sailpoint-api-client 1.7.16 → 1.7.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/beta/README.md +2 -2
- package/beta/api.ts +4 -4
- package/beta/common.ts +2 -2
- package/beta/package.json +1 -1
- package/dist/beta/api.d.ts +4 -4
- package/dist/beta/api.js +4 -4
- package/dist/beta/common.js +1 -1
- package/dist/v2024/api.d.ts +4 -4
- package/dist/v2024/api.js +4 -4
- package/dist/v2024/common.js +1 -1
- package/dist/v2025/api.d.ts +23 -27
- package/dist/v2025/api.js +16 -20
- package/dist/v2025/api.js.map +1 -1
- package/dist/v2025/common.js +1 -1
- package/dist/v2026/common.js +1 -1
- package/dist/v3/api.d.ts +4 -4
- package/dist/v3/api.js +4 -4
- package/dist/v3/common.js +1 -1
- package/package.json +1 -1
- package/v2024/README.md +2 -2
- package/v2024/api.ts +4 -4
- package/v2024/common.ts +2 -2
- package/v2024/package.json +1 -1
- package/v2025/README.md +2 -2
- package/v2025/api.ts +25 -29
- package/v2025/common.ts +2 -2
- package/v2025/package.json +1 -1
- package/v2026/README.md +2 -2
- package/v2026/common.ts +2 -2
- package/v2026/package.json +1 -1
- package/v3/README.md +2 -2
- package/v3/api.ts +4 -4
- package/v3/common.ts +2 -2
- package/v3/package.json +1 -1
package/v2025/api.ts
CHANGED
|
@@ -7469,13 +7469,13 @@ export interface ApprovalConfigV2025 {
|
|
|
7469
7469
|
*/
|
|
7470
7470
|
'tenantId'?: string;
|
|
7471
7471
|
/**
|
|
7472
|
-
* The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
7472
|
+
* The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
7473
7473
|
* @type {string}
|
|
7474
7474
|
* @memberof ApprovalConfigV2025
|
|
7475
7475
|
*/
|
|
7476
7476
|
'id'?: string;
|
|
7477
7477
|
/**
|
|
7478
|
-
* The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
7478
|
+
* The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
7479
7479
|
* @type {string}
|
|
7480
7480
|
* @memberof ApprovalConfigV2025
|
|
7481
7481
|
*/
|
|
@@ -55447,7 +55447,7 @@ export const AccessRequestsV2025ApiAxiosParamCreator = function (configuration?:
|
|
|
55447
55447
|
};
|
|
55448
55448
|
},
|
|
55449
55449
|
/**
|
|
55450
|
-
*
|
|
55450
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. >**Security:** idn:access-request:manage is for ORG_ADMIN level. idn:access-request-self:manage is for USER level. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
55451
55451
|
* @summary Submit access request
|
|
55452
55452
|
* @param {AccessRequestV2025} accessRequestV2025
|
|
55453
55453
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -55919,7 +55919,7 @@ export const AccessRequestsV2025ApiFp = function(configuration?: Configuration)
|
|
|
55919
55919
|
return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
|
|
55920
55920
|
},
|
|
55921
55921
|
/**
|
|
55922
|
-
*
|
|
55922
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. >**Security:** idn:access-request:manage is for ORG_ADMIN level. idn:access-request-self:manage is for USER level. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
55923
55923
|
* @summary Submit access request
|
|
55924
55924
|
* @param {AccessRequestV2025} accessRequestV2025
|
|
55925
55925
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -56080,7 +56080,7 @@ export const AccessRequestsV2025ApiFactory = function (configuration?: Configura
|
|
|
56080
56080
|
return localVarFp.closeAccessRequest(requestParameters.closeAccessRequestV2025, axiosOptions).then((request) => request(axios, basePath));
|
|
56081
56081
|
},
|
|
56082
56082
|
/**
|
|
56083
|
-
*
|
|
56083
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. >**Security:** idn:access-request:manage is for ORG_ADMIN level. idn:access-request-self:manage is for USER level. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
56084
56084
|
* @summary Submit access request
|
|
56085
56085
|
* @param {AccessRequestsV2025ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
56086
56086
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -56494,7 +56494,7 @@ export class AccessRequestsV2025Api extends BaseAPI {
|
|
|
56494
56494
|
}
|
|
56495
56495
|
|
|
56496
56496
|
/**
|
|
56497
|
-
*
|
|
56497
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. >**Security:** idn:access-request:manage is for ORG_ADMIN level. idn:access-request-self:manage is for USER level. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
56498
56498
|
* @summary Submit access request
|
|
56499
56499
|
* @param {AccessRequestsV2025ApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
56500
56500
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -59860,8 +59860,8 @@ export const ApprovalsV2025ApiAxiosParamCreator = function (configuration?: Conf
|
|
|
59860
59860
|
/**
|
|
59861
59861
|
* Deletes an approval configuration. Configurations at the APPROVAL_REQUEST scope cannot be deleted.
