sailpoint.v2024.AccountsApi
Use this API to implement and customize account functionality. With this functionality in place, administrators can manage users' access across sources in Identity Security Cloud.
In Identity Security Cloud, an account refers to a user's account on a supported source. This typically includes a unique identifier for the user, a unique password, a set of permissions associated with the source and a set of attributes. Identity Security Cloud loads accounts through the creation of sources in Identity Security Cloud.
Administrators can correlate users' identities with the users' accounts on the different sources they use. This allows Identity Security Cloud to govern the access of identities and all their correlated accounts securely and cohesively.
To view the accounts on a source and their correlated identities, administrators can use the Connections drop-down menu, select Sources, select the relevant source, and select its Account tab.
To view and edit source account statuses for an identity in Identity Security Cloud, administrators can use the Identities drop-down menu, select Identity List, select the relevant identity, and select its Accounts tab. Administrators can toggle an account's Actions to aggregate the account, enable/disable it, unlock it, or remove it from the identity.
Accounts can have the following statuses:
-
Enabled: The account is enabled. The user can access it.
-
Disabled: The account is disabled, and the user cannot access it, but the identity is not disabled in Identity Security Cloud. This can occur when an administrator disables the account or when the user's lifecycle state changes.
-
Locked: The account is locked. This may occur when someone has entered an incorrect password for the account too many times.
-
Pending: The account is currently updating. This status typically lasts seconds.
Administrators can select the source account to view its attributes, entitlements, and the last time the account's password was changed.
Refer to Managing User Accounts for more information about accounts.
All URIs are relative to https://sailpoint.api.identitynow.com/v2024
Method | HTTP request | Description |
---|---|---|
create-account | POST /accounts | Create Account |
delete-account | DELETE /accounts/{id} | Delete Account |
delete-account-async | POST /accounts/{id}/remove | Remove Account |
disable-account | POST /accounts/{id}/disable | Disable Account |
disable-account-for-identity | POST /identities-accounts/{id}/disable | Disable IDN Account for Identity |
disable-accounts-for-identities | POST /identities-accounts/disable | Disable IDN Accounts for Identities |
enable-account | POST /accounts/{id}/enable | Enable Account |
enable-account-for-identity | POST /identities-accounts/{id}/enable | Enable IDN Account for Identity |
enable-accounts-for-identities | POST /identities-accounts/enable | Enable IDN Accounts for Identities |
get-account | GET /accounts/{id} | Account Details |
get-account-entitlements | GET /accounts/{id}/entitlements | Account Entitlements |
list-accounts | GET /accounts | Accounts List |
put-account | PUT /accounts/{id} | Update Account |
submit-reload-account | POST /accounts/{id}/reload | Reload Account |
unlock-account | POST /accounts/{id}/unlock | Unlock Account |
update-account | PATCH /accounts/{id} | Update Account |
create-account
Create Account Submit an account creation task - the API then returns the task ID.
You must include the sourceId
where the account will be created in the attributes
object.
This endpoint creates an account on the source record in your ISC tenant.
This is useful for Flat File (DelimitedFile
) type sources because it allows you to aggregate new accounts without needing to import a new CSV file every time.
However, if you use this endpoint to create an account for a Direct Connection type source, you must ensure that the account also exists on the target source. The endpoint doesn't actually provision the account on the target source, which means that if the account doesn't also exist on the target source, an aggregation between the source and your tenant will remove it from your tenant.
By providing the account ID of an existing account in the request body, this API will function as a PATCH operation and update the account.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Body | account_attributes_create | AccountAttributesCreate | True |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details. | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account_attributes_create import AccountAttributesCreate
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
account_attributes_create = '''{
"attributes" : {
"sourceId" : "34bfcbe116c9407464af37acbaf7a4dc",
"city" : "Austin",
"displayName" : "John Doe",
"userName" : "jdoe",
"sAMAccountName" : "jDoe",
"mail" : "[email protected]"
}
}''' # AccountAttributesCreate |
try:
# Create Account
new_account_attributes_create = AccountAttributesCreate.from_json(account_attributes_create)
results = AccountsApi(api_client).create_account(account_attributes_create=new_account_attributes_create)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).create_account(new_account_attributes_create)
print("The response of AccountsApi->create_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->create_account: %s\n" % e)
delete-account
Delete Account Use this API to delete an account. This endpoint submits an account delete task and returns the task ID. This endpoint only deletes the account from IdentityNow, not the source itself, which can result in the account's returning with the next aggregation between the source and IdentityNow. To avoid this scenario, it is recommended that you disable accounts rather than delete them. This will also allow you to reenable the accounts in the future.
