Skip to main content

Patch a SOD policy

PATCH 

/sod-policies/:id

deprecated

This endpoint has been deprecated and may be replaced or removed in future versions of the API.

Allows updating SOD Policy fields other than ["id","created","creatorId","policyQuery","type"] using the JSON Patch standard. Requires role of ORG_ADMIN. This endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception.

Request

Path Parameters

    id stringrequired

    The ID of the SOD policy being modified.

    Example: 2c9180835d191a86015d28455b4a2329

Body

arrayrequired

A list of SOD Policy update operations according to the JSON Patch standard.

The following fields are patchable:

  • name
  • description
  • ownerRef
  • externalPolicyReference
  • compensatingControls
  • correctionAdvice
  • state
  • tags
  • violationOwnerAssignmentConfig
  • scheduled
  • conflictingAccessCriteria
  • Array [
  • object

  • ]

Responses

Indicates the PATCH operation succeeded, and returns the SOD policy's new representation.

Schema
    id string

    Policy ID.

    name string

    Policy business name.

    created date-time

    The time when this SOD policy is created.

    modified date-time

    The time when this SOD policy is modified.

    description stringnullable

    Optional description of the SOD policy.

    ownerRef object

    Owner's identity.

    type string

    Possible values: [IDENTITY]

    Owner's DTO type.

    id string

    Owner's identity ID.

    name string

    Owner's display name.

    externalPolicyReference stringnullable

    Optional external policy reference.

    policyQuery string

    Search query of the SOD policy.

    compensatingControls stringnullable

    Optional compensating controls (Mitigating Controls).

    correctionAdvice stringnullable

    Optional correction advice.

    state string

    Possible values: [ENFORCED, NOT_ENFORCED]

    Whether the policy is enforced or not.

    tags string[]

    Tags for the policy object.

    creatorId string

    Policy's creator ID.

    modifierId stringnullable

    Policy's modifier ID.

    violationOwnerAssignmentConfig objectnullable
    assignmentRule stringnullable

    Possible values: [MANAGER, STATIC, null]

    Details about the violations owner. MANAGER - identity's manager STATIC - Governance Group or Identity

    ownerRef object

    Owner's identity.

    type string

    Possible values: [IDENTITY]

    Owner's DTO type.

    id string

    Owner's identity ID.

    name string

    Owner's display name.

    scheduled boolean

    Default value: false

    Defines whether a policy has been scheduled or not.

    type string

    Possible values: [GENERAL, CONFLICTING_ACCESS_BASED]

    Default value: GENERAL

    Whether a policy is query based or conflicting access based.

    conflictingAccessCriteria object
    leftCriteria object
    name string

    Business name for the access construct list

    criteriaList object[]

    List of criteria. There is a min of 1 and max of 50 items in the list.

  • Array [
  • type string

    Possible values: [ENTITLEMENT]

    DTO type

    id string

    ID of the object to which this reference applies to

    name string

    Human-readable display name of the object to which this reference applies to

  • ]
  • rightCriteria object
    name string

    Business name for the access construct list

    criteriaList object[]

    List of criteria. There is a min of 1 and max of 50 items in the list.

  • Array [
  • type string

    Possible values: [ENTITLEMENT]

    DTO type

    id string

    ID of the object to which this reference applies to

    name string

    Human-readable display name of the object to which this reference applies to

  • ]
Loading...