sailpoint-api-client 1.6.2 → 1.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/beta/README.md +2 -2
- package/beta/api.ts +20 -12
- package/beta/common.ts +2 -2
- package/beta/package.json +1 -1
- package/dist/beta/api.d.ts +20 -12
- package/dist/beta/api.js +16 -9
- package/dist/beta/api.js.map +1 -1
- package/dist/beta/common.js +1 -1
- package/dist/index.spec.js +69 -18
- package/dist/index.spec.js.map +1 -1
- package/dist/paginator.d.ts +28 -2
- package/dist/paginator.js +39 -11
- package/dist/paginator.js.map +1 -1
- package/dist/v2024/api.d.ts +136 -189
- package/dist/v2024/api.js +222 -249
- package/dist/v2024/api.js.map +1 -1
- package/dist/v2024/common.js +1 -1
- package/dist/v2025/api.d.ts +1098 -183
- package/dist/v2025/api.js +1564 -273
- package/dist/v2025/api.js.map +1 -1
- package/dist/v2025/common.js +1 -1
- package/dist/v3/api.d.ts +20 -12
- package/dist/v3/api.js +18 -11
- package/dist/v3/api.js.map +1 -1
- package/dist/v3/common.js +1 -1
- package/index.spec.ts +46 -4
- package/package.json +1 -1
- package/paginator.ts +77 -13
- package/v2024/README.md +2 -2
- package/v2024/api.ts +251 -390
- package/v2024/common.ts +2 -2
- package/v2024/package.json +1 -1
- package/v2025/README.md +2 -2
- package/v2025/api.ts +2048 -622
- package/v2025/common.ts +2 -2
- package/v2025/package.json +1 -1
- package/v3/README.md +2 -2
- package/v3/api.ts +22 -14
- package/v3/common.ts +2 -2
- package/v3/package.json +1 -1
package/beta/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
## sailpoint-sdk@1.6.
|
|
1
|
+
## sailpoint-sdk@1.6.4
|
|
2
2
|
|
|
3
3
|
This generator creates TypeScript/JavaScript client that utilizes [axios](https://github.com/axios/axios). The generated Node module can be used in the following environments:
|
|
4
4
|
|
|
@@ -36,7 +36,7 @@ navigate to the folder of your consuming project and run one of the following co
|
|
|
36
36
|
_published:_
|
|
37
37
|
|
|
38
38
|
```
|
|
39
|
-
npm install sailpoint-sdk@1.6.
|
|
39
|
+
npm install sailpoint-sdk@1.6.4 --save
|
|
40
40
|
```
|
|
41
41
|
|
|
42
42
|
_unPublished (not recommended):_
|
package/beta/api.ts
CHANGED
|
@@ -1559,7 +1559,7 @@ export interface AccessRequestItemBeta {
|
|
|
1559
1559
|
*/
|
|
1560
1560
|
'clientMetadata'?: { [key: string]: string; };
|
|
1561
1561
|
/**
|
|
1562
|
-
* The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be
|
|
1562
|
+
* The date and time the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date-time in the future. * The current SLA for the deprovisioning is 24 hours. * This date-time can be used to change the duration of an existing access item assignment for the specified identity. A GRANT_ACCESS request can extend duration or even remove an expiration date, and either a GRANT_ACCESS or REVOKE_ACCESS request can reduce duration or add an expiration date where one has not previously been present. You can change the expiration date in requests for yourself or others you are authorized to request for.
|
|
1563
1563
|
* @type {string}
|
|
1564
1564
|
* @memberof AccessRequestItemBeta
|
|
1565
1565
|
*/
|
|
@@ -22668,7 +22668,7 @@ export interface RequestedItemDtoRefBeta {
|
|
|
22668
22668
|
*/
|
|
22669
22669
|
'clientMetadata'?: { [key: string]: string; };
|
|
22670
22670
|
/**
|
|
22671
|
-
* The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be
|
|
22671
|
+
* The date and time the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date-time in the future. * The current SLA for the deprovisioning is 24 hours. * This date-time can be used to change the duration of an existing access item assignment for the specified identity. A GRANT_ACCESS request can extend duration or even remove an expiration date, and either a GRANT_ACCESS or REVOKE_ACCESS request can reduce duration or add an expiration date where one has not previously been present. You can change the expiration date in requests for yourself or others you are authorized to request for.