NOTE: You can only delete accounts from sources of the "DelimitedFile" type.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | Account ID. |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details. | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | Account ID. # str | Account ID.
try:
# Delete Account
results = AccountsApi(api_client).delete_account(id=id)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).delete_account(id)
print("The response of AccountsApi->delete_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->delete_account: %s\n" % e)
delete-account-async
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true
to use this endpoint.
on the configuration object you can set the x-sailpoint-experimental
header to `true' to enable all experimantl endpoints within the SDK.
Example:
configuration = Configuration()
configuration.experimental = True
Remove Account Use this endpoint to remove accounts from the system without provisioning changes to the source. Accounts that are removed could be re-created during the next aggregation.
This endpoint is good for:
- Removing accounts that no longer exist on the source.
- Removing accounts that won't be aggregated following updates to the source configuration.
- Forcing accounts to be re-created following the next aggregation to re-run account processing, support testing, etc.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The account id |
x_sail_point_experimental | str | True (default to 'true') | Use this header to enable this experimental API. |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Accepted. Returns task result details of removal request. | TaskResultDto | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.task_result_dto import TaskResultDto
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
id = 'c350d6aa4f104c61b062cb632421ad10' # str | The account id # str | The account id
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
try:
# Remove Account
results = AccountsApi(api_client).delete_account_async(id=id, x_sail_point_experimental=x_sail_point_experimental)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).delete_account_async(id, x_sail_point_experimental)
print("The response of AccountsApi->delete_account_async:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->delete_account_async: %s\n" % e)
disable-account
Disable Account This API submits a task to disable the account and returns the task ID.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The account id |
Body | account_toggle_request | AccountToggleRequest | True |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account_toggle_request import AccountToggleRequest
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | The account id # str | The account id
account_toggle_request = '''{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581"
}''' # AccountToggleRequest |
try:
# Disable Account
new_account_toggle_request = AccountToggleRequest.from_json(account_toggle_request)
results = AccountsApi(api_client).disable_account(id=id, account_toggle_request=new_account_toggle_request)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).disable_account(id, new_account_toggle_request)
print("The response of AccountsApi->disable_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->disable_account: %s\n" % e)
disable-account-for-identity
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true
to use this endpoint.
on the configuration object you can set the x-sailpoint-experimental
header to `true' to enable all experimantl endpoints within the SDK.
Example:
configuration = Configuration()
configuration.experimental = True
Disable IDN Account for Identity This API submits a task to disable IDN account for a single identity.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The identity id. |
x_sail_point_experimental | str | True (default to 'true') | Use this header to enable this experimental API. |
Return type
object
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Accepted - Returned if the request was successfully accepted into the system. | object | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
id = '2c91808384203c2d018437e631158309' # str | The identity id. # str | The identity id.
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
try:
# Disable IDN Account for Identity
results = AccountsApi(api_client).disable_account_for_identity(id=id, x_sail_point_experimental=x_sail_point_experimental)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).disable_account_for_identity(id, x_sail_point_experimental)
print("The response of AccountsApi->disable_account_for_identity:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->disable_account_for_identity: %s\n" % e)
disable-accounts-for-identities
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true
to use this endpoint.
on the configuration object you can set the x-sailpoint-experimental
header to `true' to enable all experimantl endpoints within the SDK.
