Download SailPoint IdentityIQ API and more Slides Innovation in PDF only on Docsity!
Introduction
Welcome to the SailPoint IdentityIQ API! The IdentityIQ API provides access to the IdentityIQ platform, allowing new opportunities for
expanded innovation. The IdentityIQ API is standards- based, built upon the RESTful SCIM 2. 0 specification. You can use our API to
access IdentityIQ API endpoints, which allows you to programmatically interact with objects within IdentityIQ.
If you are looking for a SCIM connector, SailPoint offers both a SCIM 1. 1 connector and a SCIM 2. 0 connector. Please see Compass
for more details on connectivity.
Getting Started
1. Read the IdentityIQ API Terms of Use
2. If you are unfamiliar with the SCIM 2. 0 specification, or need a refresher, we suggest you start here: SCIM Overview.
3. Ensure you have IdentityIQ 7. 0 Patch 2 or later versions installed.
4. Read our documentation. All you have to do is keep scrolling!
5. Participate on the forums. Ask questions, read about requested and upcoming functionality, and provide assistance to others.
6. Send us feedback! We want to hear from you.
Endpoint Availability
Endpoint IdentityIQ Version
Core Schema 7. 0 Patch 2 and later
/Users 7. 0 Patch 2 and later
/Applications 7. 1 and later
/Accounts 7. 1 and later
/Entitlements 7. 1 and later
/Roles 7. 1 and later
/PolicyViolations 7. 2 and later
/CheckedPolicyViolations 7. 2 and later
Endpoint IdentityIQ Version
/Workflows 7. 2 and later
/LaunchedWorkflows 7. 2 and later
/TaskResults 7. 2 and later
SCIM Protocol
SCIM stands for System for Cross-Domain Identity Management, and it is an HTTP-based protocol that makes managing identities in
multi-domain scenarios easier to support through a standardized RESTful API service. It provides a platform neutral schema and
extension model for representing users, groups and other resource types in JSON format.
The core schema consists of five resource types, as described below:
Resource Type Endpoint Description Supported
Methods
User /Users Various attributes to describe the identity G DEETL,E^ PTUET,^ POST,
Group /Groups Currently not supported N/A
Service Provider
Configuration /ServiceProviderConfig^
Provides SCIM specification features and
implementation details to clients GET
Resource Types /ResourceTypes
Defines attributes and metadata on supported resource
types GET
Schemas /Schemas Schema definitions and attributes for all schemas GET
Supported HTTP Methods
GET POST PUT DELETE
Authentication
Basic Authentication
Beginning in IdentityIQ version 7. 0 , Patch 2 , Basic Authentication is used to allow access to the API. Basic authentication is a simple
technique for enforcing access controls to API resoureces because it doesn’t require session IDs, cookies, or login pages but instead
uses standard fields in the HTTP header. For more information on Basic authentication, please see
https://tools.ietf.org/html/rfc 1945 #section- 11 and https://www.ietf.org/rfc/rfc 2617 .txt. Support for Basic Authentication will continue to
exist in future releases.
OAuth 2. 0
"schemas": [ "urn:ietf:params:scim:schemas:core: 2. 0 :ServiceProviderConfig" ], "etag": { "supported": true }, "sort": { "supported": true }, "bulk": { "maxPayloadSize": 0 , "maxOperations": 0 , "supported": false }, "changePassword": { "supported": true } }
The SCIM 2. 0 protocol provides a schema that represents the service provider’s configuration. The service provider configuration
gives the developer SCIM 2. 0 specifications and additional implementation details in a standardized format. It is recommended that
first time users make a call to /ServiceProviderConfig before using other endpoints. /ServiceProviderConfig is read-only and does not
require any authentication.
HTTP REQUEST
GET http://example.com/identityIQ/scim/v 2 /ServiceProviderConfig
RESPONSE FORMAT
Parameter Description Default Value Configurable
documentationURI
An HTTP-
addressable URL
pointing to the
service provider’s
human-consumable
help documentation.
https://community.sailpoint.com/community/identityiq/product-
downloads No
patch
A complex type that
specifies whether
the operation is
supported.
‘supported’ is a
boolean value
indicating support
for patch.
False No
bulk
A complete type that
specifies bulk
configuration
options. 'supported’
is a boolean value
indicating support
for bulk.
maxOperations and
maxPayloadSize
further specify bulk
constraints
False No
filter
A complex type that
specifies filter
options. 'supported’
is a boolean value
indicating support
for filter. maxResults
is an integer
specifying the
maximum # of
results returned.
True - 1000 Max Yes
Parameter Description Default Value Configurable
changePassword
A complex type that
specifies password
change options.
'supported’ is a
boolean value
indicating support
for password
change.
True No
sort
A complex type that
specifies sort
options. 'supported’
is a boolean value
indicating support
for sort.
True No
etag
A complex type that
specifies ETag
options. 'supported’
is a boolean value
indicating support
for ETag.
True No
authenticationSchemes
(multi-valued)
A multi-valued
complex type that
specifies supported
authentication
scheme
properties.The
following sub-
attributes have been
defined: type, name,
description, specUri,
and
documentationUri.