|
|
22672
22672
|
* @type {string}
|
|
22673
22673
|
* @memberof RequestedItemDtoRefBeta
|
|
22674
22674
|
*/
|
|
@@ -36123,7 +36123,7 @@ export const AccessRequestsBetaApiAxiosParamCreator = function (configuration?:
|
|
|
36123
36123
|
};
|
|
36124
36124
|
},
|
|
36125
36125
|
/**
|
|
36126
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
36126
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
36127
36127
|
* @summary Submit access request
|
|
36128
36128
|
* @param {AccessRequestBeta} accessRequestBeta
|
|
36129
36129
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -36373,7 +36373,7 @@ export const AccessRequestsBetaApiFp = function(configuration?: Configuration) {
|
|
|
36373
36373
|
return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
|
|
36374
36374
|
},
|
|
36375
36375
|
/**
|
|
36376
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
36376
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
36377
36377
|
* @summary Submit access request
|
|
36378
36378
|
* @param {AccessRequestBeta} accessRequestBeta
|
|
36379
36379
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -36463,7 +36463,7 @@ export const AccessRequestsBetaApiFactory = function (configuration?: Configurat
|
|
|
36463
36463
|
return localVarFp.closeAccessRequest(requestParameters.closeAccessRequestBeta, axiosOptions).then((request) => request(axios, basePath));
|
|
36464
36464
|
},
|
|
36465
36465
|
/**
|
|
36466
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
36466
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
36467
36467
|
* @summary Submit access request
|
|
36468
36468
|
* @param {AccessRequestsBetaApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
36469
36469
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -36669,7 +36669,7 @@ export class AccessRequestsBetaApi extends BaseAPI {
|
|
|
36669
36669
|
}
|
|
36670
36670
|
|
|
36671
36671
|
/**
|
|
36672
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
36672
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
36673
36673
|
* @summary Submit access request
|
|
36674
36674
|
* @param {AccessRequestsBetaApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
36675
36675
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -74753,7 +74753,7 @@ export const RequestableObjectsBetaApiAxiosParamCreator = function (configuratio
|
|
|
74753
74753
|
* Get a list of acccess items that can be requested through the [Access Request endpoints](https://developer.sailpoint.com/docs/api/v3/access-requests). Access items are marked with `AVAILABLE`, `PENDING` or `ASSIGNED` with respect to the identity provided using `identity-id` query parameter. Any authenticated token can call this endpoint to see their requestable access items.
|
|
74754
74754
|
* @summary Requestable objects list
|
|
74755
74755
|
* @param {string} [identityId] If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.
|
|
74756
|
-
* @param {Array<
|
|
74756
|
+
* @param {Array<ListRequestableObjectsTypesBeta>} [types] Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
|
|
74757
74757
|
* @param {string} [term] Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
|
|
74758
74758
|
* @param {Array<RequestableObjectRequestStatusBeta>} [statuses] Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice.
|
|
74759
74759
|
* @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
|
|
@@ -74764,7 +74764,7 @@ export const RequestableObjectsBetaApiAxiosParamCreator = function (configuratio
|
|
|
74764
74764
|
* @param {*} [axiosOptions] Override http request option.
