Create request to provision a potential role into an actual role.
This method starts a job to provision a potential role
Path Parameters
- sessionId string required
The role mining session id
Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb - potentialRoleId string required
A potential role id in a role mining session
Example: 8c190e67-87aa-4ed9-a90b-d9d5344523fb
Query Parameters
- min-entitlement-popularity integer
Possible values:
<= 100
Minimum popularity required for an entitlement to be included in the provisioned role.
- include-common-access boolean
Default value:
true
Boolean determining whether common access entitlements will be included in the provisioned role.
- application/json
Request Body
Required information to create a new role
- roleName string
Name of the new role being created
- roleDescription string
Short description of the new role being created
- ownerId string
ID of the identity that will own this role
- 202
- 400
- 401
- 403
- 404
- 500
Accepted. Returns a potential role summary including the status of the provison request
- application/json
- Schema
- Example (from schema)
Schema
potentialRoleRef object
Details about the potential role
id stringId of the potential role
name stringName of the potential role
- identityCount integer
The number of identities in a potential role.
- entitlementCount integer
The number of entitlements in a potential role.
- identityGroupStatus string
The status for this identity group which can be "REQUESTED" or "OBTAINED"
- provisionState string
Possible values: [
POTENTIAL
,PENDING
,COMPLETE
,FAILED
]The status of provisioning for this potential role. Can be "POTENTIAL", "PENDING", "FAILED", or "COMPLETE".
- roleId string
ID of the provisioned role in IIQ or IDN. Null if this potential role has not been provisioned.
- density integer
The density metric (0-100) of this potential role. Higher density values indicate higher similarity amongst the identities.
- freshness integer
The freshness metric (0-100) of this potential role. Higher freshness values indicate this potential role is more distinctive compared to existing roles.
- quality integer
The quality metric (0-100) of this potential role. Higher quality values indicate this potential role has high density and freshness.
{
"potentialRoleRef": {
"id": "dd4c13c6-8237-4753-bfb7-f627e489f9ec",
"name": "Potential Role - dd4c13"
},
"identityCount": "25",
"entitlementCount": "15",
"identityGroupStatus": "OBTAINED",
"provisionState": "PENDING",
"roleId": "2a4be6fbcf3c4e66b95a0c15ffd591"
}
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (from schema)
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (from schema)
Schema
- error
A message describing the error
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (from schema)
- 403
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Not Found - returned if the request URL refers to a resource or object that does not exist
- application/json
- Schema
- Example (from schema)
- 404
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 404 response object
{
"detailCode": "404 Not found",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server did not find a current representation for the target resource."
}
]
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (from schema)
- 500
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}