|
|
59862
59862
|
* @summary Delete Approval Configuration
|
|
59863
|
-
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
59864
|
-
* @param {DeleteApprovalConfigRequestScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
59863
|
+
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
59864
|
+
* @param {DeleteApprovalConfigRequestScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
59865
59865
|
* @param {*} [axiosOptions] Override http request option.
|
|
59866
59866
|
* @throws {RequiredError}
|
|
59867
59867
|
*/
|
|
@@ -60054,7 +60054,7 @@ export const ApprovalsV2025ApiAxiosParamCreator = function (configuration?: Conf
|
|
|
60054
60054
|
/**
|
|
60055
60055
|
* Retrieves a singular approval configuration that matches the given ID
|
|
60056
60056
|
* @summary Get Approval Config
|
|
60057
|
-
* @param {string} id The id of the object the config applies to, for example one of the following: [(approvalID), (roleID), (entitlementID), (accessProfileID),
|
|
60057
|
+
* @param {string} id The id of the object the config applies to, for example one of the following: [(approvalID), (roleID), (entitlementID), (accessProfileID), \"ENTITLEMENT_DESCRIPTIONS\", \"ACCESS_REQUEST_APPROVAL\", (tenantID)]
|
|
60058
60058
|
* @param {*} [axiosOptions] Override http request option.
|
|
60059
60059
|
* @throws {RequiredError}
|
|
60060
60060
|
*/
|
|
@@ -60140,8 +60140,8 @@ export const ApprovalsV2025ApiAxiosParamCreator = function (configuration?: Conf
|
|
|
60140
60140
|
/**
|
|
60141
60141
|
* Upserts a singular approval configuration that matches the given configID and configScope. If id and scope are not provided, it will default to setting the tenant config.
|
|
60142
60142
|
* @summary Put Approval Config
|
|
60143
|
-
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60144
|
-
* @param {PutApprovalsConfigScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60143
|
+
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60144
|
+
* @param {PutApprovalsConfigScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60145
60145
|
* @param {ApprovalConfigV2025} approvalConfigV2025
|
|
60146
60146
|
* @param {*} [axiosOptions] Override http request option.
|
|
60147
60147
|
* @throws {RequiredError}
|
|
@@ -60476,8 +60476,8 @@ export const ApprovalsV2025ApiFp = function(configuration?: Configuration) {
|
|
|
60476
60476
|
/**
|
|
60477
60477
|
* Deletes an approval configuration. Configurations at the APPROVAL_REQUEST scope cannot be deleted.
|
|
60478
60478
|
* @summary Delete Approval Configuration
|
|
60479
|
-
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60480
|
-
* @param {DeleteApprovalConfigRequestScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60479
|
+
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60480
|
+
* @param {DeleteApprovalConfigRequestScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60481
60481
|
* @param {*} [axiosOptions] Override http request option.
