Skip to main content

Get SOD policy by ID​

This gets specified SOD policy. Requires role of ORG_ADMIN.

Path Parameters
    id string required

    The ID of the SOD Policy to retrieve.

    Example: ef38f943-47e9-4562-b5bb-8424a56397d8
Responses

SOD policy ID.

Schema
    name string

    Policy Business Name

    description string nullable

    Optional description of the SOD policy

    ownerRef object
    type DtoType

    Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]

    DTO type

    id string

    ID of the object to which this reference applies

    name string

    Human-readable display name of the object to which this reference applies

    externalPolicyReference string nullable

    Optional External Policy Reference

    policyQuery string

    Search query of the SOD policy

    compensatingControls string nullable

    Optional compensating controls(Mitigating Controls)

    correctionAdvice string nullable

    Optional correction advice

    state string

    Possible values: [ENFORCED, NOT_ENFORCED]

    whether the policy is enforced or not

    tags string[]

    tags for this policy object

    violationOwnerAssignmentConfig object nullable
    assignmentRule string nullable

    Possible values: [MANAGER, STATIC, null]

    Details about the violations owner. MANAGER - identity's manager STATIC - Governance Group or Identity

    ownerRef object nullable
    type DtoType

    Possible values: [ACCOUNT_CORRELATION_CONFIG, ACCESS_PROFILE, ACCESS_REQUEST_APPROVAL, ACCOUNT, APPLICATION, CAMPAIGN, CAMPAIGN_FILTER, CERTIFICATION, CLUSTER, CONNECTOR_SCHEMA, ENTITLEMENT, GOVERNANCE_GROUP, IDENTITY, IDENTITY_PROFILE, IDENTITY_REQUEST, LIFECYCLE_STATE, PASSWORD_POLICY, ROLE, RULE, SOD_POLICY, SOURCE, TAG, TAG_CATEGORY, TASK_RESULT, REPORT_RESULT, SOD_VIOLATION, ACCOUNT_ACTIVITY, WORKGROUP]

    DTO type

    id string

    ID of the object to which this reference applies

    name string

    Human-readable display name of the object to which this reference applies

    scheduled boolean

    Default value: false

    defines whether a policy has been scheduled or not

    type string

    Possible values: [GENERAL, CONFLICTING_ACCESS_BASED]

    Default value: GENERAL

    whether a policy is query based or conflicting access based

    conflictingAccessCriteria object nullable
    leftCriteria object
    name string

    Business name for the access construct list

    criteriaList object[]

    Possible values: >= 1, <= 50

    List of criteria. There is a min of 1 and max of 50 items in the list.

  • Array [
    • type string

    Possible values: [ENTITLEMENT]

    Type of the propery to which this reference applies to

    id string

    ID of the object to which this reference applies to

    name string

    Human-readable display name of the object to which this reference applies to

  • ]
    • rightCriteria object
    name string

    Business name for the access construct list

    criteriaList object[]

    Possible values: >= 1, <= 50

    List of criteria. There is a min of 1 and max of 50 items in the list.

  • Array [
    • type string

    Possible values: [ENTITLEMENT]

    Type of the propery to which this reference applies to

    id string

    ID of the object to which this reference applies to

    name string

    Human-readable display name of the object to which this reference applies to

  • ]
Loading...