sailpoint-api-client 1.7.14 → 1.7.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/beta/README.md +2 -2
- package/beta/api.ts +4 -4
- package/beta/common.ts +2 -2
- package/beta/package.json +1 -1
- package/dist/beta/api.d.ts +4 -4
- package/dist/beta/api.js +4 -4
- package/dist/beta/common.js +1 -1
- package/dist/v2024/api.d.ts +4 -4
- package/dist/v2024/api.js +4 -4
- package/dist/v2024/common.js +1 -1
- package/dist/v2025/api.d.ts +4 -4
- package/dist/v2025/api.js +4 -4
- package/dist/v2025/common.js +1 -1
- package/dist/v2026/common.js +1 -1
- package/dist/v3/api.d.ts +4 -4
- package/dist/v3/api.js +4 -4
- package/dist/v3/common.js +1 -1
- package/package.json +1 -1
- package/v2024/README.md +2 -2
- package/v2024/api.ts +4 -4
- package/v2024/common.ts +2 -2
- package/v2024/package.json +1 -1
- package/v2025/README.md +2 -2
- package/v2025/api.ts +4 -4
- package/v2025/common.ts +2 -2
- package/v2025/package.json +1 -1
- package/v2026/README.md +2 -2
- package/v2026/common.ts +2 -2
- package/v2026/package.json +1 -1
- package/v3/README.md +2 -2
- package/v3/api.ts +4 -4
- package/v3/common.ts +2 -2
- package/v3/package.json +1 -1
package/dist/v2024/api.js
CHANGED
|
@@ -6529,7 +6529,7 @@ var AccessRequestsV2024ApiAxiosParamCreator = function (configuration) {
|
|
|
6529
6529
|
});
|
|
6530
6530
|
},
|
|
6531
6531
|
/**
|
|
6532
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
6532
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
6533
6533
|
* @summary Submit access request
|
|
6534
6534
|
* @param {AccessRequestV2024} accessRequestV2024
|
|
6535
6535
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -7100,7 +7100,7 @@ var AccessRequestsV2024ApiFp = function (configuration) {
|
|
|
7100
7100
|
});
|
|
7101
7101
|
},
|
|
7102
7102
|
/**
|
|
7103
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
7103
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
7104
7104
|
* @summary Submit access request
|
|
7105
7105
|
* @param {AccessRequestV2024} accessRequestV2024
|
|
7106
7106
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -7332,7 +7332,7 @@ var AccessRequestsV2024ApiFactory = function (configuration, basePath, axios) {
|
|
|
7332
7332
|
return localVarFp.closeAccessRequest(requestParameters.closeAccessRequestV2024, axiosOptions).then(function (request) { return request(axios, basePath); });
|
|
7333
7333
|
},
|
|
7334
7334
|
/**
|
|
7335
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
7335
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
7336
7336
|
* @summary Submit access request
|
|
7337
7337
|
* @param {AccessRequestsV2024ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
7338
7338
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -7464,7 +7464,7 @@ var AccessRequestsV2024Api = /** @class */ (function (_super) {
|
|
|
7464
7464
|
return (0, exports.AccessRequestsV2024ApiFp)(this.configuration).closeAccessRequest(requestParameters.closeAccessRequestV2024, axiosOptions).then(function (request) { return request(_this.axios, _this.basePath); });
|
|
7465
7465
|
};
|
|
7466
7466
|
/**
|
|
7467
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
7467
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
7468
7468
|
* @summary Submit access request
|
|
7469
7469
|
* @param {AccessRequestsV2024ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
7470
7470
|
* @param {*} [axiosOptions] Override http request option.
|
package/dist/v2024/common.js
CHANGED
|
@@ -250,7 +250,7 @@ var createRequestFunction = function (axiosArgs, globalAxios, BASE_PATH, configu
|
|
|
250
250
|
if (axios === void 0) { axios = globalAxios; }
|
|
251
251
|
if (basePath === void 0) { basePath = BASE_PATH; }
|
|
252
252
|
(0, axios_retry_1.default)(axios, configuration.retriesConfig);
|
|
253
|
-
var headers = __assign(__assign({ 'User-Agent': 'OpenAPI-Generator/1.7.