|
|
60482
60482
|
* @throws {RequiredError}
|
|
60483
60483
|
*/
|
|
@@ -60528,7 +60528,7 @@ export const ApprovalsV2025ApiFp = function(configuration?: Configuration) {
|
|
|
60528
60528
|
/**
|
|
60529
60529
|
* Retrieves a singular approval configuration that matches the given ID
|
|
60530
60530
|
* @summary Get Approval Config
|
|
60531
|
-
* @param {string} id The id of the object the config applies to, for example one of the following: [(approvalID), (roleID), (entitlementID), (accessProfileID),
|
|
60531
|
+
* @param {string} id The id of the object the config applies to, for example one of the following: [(approvalID), (roleID), (entitlementID), (accessProfileID), \"ENTITLEMENT_DESCRIPTIONS\", \"ACCESS_REQUEST_APPROVAL\", (tenantID)]
|
|
60532
60532
|
* @param {*} [axiosOptions] Override http request option.
|
|
60533
60533
|
* @throws {RequiredError}
|
|
60534
60534
|
*/
|
|
@@ -60554,8 +60554,8 @@ export const ApprovalsV2025ApiFp = function(configuration?: Configuration) {
|
|
|
60554
60554
|
/**
|
|
60555
60555
|
* Upserts a singular approval configuration that matches the given configID and configScope. If id and scope are not provided, it will default to setting the tenant config.
|
|
60556
60556
|
* @summary Put Approval Config
|
|
60557
|
-
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60558
|
-
* @param {PutApprovalsConfigScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60557
|
+
* @param {string} id The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60558
|
+
* @param {PutApprovalsConfigScopeV2025} scope The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60559
60559
|
* @param {ApprovalConfigV2025} approvalConfigV2025
|
|
60560
60560
|
* @param {*} [axiosOptions] Override http request option.
|
|
60561
60561
|
* @throws {RequiredError}
|
|
@@ -60844,15 +60844,15 @@ export interface ApprovalsV2025ApiCancelApprovalRequest {
|
|
|
60844
60844
|
*/
|
|
60845
60845
|
export interface ApprovalsV2025ApiDeleteApprovalConfigRequestRequest {
|
|
60846
60846
|
/**
|
|
60847
|
-
* The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60847
|
+
* The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60848
60848
|
* @type {string}
|
|
60849
60849
|
* @memberof ApprovalsV2025ApiDeleteApprovalConfigRequest
|
|
60850
60850
|
*/
|
|
60851
60851
|
readonly id: string
|
|
60852
60852
|
|
|
60853
60853
|
/**
|
|
60854
|
-
* The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
60855
|
-
* @type {'DOMAIN_OBJECT' | 'ROLE' | '
|
|
60854
|
+
* The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
60855
|
+
* @type {'DOMAIN_OBJECT' | 'ROLE' | 'ACCESS_PROFILE' | 'ENTITLEMENT' | 'APPROVAL_TYPE' | 'TENANT'}
|
|
60856
60856
|
* @memberof ApprovalsV2025ApiDeleteApprovalConfigRequest
|
|
60857
60857
|
*/
|
|
60858
60858
|
readonly scope: DeleteApprovalConfigRequestScopeV2025
|
|
@@ -60977,7 +60977,7 @@ export interface ApprovalsV2025ApiGetApprovalsRequest {
|
|
|
60977
60977
|
*/
|
|
60978
60978
|
export interface ApprovalsV2025ApiGetApprovalsConfigRequest {
|
|
60979
60979
|
/**
|
|
60980
|
-
* The id of the object the config applies to, for example one of the following: [(approvalID), (roleID), (entitlementID), (accessProfileID),
|
|
60980
|
+
* The id of the object the config applies to, for example one of the following: [(approvalID), (roleID), (entitlementID), (accessProfileID), \"ENTITLEMENT_DESCRIPTIONS\", \"ACCESS_REQUEST_APPROVAL\", (tenantID)]
