Delete Access Profile(s)​
This API initiates a bulk deletion of one or more Access Profiles.
By default, if any of the indicated Access Profiles are in use, no deletions will be performed and the inUse field of the response indicates the usages that must be removed first. If the request field bestEffortOnly is true, however, usages are reported in the inUse response field but all other indicated Access Profiles will be deleted.
A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In addition, a SOURCE_SUBADMIN may only use this API to delete Access Profiles which are associated with Sources they are able to administer.
Request Body required
List of IDs of Access Profiles to be deleted.
If true, silently skip over any of the specified Access Profiles if they cannot be deleted because they are in use. If false, no deletions will be attempted if any of the Access Profiles are in use.
- 200
- 202
- 400
- 401
- 403
- 429
- 500
Returned only if bestEffortOnly is false, and one or more Access Profiles are in use.
Schema
- Array [
- Array [
- ]
- ]
ID of the task which is executing the bulk deletion. This can be passed to the /task-status API to track status.
List of IDs of Access Profiles which are pending deletion.
inUse object[]
List of usages of Access Profiles targeted for deletion.
ID of the Access Profile that is in use
usedBy object[]
List of references to objects which are using the indicated Access Profile
Possible values: [ACCOUNT_CORRELATION_CONFIG
, ACCESS_PROFILE
, ACCESS_REQUEST_APPROVAL
, ACCOUNT
, APPLICATION
, CAMPAIGN
, CAMPAIGN_FILTER
, CERTIFICATION
, CLUSTER
, CONNECTOR_SCHEMA
, ENTITLEMENT
, GOVERNANCE_GROUP
, IDENTITY
, IDENTITY_PROFILE
, IDENTITY_REQUEST
, LIFECYCLE_STATE
, PASSWORD_POLICY
, ROLE
, RULE
, SOD_POLICY
, SOURCE
, TAG
, TAG_CATEGORY
, TASK_RESULT
, REPORT_RESULT
, SOD_VIOLATION
, ACCOUNT_ACTIVITY
, WORKGROUP
]
DTO type
ID of the object to which this reference applies
Human-readable display name of the object to which this reference applies
{
"taskId": "2c9180867817ac4d017817c491119a20",
"pending": [
"2c91808876438bbb017668c21919ecca",
"2c91808876438bb201766e129f151816"
],
"inUse": [
{
"accessProfileId": "2c91808876438bbb017668c21919ecca",
"usedBy": [
{
"type": "IDENTITY",
"id": "2c91808568c529c60168cca6f90c1313",
"name": "William Wilson"
}
]
}
]
}
{
"pending": [],
"inUse": [
{
"accessProfileId": "2c91808876438ba801766e129f151816",
"usages": [
{
"type": "Role",
"id": "2c9180887643764201766e9f6e121518"
}
]
}
]
}
Returned if at least one deletion will be performed.
Schema
- Array [
- Array [
- ]
- ]
ID of the task which is executing the bulk deletion. This can be passed to the /task-status API to track status.
List of IDs of Access Profiles which are pending deletion.
inUse object[]
List of usages of Access Profiles targeted for deletion.
ID of the Access Profile that is in use
usedBy object[]
List of references to objects which are using the indicated Access Profile
Possible values: [ACCOUNT_CORRELATION_CONFIG
, ACCESS_PROFILE
, ACCESS_REQUEST_APPROVAL
, ACCOUNT
, APPLICATION
, CAMPAIGN
, CAMPAIGN_FILTER
, CERTIFICATION
, CLUSTER
, CONNECTOR_SCHEMA
, ENTITLEMENT
, GOVERNANCE_GROUP
, IDENTITY
, IDENTITY_PROFILE
, IDENTITY_REQUEST
, LIFECYCLE_STATE
, PASSWORD_POLICY
, ROLE
, RULE
, SOD_POLICY
, SOURCE
, TAG
, TAG_CATEGORY
, TASK_RESULT
, REPORT_RESULT
, SOD_VIOLATION
, ACCOUNT_ACTIVITY
, WORKGROUP
]
DTO type
ID of the object to which this reference applies
Human-readable display name of the object to which this reference applies
{
"taskId": "2c9180867817ac4d017817c491119a20",
"pending": [
"2c91808876438bbb017668c21919ecca",
"2c91808876438bb201766e129f151816"
],
"inUse": [
{
"accessProfileId": "2c91808876438bbb017668c21919ecca",
"usedBy": [
{
"type": "IDENTITY",
"id": "2c91808568c529c60168cca6f90c1313",
"name": "William Wilson"
}
]
}
]
}
{
"taskId": "2c91808a7813090a01781412a1119a20",
"pending": [
"2c91808a7813090a017813fe1919ecca"
],
"inUse": [
{
"accessProfileId": "2c91808876438ba801766e129f151816",
"usages": [
{
"type": "Role",
"id": "2c9180887643764201766e9f6e121518"
}
]
}
]
}
Client Error - Returned if the request body is invalid.
Schema
- Array [
- ]
- Array [
- ]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
Schema
A message describing the error
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
Schema
- Array [
- ]
- Array [
- ]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
Schema
A message describing the error
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
Schema
- Array [
- ]
- Array [
- ]
Fine-grained error code providing more detail of the error.
Unique tracking id for the error.
messages object[]
Generic localized reason for error
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
The locale for the message text, a BCP 47 language tag.
Possible values: [DEFAULT
, REQUEST
]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
Actual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}