sailpoint.v2024.GlobalTenantSecuritySettingsApi
Use this API to implement and customize global tenant security settings. With this functionality in place, administrators can manage the global security settings that a tenant/org has. This API can be used to configure the networks and Geographies allowed to access Identity Security Cloud URLs.
All URIs are relative to https://sailpoint.api.identitynow.com/v2024
| Method | HTTP request | Description |
|---|---|---|
| create-auth-org-network-config | POST /auth-org/network-config | Create security network configuration. |
| get-auth-org-network-config | GET /auth-org/network-config | Get security network configuration. |
| patch-auth-org-network-config | PATCH /auth-org/network-config | Update security network configuration. |
create-auth-org-network-config
Create security network configuration. This API returns the details of an org's network auth configuration. Requires security scope of: 'sp:auth-org:manage'
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Body | network_configuration | NetworkConfiguration | True | Network configuration creation request body. The following constraints ensure the request body conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters. |
Return type
Responses
| Code | Description | Data Type | Response headers |
|---|---|---|---|
| 200 | Network configuration for the tenant. | NetworkConfiguration | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.network_configuration import NetworkConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
network_configuration = '''{
"range" : [ "1.3.7.2", "255.255.255.252/30" ],
"whitelisted" : true,
"geolocation" : [ "CA", "FR", "HT" ]
}''' # NetworkConfiguration | Network configuration creation request body. The following constraints ensure the request body conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
try:
# Create security network configuration.
new_network_configuration = NetworkConfiguration.from_json(network_configuration)
results = GlobalTenantSecuritySettingsApi(api_client).create_auth_org_network_config(network_configuration=new_network_configuration)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).create_auth_org_network_config(new_network_configuration)
print("The response of GlobalTenantSecuritySettingsApi->create_auth_org_network_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->create_auth_org_network_config: %s\n" % e)
get-auth-org-network-config
Get security network configuration. This API returns the details of an org's network auth configuration.
Parameters
This endpoint does not need any parameter.
Return type
Responses
| Code | Description | Data Type | Response headers |
|---|---|---|---|
| 200 | Network configuration for the tenant's auth org. | NetworkConfiguration | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.network_configuration import NetworkConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
try:
# Get security network configuration.
results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_network_config()
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).get_auth_org_network_config()
print("The response of GlobalTenantSecuritySettingsApi->get_auth_org_network_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->get_auth_org_network_config: %s\n" % e)
patch-auth-org-network-config
Update security network configuration. This API updates an existing network configuration for an org using PATCH Requires security scope of: 'sp:auth-org:manage'
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Body | json_patch_operation | []JsonPatchOperation | True | A list of auth org network configuration update operations according to the JSON Patch standard. Ensures that the patched Network Config conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters. |
Return type
Responses
| Code | Description | Data Type | Response headers |
|---|---|---|---|
| 200 | Updated Auth Org network configuration. | NetworkConfiguration | - |
| 400 | Client Error - Returned if the request body is invalid. | ErrorResponseDto | - |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListAccessProfiles401Response | - |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | ErrorResponseDto | - |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | ErrorResponseDto | - |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListAccessProfiles429Response | - |
| 500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto | - |
HTTP request headers
- Content-Type: application/json-patch+json
- Accept: application/json
Example
from sailpoint.v2024.api.global_tenant_security_settings_api import GlobalTenantSecuritySettingsApi
from sailpoint.v2024.api_client import ApiClient
from sailpoint.v2024.models.json_patch_operation import JsonPatchOperation
from sailpoint.v2024.models.network_configuration import NetworkConfiguration
from sailpoint.configuration import Configuration
configuration = Configuration()
with ApiClient(configuration) as api_client:
json_patch_operation = '''[{op=replace, path=/whitelisted, value=false,}, {op=add, path=/geolocation, value=[AF, HN, ES]}]''' # List[JsonPatchOperation] | A list of auth org network configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Network Config conforms to certain logical guidelines, which are: 1. Each string element in the range array must be a valid ip address or ip subnet mask. 2. Each string element in the geolocation array must be 2 characters, and they can only be uppercase letters.
try:
# Update security network configuration.
new_json_patch_operation = JsonPatchOperation.from_json(json_patch_operation)
results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_network_config(json_patch_operation=new_json_patch_operation)
# Below is a request that includes all optional parameters
# results = GlobalTenantSecuritySettingsApi(api_client).patch_auth_org_network_config(new_json_patch_operation)
print("The response of GlobalTenantSecuritySettingsApi->patch_auth_org_network_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling GlobalTenantSecuritySettingsApi->patch_auth_org_network_config: %s\n" % e)