Example:
configuration = Configuration()
configuration.experimental = True
Disable IDN Accounts for Identities This API submits tasks to disable IDN account for each identity provided in the request body.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
x_sail_point_experimental | str | True (default to 'true') | Use this header to enable this experimental API. | |
Body | identities_accounts_bulk_request | IdentitiesAccountsBulkRequest | True |
Return type
List[BulkIdentitiesAccountsResponse]
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
207 | Bulk response details. | List[BulkIdentitiesAccountsResponse] | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.bulk_identities_accounts_response import BulkIdentitiesAccountsResponse
from sailpoint.v2024.models.identities_accounts_bulk_request import IdentitiesAccountsBulkRequest
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
identities_accounts_bulk_request = '''{
"identityIds" : [ "2c91808384203c2d018437e631158308", "2c9180858082150f0180893dbaf553fe" ]
}''' # IdentitiesAccountsBulkRequest |
try:
# Disable IDN Accounts for Identities
new_identities_accounts_bulk_request = IdentitiesAccountsBulkRequest.from_json(identities_accounts_bulk_request)
results = AccountsApi(api_client).disable_accounts_for_identities(x_sail_point_experimental=x_sail_point_experimental, identities_accounts_bulk_request=new_identities_accounts_bulk_request)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).disable_accounts_for_identities(x_sail_point_experimental, new_identities_accounts_bulk_request)
print("The response of AccountsApi->disable_accounts_for_identities:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->disable_accounts_for_identities: %s\n" % e)
enable-account
Enable Account This API submits a task to enable account and returns the task ID.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The account id |
Body | account_toggle_request | AccountToggleRequest | True |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account_toggle_request import AccountToggleRequest
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | The account id # str | The account id
account_toggle_request = '''{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581"
}''' # AccountToggleRequest |
try:
# Enable Account
new_account_toggle_request = AccountToggleRequest.from_json(account_toggle_request)
results = AccountsApi(api_client).enable_account(id=id, account_toggle_request=new_account_toggle_request)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).enable_account(id, new_account_toggle_request)
print("The response of AccountsApi->enable_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->enable_account: %s\n" % e)
enable-account-for-identity
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true
to use this endpoint.
on the configuration object you can set the x-sailpoint-experimental
header to `true' to enable all experimantl endpoints within the SDK.
Example:
configuration = Configuration()
configuration.experimental = True
Enable IDN Account for Identity This API submits a task to enable IDN account for a single identity.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The identity id. |
x_sail_point_experimental | str | True (default to 'true') | Use this header to enable this experimental API. |
Return type
object
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Accepted - Returned if the request was successfully accepted into the system. | object | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
id = '2c91808384203c2d018437e631158309' # str | The identity id. # str | The identity id.
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
try:
# Enable IDN Account for Identity
results = AccountsApi(api_client).enable_account_for_identity(id=id, x_sail_point_experimental=x_sail_point_experimental)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).enable_account_for_identity(id, x_sail_point_experimental)
print("The response of AccountsApi->enable_account_for_identity:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->enable_account_for_identity: %s\n" % e)
enable-accounts-for-identities
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true
to use this endpoint.
on the configuration object you can set the x-sailpoint-experimental
header to `true' to enable all experimantl endpoints within the SDK.
Example:
configuration = Configuration()
configuration.experimental = True
Enable IDN Accounts for Identities This API submits tasks to enable IDN account for each identity provided in the request body.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
x_sail_point_experimental | str | True (default to 'true') | Use this header to enable this experimental API. | |
Body | identities_accounts_bulk_request | IdentitiesAccountsBulkRequest | True |
Return type
List[BulkIdentitiesAccountsResponse]
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
207 | Bulk response details. | List[BulkIdentitiesAccountsResponse] | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.bulk_identities_accounts_response import BulkIdentitiesAccountsResponse
from sailpoint.v2024.models.identities_accounts_bulk_request import IdentitiesAccountsBulkRequest
from sailpoint.configuration import Configuration
configuration = Configuration()
configuration.experimental = true
with ApiClient(configuration) as api_client:
x_sail_point_experimental = 'true' # str | Use this header to enable this experimental API. (default to 'true') # str | Use this header to enable this experimental API. (default to 'true')
identities_accounts_bulk_request = '''{
"identityIds" : [ "2c91808384203c2d018437e631158308", "2c9180858082150f0180893dbaf553fe" ]
}''' # IdentitiesAccountsBulkRequest |
try:
# Enable IDN Accounts for Identities
new_identities_accounts_bulk_request = IdentitiesAccountsBulkRequest.from_json(identities_accounts_bulk_request)
results = AccountsApi(api_client).enable_accounts_for_identities(x_sail_point_experimental=x_sail_point_experimental, identities_accounts_bulk_request=new_identities_accounts_bulk_request)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).enable_accounts_for_identities(x_sail_point_experimental, new_identities_accounts_bulk_request)
print("The response of AccountsApi->enable_accounts_for_identities:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->enable_accounts_for_identities: %s\n" % e)
get-account
Account Details Use this API to return the details for a single account by its ID.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | Account ID. |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
200 | Account object. | Account | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account import Account
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | Account ID. # str | Account ID.