|
|
74765
74765
|
* @throws {RequiredError}
|
|
74766
74766
|
*/
|
|
74767
|
-
listRequestableObjects: async (identityId?: string, types?: Array<
|
|
74767
|
+
listRequestableObjects: async (identityId?: string, types?: Array<ListRequestableObjectsTypesBeta>, term?: string, statuses?: Array<RequestableObjectRequestStatusBeta>, limit?: number, offset?: number, count?: boolean, filters?: string, sorters?: string, axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
|
|
74768
74768
|
const localVarPath = `/requestable-objects`;
|
|
74769
74769
|
// use dummy base URL string because the URL constructor only accepts absolute URLs.
|
|
74770
74770
|
const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
|
|
@@ -74846,7 +74846,7 @@ export const RequestableObjectsBetaApiFp = function(configuration?: Configuratio
|
|
|
74846
74846
|
* Get a list of acccess items that can be requested through the [Access Request endpoints](https://developer.sailpoint.com/docs/api/v3/access-requests). Access items are marked with `AVAILABLE`, `PENDING` or `ASSIGNED` with respect to the identity provided using `identity-id` query parameter. Any authenticated token can call this endpoint to see their requestable access items.
|
|
74847
74847
|
* @summary Requestable objects list
|
|
74848
74848
|
* @param {string} [identityId] If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.
|
|
74849
|
-
* @param {Array<
|
|
74849
|
+
* @param {Array<ListRequestableObjectsTypesBeta>} [types] Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
|
|
74850
74850
|
* @param {string} [term] Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
|
|
74851
74851
|
* @param {Array<RequestableObjectRequestStatusBeta>} [statuses] Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice.
|
|
74852
74852
|
* @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
|
|
@@ -74857,7 +74857,7 @@ export const RequestableObjectsBetaApiFp = function(configuration?: Configuratio
|
|
|
74857
74857
|
* @param {*} [axiosOptions] Override http request option.
|
|
74858
74858
|
* @throws {RequiredError}
|
|
74859
74859
|
*/
|
|
74860
|
-
async listRequestableObjects(identityId?: string, types?: Array<
|
|
74860
|
+
async listRequestableObjects(identityId?: string, types?: Array<ListRequestableObjectsTypesBeta>, term?: string, statuses?: Array<RequestableObjectRequestStatusBeta>, limit?: number, offset?: number, count?: boolean, filters?: string, sorters?: string, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<RequestableObjectBeta>>> {
|
|
74861
74861
|
const localVarAxiosArgs = await localVarAxiosParamCreator.listRequestableObjects(identityId, types, term, statuses, limit, offset, count, filters, sorters, axiosOptions);
|
|
74862
74862
|
const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
|
|
74863
74863
|
const localVarOperationServerBasePath = operationServerMap['RequestableObjectsBetaApi.listRequestableObjects']?.[localVarOperationServerIndex]?.url;
|
|
@@ -74901,10 +74901,10 @@ export interface RequestableObjectsBetaApiListRequestableObjectsRequest {
|
|
|
74901
74901
|
|
|
74902
74902
|
/**
|
|
74903
74903
|
* Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
|
|
74904
|
-
* @type {Array<
|
|
74904
|
+
* @type {Array<'ACCESS_PROFILE' | 'ROLE'>}
|
|
74905
74905
|
* @memberof RequestableObjectsBetaApiListRequestableObjects
|
|
74906
74906
|
*/
|
|
74907
|
-
readonly types?: Array<
|
|
74907
|
+
readonly types?: Array<ListRequestableObjectsTypesBeta>
|
|
74908
74908
|
|
|
74909
74909
|
/**
|
|
74910
74910
|
* Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
|
|
@@ -74976,6 +74976,14 @@ export class RequestableObjectsBetaApi extends BaseAPI {
|
|
|
74976
74976
|
}
|
|
74977
74977
|
}
|
|
74978
74978
|
|
|
74979
|
+
/**
|
|
74980
|
+
* @export
|
|
74981
|
+
*/
|
|
74982
|
+
export const ListRequestableObjectsTypesBeta = {
|
|
74983
|
+
AccessProfile: 'ACCESS_PROFILE',
|
|
74984
|
+
Role: 'ROLE'
|
|
74985
|
+
} as const;
|
|
74986
|
+
export type ListRequestableObjectsTypesBeta = typeof ListRequestableObjectsTypesBeta[keyof typeof ListRequestableObjectsTypesBeta];
|
|
74979
74987
|
|
|
74980
74988
|
|
|
74981
74989
|
/**
|
package/beta/common.ts
CHANGED
|
@@ -147,9 +147,9 @@ export const createRequestFunction = function (axiosArgs: RequestArgs, globalAxi
|
|
|
147
147
|
return <T = unknown, R = AxiosResponse<T>>(axios: AxiosInstance = globalAxios, basePath: string = BASE_PATH) => {
|
|
148
148
|
axiosRetry(axios, configuration.retriesConfig)
|
|
149
149
|
const headers = {
|
|
150
|
-
...{'User-Agent':'OpenAPI-Generator/1.6.