|
|
253
|
+
var headers = __assign(__assign({ 'User-Agent': 'OpenAPI-Generator/1.7.16/ts' }, axiosArgs.axiosOptions.headers), { 'X-SailPoint-SDK': 'typescript-1.7.16' });
|
|
254
254
|
if (!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|
|
255
255
|
throw new Error("You are using Experimental APIs. Set configuration.experimental = True to enable these APIs in the SDK.");
|
|
256
256
|
}
|
package/dist/v2025/api.d.ts
CHANGED
|
@@ -52300,7 +52300,7 @@ export declare const AccessRequestsV2025ApiAxiosParamCreator: (configuration?: C
|
|
|
52300
52300
|
*/
|
|
52301
52301
|
closeAccessRequest: (closeAccessRequestV2025: CloseAccessRequestV2025, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
|
|
52302
52302
|
/**
|
|
52303
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
52303
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
52304
52304
|
* @summary Submit access request
|
|
52305
52305
|
* @param {AccessRequestV2025} accessRequestV2025
|
|
52306
52306
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -52414,7 +52414,7 @@ export declare const AccessRequestsV2025ApiFp: (configuration?: Configuration) =
|
|
|
52414
52414
|
*/
|
|
52415
52415
|
closeAccessRequest(closeAccessRequestV2025: CloseAccessRequestV2025, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<object>>;
|
|
52416
52416
|
/**
|
|
52417
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
52417
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
52418
52418
|
* @summary Submit access request
|
|
52419
52419
|
* @param {AccessRequestV2025} accessRequestV2025
|
|
52420
52420
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -52528,7 +52528,7 @@ export declare const AccessRequestsV2025ApiFactory: (configuration?: Configurati
|
|
|
52528
52528
|
*/
|
|
52529
52529
|
closeAccessRequest(requestParameters: AccessRequestsV2025ApiCloseAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<object>;
|
|
52530
52530
|
/**
|
|
52531
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
52531
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
52532
52532
|
* @summary Submit access request
|
|
52533
52533
|
* @param {AccessRequestsV2025ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
52534
52534
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -52883,7 +52883,7 @@ export declare class AccessRequestsV2025Api extends BaseAPI {
|
|
|
52883
52883
|
*/
|
|
52884
52884
|
closeAccessRequest(requestParameters: AccessRequestsV2025ApiCloseAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<object, any>>;
|
|
52885
52885
|
/**
|
|
52886
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
52886
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
52887
52887
|
* @summary Submit access request
|
|
52888
52888
|
* @param {AccessRequestsV2025ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
52889
52889
|
* @param {*} [axiosOptions] Override http request option.
|
package/dist/v2025/api.js
CHANGED
|
@@ -7288,7 +7288,7 @@ var AccessRequestsV2025ApiAxiosParamCreator = function (configuration) {
|
|
|
7288
7288
|
});
|
|
7289
7289
|
},
|
|
7290
7290
|
/**
|
|
7291
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
7291
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
7292
7292
|
* @summary Submit access request
|
|
7293
7293
|
* @param {AccessRequestV2025} accessRequestV2025
|
|
7294
7294
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -7852,7 +7852,7 @@ var AccessRequestsV2025ApiFp = function (configuration) {
|
|
|
7852
7852
|
});
|
|
7853
7853
|
},
|
|
7854
7854
|
/**
|
|
7855
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
7855
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
7856
7856
|
* @summary Submit access request
|
|
7857
7857
|
* @param {AccessRequestV2025} accessRequestV2025
|
|
7858
7858
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -8083,7 +8083,7 @@ var AccessRequestsV2025ApiFactory = function (configuration, basePath, axios) {
|
|
|
8083
8083
|
return localVarFp.closeAccessRequest(requestParameters.closeAccessRequestV2025, axiosOptions).then(function (request) { return request(axios, basePath); });
|
|
8084
8084
|
},
|
|
8085
8085
|
/**
|
|
8086
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
8086
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
8087
8087
|
* @summary Submit access request
|
|
8088
8088
|
* @param {AccessRequestsV2025ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
8089
8089
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -8215,7 +8215,7 @@ var AccessRequestsV2025Api = /** @class */ (function (_super) {
|
|
|
8215
8215
|
return (0, exports.AccessRequestsV2025ApiFp)(this.configuration).closeAccessRequest(requestParameters.closeAccessRequestV2025, axiosOptions).then(function (request) { return request(_this.axios, _this.basePath); });
|
|
8216
8216
|
};
|
|
8217
8217
|
/**
|
|
8218
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
8218
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
8219
8219
|
* @summary Submit access request
|
|
8220
8220
|
* @param {AccessRequestsV2025ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
8221
8221
|
* @param {*} [axiosOptions] Override http request option.