|
|
60981
60981
|
* @type {string}
|
|
60982
60982
|
* @memberof ApprovalsV2025ApiGetApprovalsConfig
|
|
60983
60983
|
*/
|
|
@@ -61005,15 +61005,15 @@ export interface ApprovalsV2025ApiMoveApprovalRequest {
|
|
|
61005
61005
|
*/
|
|
61006
61006
|
export interface ApprovalsV2025ApiPutApprovalsConfigRequest {
|
|
61007
61007
|
/**
|
|
61008
|
-
* The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
61008
|
+
* The ID defined by the scope field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
61009
61009
|
* @type {string}
|
|
61010
61010
|
* @memberof ApprovalsV2025ApiPutApprovalsConfig
|
|
61011
61011
|
*/
|
|
61012
61012
|
readonly id: string
|
|
61013
61013
|
|
|
61014
61014
|
/**
|
|
61015
|
-
* The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE
|
|
61016
|
-
* @type {'DOMAIN_OBJECT' | 'ROLE' | '
|
|
61015
|
+
* The scope of the field, where [[id]]:[[scope]] is the following [[roleID]]:ROLE [[entitlementID]]:ENTITLEMENT [[accessProfileID]]:ACCESS_PROFILE ENTITLEMENT_DESCRIPTIONS:APPROVAL_TYPE ACCESS_REQUEST_APPROVAL:APPROVAL_TYPE [[tenantID]]:TENANT [[domainObjectID]]:DOMAIN_OBJECT
|
|
61016
|
+
* @type {'DOMAIN_OBJECT' | 'ROLE' | 'ACCESS_PROFILE' | 'ENTITLEMENT' | 'APPROVAL_TYPE' | 'TENANT'}
|
|
61017
61017
|
* @memberof ApprovalsV2025ApiPutApprovalsConfig
|
|
61018
61018
|
*/
|
|
61019
61019
|
readonly scope: PutApprovalsConfigScopeV2025
|
|
@@ -61306,12 +61306,10 @@ export class ApprovalsV2025Api extends BaseAPI {
|
|
|
61306
61306
|
export const DeleteApprovalConfigRequestScopeV2025 = {
|
|
61307
61307
|
DomainObject: 'DOMAIN_OBJECT',
|
|
61308
61308
|
Role: 'ROLE',
|
|
61309
|
-
Application: 'APPLICATION',
|
|
61310
61309
|
AccessProfile: 'ACCESS_PROFILE',
|
|
61311
61310
|
Entitlement: 'ENTITLEMENT',
|
|
61312
61311
|
ApprovalType: 'APPROVAL_TYPE',
|
|
61313
|
-
Tenant: 'TENANT'
|
|
61314
|
-
Source: 'SOURCE'
|
|
61312
|
+
Tenant: 'TENANT'
|
|
61315
61313
|
} as const;
|
|
61316
61314
|
export type DeleteApprovalConfigRequestScopeV2025 = typeof DeleteApprovalConfigRequestScopeV2025[keyof typeof DeleteApprovalConfigRequestScopeV2025];
|
|
61317
61315
|
/**
|
|
@@ -61320,12 +61318,10 @@ export type DeleteApprovalConfigRequestScopeV2025 = typeof DeleteApprovalConfigR
|
|
|
61320
61318
|
export const PutApprovalsConfigScopeV2025 = {
|
|
61321
61319
|
DomainObject: 'DOMAIN_OBJECT',
|
|
61322
61320
|
Role: 'ROLE',
|
|
61323
|
-
Application: 'APPLICATION',
|
|
61324
61321
|
AccessProfile: 'ACCESS_PROFILE',
|
|
61325
61322
|
Entitlement: 'ENTITLEMENT',
|
|
61326
61323
|
ApprovalType: 'APPROVAL_TYPE',
|
|
61327
|
-
Tenant: 'TENANT'
|
|
61328
|
-
Source: 'SOURCE'
|
|
61324
|
+
Tenant: 'TENANT'
|
|
61329
61325
|
} as const;
|
|
61330
61326
|
export type PutApprovalsConfigScopeV2025 = typeof PutApprovalsConfigScopeV2025[keyof typeof PutApprovalsConfigScopeV2025];
|
|
61331
61327
|
|
package/v2025/common.ts
CHANGED
|
@@ -147,9 +147,9 @@ export const createRequestFunction = function (axiosArgs: RequestArgs, globalAxi
|
|
|
147
147
|
return <T = unknown, R = AxiosResponse<T>>(axios: AxiosInstance = globalAxios, basePath: string = BASE_PATH) => {
|
|
148
148
|
axiosRetry(axios, configuration.retriesConfig)
|
|
149
149
|
const headers = {
|
|
150
|
-
...{'User-Agent':'OpenAPI-Generator/1.7.