|
|
150
|
+
...{'User-Agent':'OpenAPI-Generator/1.6.4/ts'},
|
|
151
151
|
...axiosArgs.axiosOptions.headers,
|
|
152
|
-
...{'X-SailPoint-SDK':'typescript-1.6.
|
|
152
|
+
...{'X-SailPoint-SDK':'typescript-1.6.4'}
|
|
153
153
|
}
|
|
154
154
|
|
|
155
155
|
if(!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|
package/beta/package.json
CHANGED
package/dist/beta/api.d.ts
CHANGED
|
@@ -1494,7 +1494,7 @@ export interface AccessRequestItemBeta {
|
|
|
1494
1494
|
[key: string]: string;
|
|
1495
1495
|
};
|
|
1496
1496
|
/**
|
|
1497
|
-
* The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be
|
|
1497
|
+
* The date and time the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date-time in the future. * The current SLA for the deprovisioning is 24 hours. * This date-time can be used to change the duration of an existing access item assignment for the specified identity. A GRANT_ACCESS request can extend duration or even remove an expiration date, and either a GRANT_ACCESS or REVOKE_ACCESS request can reduce duration or add an expiration date where one has not previously been present. You can change the expiration date in requests for yourself or others you are authorized to request for.
|
|
1498
1498
|
* @type {string}
|
|
1499
1499
|
* @memberof AccessRequestItemBeta
|
|
1500
1500
|
*/
|
|
@@ -21915,7 +21915,7 @@ export interface RequestedItemDtoRefBeta {
|
|
|
21915
21915
|
[key: string]: string;
|
|
21916
21916
|
};
|
|
21917
21917
|
/**
|
|
21918
|
-
* The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be
|
|
21918
|
+
* The date and time the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date-time in the future. * The current SLA for the deprovisioning is 24 hours. * This date-time can be used to change the duration of an existing access item assignment for the specified identity. A GRANT_ACCESS request can extend duration or even remove an expiration date, and either a GRANT_ACCESS or REVOKE_ACCESS request can reduce duration or add an expiration date where one has not previously been present. You can change the expiration date in requests for yourself or others you are authorized to request for.
