co quality: eq, ge, gt, le, lt startDate: ge, gt saved: eq type: eq |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningPotentialRoleSummary]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of potential role summaries for a role mining session. | List[RoleMiningPotentialRoleSummary] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role_summary import RoleMiningPotentialRoleSummary
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
sorters = 'createdDate'
filters = '(createdByName co \"int\")and (createdById sw \"2c9180907\")and (type eq \"COMMON\")and ((name co \"entt\")or (saved eq true))'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_potential_role_summaries(session_id=session_id)
print("The response of IAIRoleMiningApi->get_potential_role_summaries:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_potential_role_summaries: %s\n" % e)
[Back to top]
get-role-mining-potential-role
Retrieves a specific potential role
This method returns a specific potential role.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | potential_role_id | str | True | A potential role id |
Return type
RoleMiningPotentialRole
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of potential roles for a role mining session. | RoleMiningPotentialRole | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
try:
results = IAIRoleMiningApi(api_client).get_role_mining_potential_role(potential_role_id=potential_role_id)
print("The response of IAIRoleMiningApi->get_role_mining_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_potential_role: %s\n" % e)
[Back to top]
get-role-mining-session
Get a role mining session
The method retrieves a role mining session.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id to be retrieved. |
Return type
RoleMiningSessionResponse
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Returns a role mining session | RoleMiningSessionResponse | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
try:
results = IAIRoleMiningApi(api_client).get_role_mining_session(session_id=session_id)
print("The response of IAIRoleMiningApi->get_role_mining_session:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_session: %s\n" % e)
[Back to top]
get-role-mining-session-status
Get role mining session status state
This method returns a role mining session status for a customer.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
Return type
RoleMiningSessionStatus
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns session status | RoleMiningSessionStatus | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_status import RoleMiningSessionStatus
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
try:
results = IAIRoleMiningApi(api_client).get_role_mining_session_status(session_id=session_id)
print("The response of IAIRoleMiningApi->get_role_mining_session_status:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_session_status: %s\n" % e)
[Back to top]
get-role-mining-sessions
Retrieves all role mining sessions
Returns all role mining sessions that match the query parameters
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: saved: eq name: eq, sw |
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: createdBy, createdDate |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningSessionResponse]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns all role mining sessions that match the query parameters. | List[RoleMiningSessionResponse] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_response import RoleMiningSessionResponse
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
filters = 'saved eq \"true\" and name sw \"RM Session\"'
sorters = 'createdBy,createdDate'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_role_mining_sessions()
print("The response of IAIRoleMiningApi->get_role_mining_sessions:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_role_mining_sessions: %s\n" % e)
[Back to top]
get-saved-potential-roles
Retrieves all saved potential roles
This method returns all saved potential roles (draft roles).
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: modified |
| Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
| Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
List[RoleMiningSessionDraftRoleDto]
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns a list of draft roles for a role mining session. | List[RoleMiningSessionDraftRoleDto] | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_session_draft_role_dto import RoleMiningSessionDraftRoleDto
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
sorters = 'modified'
offset = 0
limit = 250
count = False
try:
results = IAIRoleMiningApi(api_client).get_saved_potential_roles()
print("The response of IAIRoleMiningApi->get_saved_potential_roles:\n")
for item in results:
print(item.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->get_saved_potential_roles: %s\n" % e)
[Back to top]
patch-potential-role
Update a potential role in session
This method updates an existing potential role using the role mining session id and the potential role summary id.
The following fields can be modified:
NOTE: All other fields cannot be modified.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | The potential role summary id |
| Body | patch_potential_role_request_inner | []PatchPotentialRoleRequestInner | True | |
Return type
object
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns the potential role summary based on the potentialRoleId provided. | object | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json-patch+json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.patch_potential_role_request_inner import PatchPotentialRoleRequestInner
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
patch_potential_role_request_inner = '''[{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}]'''
try:
new_patch_potential_role_request_inner = PatchPotentialRoleRequestInner.from_json(patch_potential_role_request_inner)
results = IAIRoleMiningApi(api_client).patch_potential_role(session_id=session_id, potential_role_id=potential_role_id, patch_potential_role_request_inner=new_patch_potential_role_request_inner)
print("The response of IAIRoleMiningApi->patch_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->patch_potential_role: %s\n" % e)
[Back to top]
patch-role-mining-potential-role
Update a potential role
This method updates an existing potential role.