try:
# Account Details
results = AccountsApi(api_client).get_account(id=id)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).get_account(id)
print("The response of AccountsApi->get_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->get_account: %s\n" % e)
get-account-entitlements
Account Entitlements This API returns entitlements of the account.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The account id |
Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
200 | An array of account entitlements | List[Entitlement] | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.entitlement import Entitlement
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | The account id # str | The account id
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)
try:
# Account Entitlements
results = AccountsApi(api_client).get_account_entitlements(id=id)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).get_account_entitlements(id, limit, offset, count)
print("The response of AccountsApi->get_account_entitlements:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->get_account_entitlements: %s\n" % e)
list-accounts
Accounts List List accounts.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Query | limit | int | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
Query | offset | int | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
Query | count | bool | (optional) (default to False) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
Query | detail_level | str | (optional) | This value determines whether the API provides SLIM or increased level of detail (FULL ) for each account in the returned list. FULL is the default behavior. |
Query | filters | str | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: id: eq, in, sw identityId: eq, in, sw name: eq, in, sw nativeIdentity: eq, in, sw hasEntitlements: eq sourceId: eq, in, sw uncorrelated: eq entitlements: eq origin: eq, in manuallyCorrelated: eq identity.name: eq, in, sw identity.correlated: eq identity.identityState: eq, in source.displayableName: eq, in source.authoritative: eq source.connectionType: eq, in recommendation.method: eq, in, isnull created: eq, ge, gt, le, lt modified: eq, ge, gt, le, lt |
Query | sorters | str | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: id, name, created, modified, sourceId, identityId, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
200 | List of account objects. | List[Account] | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account import Account
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
limit = 250 # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250) # int | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
offset = 0 # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0) # int | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
count = False # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False) # bool | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to False)
detail_level = 'FULL' # str | This value determines whether the API provides `SLIM` or increased level of detail (`FULL`) for each account in the returned list. `FULL` is the default behavior. (optional) # str | This value determines whether the API provides `SLIM` or increased level of detail (`FULL`) for each account in the returned list. `FULL` is the default behavior. (optional)
filters = 'identityId eq \"2c9180858082150f0180893dbaf44201\"' # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **identityId**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **hasEntitlements**: *eq* **sourceId**: *eq, in, sw* **uncorrelated**: *eq* **entitlements**: *eq* **origin**: *eq, in* **manuallyCorrelated**: *eq* **identity.name**: *eq, in, sw* **identity.correlated**: *eq* **identity.identityState**: *eq, in* **source.displayableName**: *eq, in* **source.authoritative**: *eq* **source.connectionType**: *eq, in* **recommendation.method**: *eq, in, isnull* **created**: *eq, ge, gt, le, lt* **modified**: *eq, ge, gt, le, lt* (optional) # str | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **identityId**: *eq, in, sw* **name**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **hasEntitlements**: *eq* **sourceId**: *eq, in, sw* **uncorrelated**: *eq* **entitlements**: *eq* **origin**: *eq, in* **manuallyCorrelated**: *eq* **identity.name**: *eq, in, sw* **identity.correlated**: *eq* **identity.identityState**: *eq, in* **source.displayableName**: *eq, in* **source.authoritative**: *eq* **source.connectionType**: *eq, in* **recommendation.method**: *eq, in, isnull* **created**: *eq, ge, gt, le, lt* **modified**: *eq, ge, gt, le, lt* (optional)
sorters = 'id,name' # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType** (optional) # str | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, sourceId, identityId, nativeIdentity, uuid, manuallyCorrelated, entitlements, origin, identity.name, identity.identityState, identity.correlated, source.displayableName, source.authoritative, source.connectionType** (optional)
try:
# Accounts List
results = AccountsApi(api_client).list_accounts()
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).list_accounts(limit, offset, count, detail_level, filters, sorters)
print("The response of AccountsApi->list_accounts:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->list_accounts: %s\n" % e)
put-account
Update Account Use this API to update an account with a PUT request.