|
|
21919
21919
|
* @type {string}
|
|
21920
21920
|
* @memberof RequestedItemDtoRefBeta
|
|
21921
21921
|
*/
|
|
@@ -33893,7 +33893,7 @@ export declare const AccessRequestsBetaApiAxiosParamCreator: (configuration?: Co
|
|
|
33893
33893
|
*/
|
|
33894
33894
|
closeAccessRequest: (closeAccessRequestBeta: CloseAccessRequestBeta, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
|
|
33895
33895
|
/**
|
|
33896
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
33896
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
33897
33897
|
* @summary Submit access request
|
|
33898
33898
|
* @param {AccessRequestBeta} accessRequestBeta
|
|
33899
33899
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -33955,7 +33955,7 @@ export declare const AccessRequestsBetaApiFp: (configuration?: Configuration) =>
|
|
|
33955
33955
|
*/
|
|
33956
33956
|
closeAccessRequest(closeAccessRequestBeta: CloseAccessRequestBeta, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<object>>;
|
|
33957
33957
|
/**
|
|
33958
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
33958
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
33959
33959
|
* @summary Submit access request
|
|
33960
33960
|
* @param {AccessRequestBeta} accessRequestBeta
|
|
33961
33961
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -34017,7 +34017,7 @@ export declare const AccessRequestsBetaApiFactory: (configuration?: Configuratio
|
|
|
34017
34017
|
*/
|
|
34018
34018
|
closeAccessRequest(requestParameters: AccessRequestsBetaApiCloseAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<object>;
|
|
34019
34019
|
/**
|
|
34020
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
34020
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
34021
34021
|
* @summary Submit access request
|
|
34022
34022
|
* @param {AccessRequestsBetaApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
34023
34023
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -34193,7 +34193,7 @@ export declare class AccessRequestsBetaApi extends BaseAPI {
|
|
|
34193
34193
|
*/
|
|
34194
34194
|
closeAccessRequest(requestParameters: AccessRequestsBetaApiCloseAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<object, any>>;
|
|
34195
34195
|
/**
|
|
34196
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the
|
|
34196
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
34197
34197
|
* @summary Submit access request
|
|
34198
34198
|
* @param {AccessRequestsBetaApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
34199
34199
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -54347,7 +54347,7 @@ export declare const RequestableObjectsBetaApiAxiosParamCreator: (configuration?
|
|
|
54347
54347
|
* Get a list of acccess items that can be requested through the [Access Request endpoints](https://developer.sailpoint.com/docs/api/v3/access-requests). Access items are marked with `AVAILABLE`, `PENDING` or `ASSIGNED` with respect to the identity provided using `identity-id` query parameter. Any authenticated token can call this endpoint to see their requestable access items.
|
|
54348
54348
|
* @summary Requestable objects list
|
|
54349
54349
|
* @param {string} [identityId] If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.
|
|
54350
|
-
* @param {Array<
|
|
54350
|
+
* @param {Array<ListRequestableObjectsTypesBeta>} [types] Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
|
|
54351
54351
|
* @param {string} [term] Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
|
|
54352
54352
|
* @param {Array<RequestableObjectRequestStatusBeta>} [statuses] Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice.
|
|
54353
54353
|
* @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
|
|
@@ -54358,7 +54358,7 @@ export declare const RequestableObjectsBetaApiAxiosParamCreator: (configuration?
|
|
|
54358
54358
|
* @param {*} [axiosOptions] Override http request option.
|
|
54359
54359
|
* @throws {RequiredError}
|
|
54360
54360
|
*/
|
|
54361
|
-
listRequestableObjects: (identityId?: string, types?: Array<
|
|
54361
|
+
listRequestableObjects: (identityId?: string, types?: Array<ListRequestableObjectsTypesBeta>, term?: string, statuses?: Array<RequestableObjectRequestStatusBeta>, limit?: number, offset?: number, count?: boolean, filters?: string, sorters?: string, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
|
|
54362
54362
|
};
|
|
54363
54363
|
/**
|
|
54364
54364
|
* RequestableObjectsBetaApi - functional programming interface
|
|
@@ -54369,7 +54369,7 @@ export declare const RequestableObjectsBetaApiFp: (configuration?: Configuration
|
|
|
54369
54369
|
* Get a list of acccess items that can be requested through the [Access Request endpoints](https://developer.sailpoint.com/docs/api/v3/access-requests). Access items are marked with `AVAILABLE`, `PENDING` or `ASSIGNED` with respect to the identity provided using `identity-id` query parameter. Any authenticated token can call this endpoint to see their requestable access items.
|
|
54370
54370
|
* @summary Requestable objects list
|
|
54371
54371
|
* @param {string} [identityId] If present, the value returns only requestable objects for the specified identity. * Admin users can call this with any identity ID value. * Non-admin users can only specify *me* or pass their own identity ID value. * If absent, returns a list of all requestable objects for the tenant. Only admin users can make such a call. In this case, the available, pending, assigned accesses will not be annotated in the result.