The following fields can be modified:
NOTE: All other fields cannot be modified.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | potential_role_id | str | True | The potential role summary id |
| Body | patch_potential_role_request_inner | []PatchPotentialRoleRequestInner | True | |
Return type
object
Responses
| Code | Description | Data Type | Response headers |
|---|
| 200 | Succeeded. Returns the potential role summary based on the potentialRoleId provided. | object | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json-patch+json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.patch_potential_role_request_inner import PatchPotentialRoleRequestInner
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
patch_potential_role_request_inner = '''[{op=remove, path=/description}, {op=replace, path=/description, value=Acct I - Potential Role}, {op=remove, path=/saved}, {op=replace, path=/saved, value=false}, {op=remove, path=/name}, {op=replace, path=/name, value=Potential Role Accounting}]'''
try:
new_patch_potential_role_request_inner = PatchPotentialRoleRequestInner.from_json(patch_potential_role_request_inner)
results = IAIRoleMiningApi(api_client).patch_role_mining_potential_role(potential_role_id=potential_role_id, patch_potential_role_request_inner=new_patch_potential_role_request_inner)
print("The response of IAIRoleMiningApi->patch_role_mining_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->patch_role_mining_potential_role: %s\n" % e)
[Back to top]
patch-role-mining-session
Patch a role mining session
The method updates an existing role mining session using PATCH. Supports op in replace and changes to pruneThreshold and/or minNumIdentitiesInPotentialRole. The potential roles in this role mining session is then re-calculated.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id to be patched |
| Body | json_patch_operation | []JsonPatchOperation | True | Replace pruneThreshold and/or minNumIdentitiesInPotentialRole in role mining session. Update saved status or saved name for a role mining session. |
Return type
object
Responses
| Code | Description | Data Type | Response headers |
|---|
| 202 | Accepted - Returned if the request was successfully accepted into the system. | object | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessModelMetadataAttribute429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json-patch+json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.json_patch_operation import JsonPatchOperation
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
json_patch_operation = '''[{op=replace, path=/pruneThreshold, value=83}, {op=replace, path=/minNumIdentitiesInPotentialRole, value=10}, {op=replace, path=/saved, value=false}, {op=replace, path=/name, value=RM Session - 07/10/22}, {op=add, path=/name, value=RM Session - 07/10/22}]'''
try:
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = IAIRoleMiningApi(api_client).patch_role_mining_session(session_id=session_id, json_patch_operation=new_json_patch_operation)
print("The response of IAIRoleMiningApi->patch_role_mining_session:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->patch_role_mining_session: %s\n" % e)
[Back to top]
update-entitlements-potential-role
Edit entitlements for a potential role to exclude some entitlements
This endpoint adds or removes entitlements from an exclusion list for a potential role.
API Spec
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|
| Path | session_id | str | True | The role mining session id |
| Path | potential_role_id | str | True | A potential role id in a role mining session |
| Body | role_mining_potential_role_edit_entitlements | RoleMiningPotentialRoleEditEntitlements | True | Role mining session parameters |
Return type
RoleMiningPotentialRole
Responses
| Code | Description | Data Type | Response headers |
|---|
| 201 | Adds or removes entitlements from a potential role's entitlement exclusion list. | RoleMiningPotentialRole | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessModelMetadataAttribute401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.beta.api.iai_role_mining_api import IAIRoleMiningApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.role_mining_potential_role import RoleMiningPotentialRole
from sailpoint.beta.models.role_mining_potential_role_edit_entitlements import RoleMiningPotentialRoleEditEntitlements
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
session_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
potential_role_id = '8c190e67-87aa-4ed9-a90b-d9d5344523fb'
role_mining_potential_role_edit_entitlements = '''{
"ids" : [ "entId1", "entId2" ],
"exclude" : true
}'''
try:
new_role_mining_potential_role_edit_entitlements = RoleMiningPotentialRoleEditEntitlements.from_json(role_mining_potential_role_edit_entitlements)
results = IAIRoleMiningApi(api_client).update_entitlements_potential_role(session_id=session_id, potential_role_id=potential_role_id, role_mining_potential_role_edit_entitlements=new_role_mining_potential_role_edit_entitlements)
print("The response of IAIRoleMiningApi->update_entitlements_potential_role:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling IAIRoleMiningApi->update_entitlements_potential_role: %s\n" % e)
[Back to top]