This endpoint submits an account update task and returns the task ID.
Note: You can only use this PUT endpoint to update accounts from flat file sources.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | Account ID. |
Body | account_attributes | AccountAttributes | True |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details. | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account_attributes import AccountAttributes
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | Account ID. # str | Account ID.
account_attributes = '''{
"attributes" : {
"city" : "Austin",
"displayName" : "John Doe",
"userName" : "jdoe",
"sAMAccountName" : "jDoe",
"mail" : "[email protected]"
}
}''' # AccountAttributes |
try:
# Update Account
new_account_attributes = AccountAttributes.from_json(account_attributes)
results = AccountsApi(api_client).put_account(id=id, account_attributes=new_account_attributes)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).put_account(id, new_account_attributes)
print("The response of AccountsApi->put_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->put_account: %s\n" % e)
submit-reload-account
Reload Account This API asynchronously reloads the account directly from the connector and performs a one-time aggregation process.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The account id |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | The account id # str | The account id
try:
# Reload Account
results = AccountsApi(api_client).submit_reload_account(id=id)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).submit_reload_account(id)
print("The response of AccountsApi->submit_reload_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->submit_reload_account: %s\n" % e)
unlock-account
Unlock Account
This API submits a task to unlock an account and returns the task ID.
To use this endpoint to unlock an account that has the forceProvisioning
option set to true, the idn:accounts-provisioning:manage
scope is required.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | The account ID. |
Body | account_unlock_request | AccountUnlockRequest | True |
Return type
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Async task details | AccountsAsyncResult | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.account_unlock_request import AccountUnlockRequest
from sailpoint.v2024.models.accounts_async_result import AccountsAsyncResult
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | The account ID. # str | The account ID.
account_unlock_request = '''{
"forceProvisioning" : false,
"externalVerificationId" : "3f9180835d2e5168015d32f890ca1581",
"unlockIDNAccount" : false
}''' # AccountUnlockRequest |
try:
# Unlock Account
new_account_unlock_request = AccountUnlockRequest.from_json(account_unlock_request)
results = AccountsApi(api_client).unlock_account(id=id, account_unlock_request=new_account_unlock_request)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).unlock_account(id, new_account_unlock_request)
print("The response of AccountsApi->unlock_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->unlock_account: %s\n" % e)
update-account
Update Account Use this API to update account details.
This API supports updating an account's correlation by modifying the identityId
and manuallyCorrelated
fields.
To reassign an account from one identity to another, replace the current identityId
with a new value.
If the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account
for the previous identity as soon as the account is moved. If the account you're assigning is authoritative,
this causes the previous identity to become uncorrelated and can even result in its deletion.
All accounts that are reassigned will be set to manuallyCorrelated: true
unless you specify otherwise.
Note: The
attributes
field can only be modified for flat file accounts.
Parameters
Param Type | Name | Data Type | Required | Description |
---|---|---|---|---|
Path | id | str | True | Account ID. |
Body | request_body | []object | True | A list of account update operations according to the JSON Patch standard. |
Return type
object
Responses
Code | Description | Data Type | Response headers |
---|---|---|---|
202 | Accepted - Returned if the request was successfully accepted into the system. | object | - |
400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json-patch+json
- Accept: application/json
Example
from sailpoint.v2024.api.accounts_api import AccountsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
id = 'ef38f94347e94562b5bb8424a56397d8' # str | Account ID. # str | Account ID.
request_body = '''[{op=remove, path=/identityId}]''' # List[object] | A list of account update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
try:
# Update Account
new_request_body = RequestBody.from_json(request_body)
results = AccountsApi(api_client).update_account(id=id, request_body=new_request_body)
# Below is a request that includes all optional parameters
# results = AccountsApi(api_client).update_account(id, new_request_body)
print("The response of AccountsApi->update_account:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling AccountsApi->update_account: %s\n" % e)