|
package/dist/v2025/common.js
CHANGED
|
@@ -250,7 +250,7 @@ var createRequestFunction = function (axiosArgs, globalAxios, BASE_PATH, configu
|
|
|
250
250
|
if (axios === void 0) { axios = globalAxios; }
|
|
251
251
|
if (basePath === void 0) { basePath = BASE_PATH; }
|
|
252
252
|
(0, axios_retry_1.default)(axios, configuration.retriesConfig);
|
|
253
|
-
var headers = __assign(__assign({ 'User-Agent': 'OpenAPI-Generator/1.7.
|
|
253
|
+
var headers = __assign(__assign({ 'User-Agent': 'OpenAPI-Generator/1.7.16/ts' }, axiosArgs.axiosOptions.headers), { 'X-SailPoint-SDK': 'typescript-1.7.16' });
|
|
254
254
|
if (!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|
|
255
255
|
throw new Error("You are using Experimental APIs. Set configuration.experimental = True to enable these APIs in the SDK.");
|
|
256
256
|
}
|
package/dist/v2026/common.js
CHANGED
|
@@ -250,7 +250,7 @@ var createRequestFunction = function (axiosArgs, globalAxios, BASE_PATH, configu
|
|
|
250
250
|
if (axios === void 0) { axios = globalAxios; }
|
|
251
251
|
if (basePath === void 0) { basePath = BASE_PATH; }
|
|
252
252
|
(0, axios_retry_1.default)(axios, configuration.retriesConfig);
|
|
253
|
-
var headers = __assign(__assign({ 'User-Agent': 'OpenAPI-Generator/1.7.
|
|
253
|
+
var headers = __assign(__assign({ 'User-Agent': 'OpenAPI-Generator/1.7.16/ts' }, axiosArgs.axiosOptions.headers), { 'X-SailPoint-SDK': 'typescript-1.7.16' });
|
|
254
254
|
if (!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|
|
255
255
|
throw new Error("You are using Experimental APIs. Set configuration.experimental = True to enable these APIs in the SDK.");
|
|
256
256
|
}
|
package/dist/v3/api.d.ts
CHANGED
|
@@ -25809,7 +25809,7 @@ export declare const AccessRequestsApiAxiosParamCreator: (configuration?: Config
|
|
|
25809
25809
|
*/
|
|
25810
25810
|
cancelAccessRequest: (cancelAccessRequest: CancelAccessRequest, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
|
|
25811
25811
|
/**
|
|
25812
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
25812
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
25813
25813
|
* @summary Submit access request
|
|
25814
25814
|
* @param {AccessRequest} accessRequest
|
|
25815
25815
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -25863,7 +25863,7 @@ export declare const AccessRequestsApiFp: (configuration?: Configuration) => {
|
|
|
25863
25863
|
*/
|
|
25864
25864
|
cancelAccessRequest(cancelAccessRequest: CancelAccessRequest, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<object>>;
|
|
25865
25865
|
/**
|
|
25866
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
25866
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
25867
25867
|
* @summary Submit access request
|
|
25868
25868
|
* @param {AccessRequest} accessRequest
|
|
25869
25869
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -25917,7 +25917,7 @@ export declare const AccessRequestsApiFactory: (configuration?: Configuration, b
|
|
|
25917
25917
|
*/
|
|
25918
25918
|
cancelAccessRequest(requestParameters: AccessRequestsApiCancelAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<object>;
|
|
25919
25919
|
/**
|
|
25920
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
25920
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
25921
25921
|
* @summary Submit access request
|
|
25922
25922
|
* @param {AccessRequestsApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
25923
25923
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -26071,7 +26071,7 @@ export declare class AccessRequestsApi extends BaseAPI {
|
|
|
26071
26071
|
*/
|
|
26072
26072
|
cancelAccessRequest(requestParameters: AccessRequestsApiCancelAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<object, any>>;
|
|
26073
26073
|
/**
|
|
26074
|
-
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token
|
|
26074
|
+
* >**Required scopes:** ORG_ADMIN requires idn:access-request:manage. USER level requires idn:access-request-self:manage (Personal Access Token only). Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
26075
26075
|
* @summary Submit access request
|
|
26076
26076
|
* @param {AccessRequestsApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
26077
26077
|
* @param {*} [axiosOptions] Override http request option.
|