|
|
150
|
+
...{'User-Agent':'OpenAPI-Generator/1.7.18/ts'},
|
|
151
151
|
...axiosArgs.axiosOptions.headers,
|
|
152
|
-
...{'X-SailPoint-SDK':'typescript-1.7.
|
|
152
|
+
...{'X-SailPoint-SDK':'typescript-1.7.18'}
|
|
153
153
|
}
|
|
154
154
|
|
|
155
155
|
if(!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|
package/v2025/package.json
CHANGED
package/v2026/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
## sailpoint-sdk@1.7.
|
|
1
|
+
## sailpoint-sdk@1.7.18
|
|
2
2
|
|
|
3
3
|
This generator creates TypeScript/JavaScript client that utilizes [axios](https://github.com/axios/axios). The generated Node module can be used in the following environments:
|
|
4
4
|
|
|
@@ -36,7 +36,7 @@ navigate to the folder of your consuming project and run one of the following co
|
|
|
36
36
|
_published:_
|
|
37
37
|
|
|
38
38
|
```
|
|
39
|
-
npm install sailpoint-sdk@1.7.
|
|
39
|
+
npm install sailpoint-sdk@1.7.18 --save
|
|
40
40
|
```
|
|
41
41
|
|
|
42
42
|
_unPublished (not recommended):_
|
package/v2026/common.ts
CHANGED
|
@@ -147,9 +147,9 @@ export const createRequestFunction = function (axiosArgs: RequestArgs, globalAxi
|
|
|
147
147
|
return <T = unknown, R = AxiosResponse<T>>(axios: AxiosInstance = globalAxios, basePath: string = BASE_PATH) => {
|
|
148
148
|
axiosRetry(axios, configuration.retriesConfig)
|
|
149
149
|
const headers = {
|
|
150
|
-
...{'User-Agent':'OpenAPI-Generator/1.7.
|
|
150
|
+
...{'User-Agent':'OpenAPI-Generator/1.7.18/ts'},
|
|
151
151
|
...axiosArgs.axiosOptions.headers,
|
|
152
|
-
...{'X-SailPoint-SDK':'typescript-1.7.
|
|
152
|
+
...{'X-SailPoint-SDK':'typescript-1.7.18'}
|
|
153
153
|
}
|
|
154
154
|
|
|
155
155
|
if(!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|
package/v2026/package.json
CHANGED
package/v3/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
## sailpoint-sdk@1.7.
|
|
1
|
+
## sailpoint-sdk@1.7.18
|
|
2
2
|
|
|
3
3
|
This generator creates TypeScript/JavaScript client that utilizes [axios](https://github.com/axios/axios). The generated Node module can be used in the following environments:
|
|
4
4
|
|
|
@@ -36,7 +36,7 @@ navigate to the folder of your consuming project and run one of the following co
|
|
|
36
36
|
_published:_
|
|
37
37
|
|
|
38
38
|
```
|
|
39
|
-
npm install sailpoint-sdk@1.7.