|
|
54372
|
-
* @param {Array<
|
|
54372
|
+
* @param {Array<ListRequestableObjectsTypesBeta>} [types] Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
|
|
54373
54373
|
* @param {string} [term] Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
|
|
54374
54374
|
* @param {Array<RequestableObjectRequestStatusBeta>} [statuses] Filters the result to the specified status/statuses, where each status is one of `AVAILABLE`, `ASSIGNED`, or `PENDING`. Specifying this parameter without also specifying an `identity-id` parameter results in an error. SailPoint may add additional statuses in the future without notice.
|
|
54375
54375
|
* @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
|
|
@@ -54380,7 +54380,7 @@ export declare const RequestableObjectsBetaApiFp: (configuration?: Configuration
|
|
|
54380
54380
|
* @param {*} [axiosOptions] Override http request option.
|
|
54381
54381
|
* @throws {RequiredError}
|
|
54382
54382
|
*/
|
|
54383
|
-
listRequestableObjects(identityId?: string, types?: Array<
|
|
54383
|
+
listRequestableObjects(identityId?: string, types?: Array<ListRequestableObjectsTypesBeta>, term?: string, statuses?: Array<RequestableObjectRequestStatusBeta>, limit?: number, offset?: number, count?: boolean, filters?: string, sorters?: string, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<RequestableObjectBeta>>>;
|
|
54384
54384
|
};
|
|
54385
54385
|
/**
|
|
54386
54386
|
* RequestableObjectsBetaApi - factory interface
|
|
@@ -54410,10 +54410,10 @@ export interface RequestableObjectsBetaApiListRequestableObjectsRequest {
|
|
|
54410
54410
|
readonly identityId?: string;
|
|
54411
54411
|
/**
|
|
54412
54412
|
* Filters the results to the specified type/types, where each type is one of `ROLE` or `ACCESS_PROFILE`. If absent, all types are returned. SailPoint may add support for additional types in the future without notice.
|
|
54413
|
-
* @type {Array<
|
|
54413
|
+
* @type {Array<'ACCESS_PROFILE' | 'ROLE'>}
|
|
54414
54414
|
* @memberof RequestableObjectsBetaApiListRequestableObjects
|
|
54415
54415
|
*/
|
|
54416
|
-
readonly types?: Array<
|
|
54416
|
+
readonly types?: Array<ListRequestableObjectsTypesBeta>;
|
|
54417
54417
|
/**
|
|
54418
54418
|
* Allows searching requestable access items with a partial match on the name or description. If `term` is provided, then the API will ignore the `filter` query parameter.
|
|
54419
54419
|
* @type {string}
|
|
@@ -54474,6 +54474,14 @@ export declare class RequestableObjectsBetaApi extends BaseAPI {
|
|
|
54474
54474
|
*/
|
|
54475
54475
|
listRequestableObjects(requestParameters?: RequestableObjectsBetaApiListRequestableObjectsRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<RequestableObjectBeta[], any>>;
|
|
54476
54476
|
}
|
|
54477
|
+
/**
|
|
54478
|
+
* @export
|
|
54479
|
+
*/
|
|
54480
|
+
export declare const ListRequestableObjectsTypesBeta: {
|
|
54481
|
+
readonly AccessProfile: "ACCESS_PROFILE";
|
|
54482
|
+
readonly Role: "ROLE";
|
|
54483
|
+
};
|
|
54484
|
+
export type ListRequestableObjectsTypesBeta = typeof ListRequestableObjectsTypesBeta[keyof typeof ListRequestableObjectsTypesBeta];
|
|
54477
54485
|
/**
|
|
54478
54486
|
* RoleInsightsBetaApi - axios parameter creator
|
|
54479
54487
|
* @export
|