|
|
39
|
+
npm install sailpoint-sdk@1.7.18 --save
|
|
40
40
|
```
|
|
41
41
|
|
|
42
42
|
_unPublished (not recommended):_
|
package/v3/api.ts
CHANGED
|
@@ -27366,7 +27366,7 @@ export const AccessRequestsApiAxiosParamCreator = function (configuration?: Conf
|
|
|
27366
27366
|
};
|
|
27367
27367
|
},
|
|
27368
27368
|
/**
|
|
27369
|
-
*
|
|
27369
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
27370
27370
|
* @summary Submit access request
|
|
27371
27371
|
* @param {AccessRequest} accessRequest
|
|
27372
27372
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -27603,7 +27603,7 @@ export const AccessRequestsApiFp = function(configuration?: Configuration) {
|
|
|
27603
27603
|
return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
|
|
27604
27604
|
},
|
|
27605
27605
|
/**
|
|
27606
|
-
*
|
|
27606
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
27607
27607
|
* @summary Submit access request
|
|
27608
27608
|
* @param {AccessRequest} accessRequest
|
|
27609
27609
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -27683,7 +27683,7 @@ export const AccessRequestsApiFactory = function (configuration?: Configuration,
|
|
|
27683
27683
|
return localVarFp.cancelAccessRequest(requestParameters.cancelAccessRequest, axiosOptions).then((request) => request(axios, basePath));
|
|
27684
27684
|
},
|
|
27685
27685
|
/**
|
|
27686
|
-
*
|
|
27686
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
27687
27687
|
* @summary Submit access request
|
|
27688
27688
|
* @param {AccessRequestsApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
27689
27689
|
* @param {*} [axiosOptions] Override http request option.
|
|
@@ -27863,7 +27863,7 @@ export class AccessRequestsApi extends BaseAPI {
|
|
|
27863
27863
|
}
|
|
27864
27864
|
|
|
27865
27865
|
/**
|
|
27866
|
-
*
|
|
27866
|
+
* Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes. :::info The ability to request access using this API is constrained by the Access Request Segments defined in the API token\'s user context. ::: Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it does not return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected. It is best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, without changing the account details or end date information from the existing assignment, the API will cancel the request as a duplicate. There are two types of access request: __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options. * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source. :::caution If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. ::: __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` to add or alter a sunset date and time on an assignment. The `removeDate` must be a future date-time, in the UTC timezone. If the user already has the access assigned with a sunset date and time, the removeDate must be a date-time earlier than the existing sunset date and time. * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. These fields should be used within the \'requestedItems\' section for the revoke requests. * Usage of \'requestedForWithRequestedItems\' field is not supported for revoke requests.
|
|
27867
27867
|
* @summary Submit access request
|
|
27868
27868
|
* @param {AccessRequestsApiCreateAccessRequestRequest} requestParameters Request parameters.
|
|
27869
27869
|
* @param {*} [axiosOptions] Override http request option.
|
package/v3/common.ts
CHANGED
|
@@ -147,9 +147,9 @@ export const createRequestFunction = function (axiosArgs: RequestArgs, globalAxi
|
|
|
147
147
|
return <T = unknown, R = AxiosResponse<T>>(axios: AxiosInstance = globalAxios, basePath: string = BASE_PATH) => {
|
|
148
148
|
axiosRetry(axios, configuration.retriesConfig)
|
|
149
149
|
const headers = {
|
|
150
|
-
...{'User-Agent':'OpenAPI-Generator/1.7.
|
|
150
|
+
...{'User-Agent':'OpenAPI-Generator/1.7.18/ts'},
|
|
151
151
|
...axiosArgs.axiosOptions.headers,
|
|
152
|
-
...{'X-SailPoint-SDK':'typescript-1.7.
|
|
152
|
+
...{'X-SailPoint-SDK':'typescript-1.7.18'}
|
|
153
153
|
}
|
|
154
154
|
|
|
155
155
|
if(!configuration.experimental && ("X-SailPoint-Experimental" in headers)) {
|