HTTP Basic (OAuth 2. 0 Support coming) No
/Schemas
Sample Request
curl - u ":" "http://localhost: 8080 /iiq/scim/v 2 /Schemas"
Sample Response (JSON)
"meta": { "location": "", "version": "", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core: 2. 0 :Schema" ], "name": "SailPoint User", "description": "Additional attributes of the SailPoint User", "attributes": [ { "uniqueness": "none", "name": "entitlements", "description": "extended attribute description", "mutability": "readOnly",
"schemas": [ "urn:ietf:params:scim:schemas:core: 2. 0 :ResourceType" ], "name": "User", "description": "User Account", "schemaExtensions": [ { "schema": "urn:ietf:params:scim:schemas:extension:enterprise: 2. 0 :User", "required": true }, { "schema": "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User", "required": true } ], "id": "User" } ] }
The /ResourceType endpoint provides metadata and details for endpoints. This includes information such as an resource ID, name,
description, endpoint, base URI, schemas and schema extensions. /ResourceTypes is read-only.
HTTP REQUEST
GET http://example.com/identityIQ/scim/v 2 /ResourceTypes
RESPONSE FORMAT
Parameter Description
id Resource type’s server unique id
name Name of resource type
description Human-readable description of resource type
endpoint The HTTP-addressable endpoint
schema The primary/base schema URI. URI MUST match the id associated with the Schema resource.
schemaExtensions A list of URIs for the resource types extentions.
Identity (/users)
The Identity endpoint allows implementors full read, write, and delete capabilities to the Identities within IdentityIQ. The Identity
resource has most SCIM parameters and has been extended to support parameters that are specific to IdentityIQ. The API supports
getting one or more identities, updating an identity, setting a password, deleting an identity and many other usecases. Please continue
reading below for additional information.
RESPONSE FORMAT
Parameter Description
Schema
(SCIM or
Extended)
id Unique alpha-numeric ID of the identity SCIM
externalId An identifier for the resource as defined by the provisioning client SCIM
userName
Unique identifier for the User typically used by the user to directly authenticate to the service
provider SCIM
Parameter Description
Schema
(SCIM or
Extended)
name Supports^ formatted,^ familyName^ (last^ name),^ middleName,^ honorificPrefix,^ honorificSuffix,^ and
given (first) name
SCIM
displayName The user’s display name SCIM
active Boolean status of identity. (Active/Inactive) SCIM
password
The User’s clear text password. This attribute is intended to be used as a means to specify an
initial password when creating a new User or to reset an existing User’s password. SCIM
emails Email address of user SCIM
entitlements Entitlements on source system. Entitlements are not returned by default. Extended
roles Role(s) of the user Extended
capabilities Users’ capabilities. I.E. System Administrator Extended
riskScore Composite risk score of a user Extended
isManager Is this user a manager? Extended
lastRefresh When was the last time this user was refreshed? Extended
manager The user’s manager, referencing the 'id’ attribute of another User Extended
Get All Identities
Sample Request
curl - u ":" "http://localhost: 8080 /iiq/scim/v 2 /Users"
Sample Response (in JSON)
"totalResults": 2 , "startIndex": 1 , "schemas": [ "urn:ietf:params:scim:api:messages: 2. 0 :ListResponse" ], "Resources": [ { "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User": { "entitlements": [], "capabilities": [ "SystemAdministrator" ], "roles": [], "isManager": false }, "emails": [ { "type": "work", "value": "spadmin@sailpointdemo.com", "primary": "true" } ], "displayName": "The Administrator",
Get Identity with Roles & Entitlements
Sample Request
curl - u ":" "http://localhost: 8080 /identityiq/scim/v 2 /Users/andy.dwyer?attributes=userName,urn:ietf:params:scim:schemas:extension:enterprise: 2. 0 :User:manager,urn:ietf:params
This endpoint retrieves a specific identity and its role and entitlement information.
HTTP REQUEST
http://localhost: 8080 /identityiq/scim/v 2 /Users/andy.dwyer?attributes=userName,urn:ietf:params:scim:schemas:extension:enter‐
prise: 2. 0 :User:manager,urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User:entitlements,urn:ietf:params:scim:schemas:sailpoint:
1. 0 :User:roles
Filter Identities
Sample Request
curl - u ":" "http://localhost: 8080 /iiq/scim/v 2 /Users?filter=urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User:capabilities eq "SCIMExecutor"&sortBy=displayName"
This endpoint retrieves identities that meet the filter criteria as specified in the request.
HTTP REQUEST
GET http://localhost: 8080 /iiq/scim/v 2 /Users?filter=urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User:capabilities eq "SCIMEx‐
ecutor"&sortBy=displayName
Create an Identity
Sample Request
curl - X POST - u ":" - H "Content-Type: application/scim+json"
- d ' { "userName": "mouseRat", "name": { "familyName":"Dwyer", "givenName":"Andy", "displayName":"Andy Dwyer"}, "active": true, "password": "xyzzy", "capabilities": "SystemAdministrator" } ' "http://localhost: 8080 /iiq/scim/v 2 /Users/"
This request creates a single, new identity using the parameters passed in the request.
HTTP REQUEST
POST http://localhost: 8080 /iiq/scim/v 2 /Users/
Edit an Identity
Sample Request
curl - X PUT - u ":"
- d ' { "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User": { }, "emails": [ { "type": "work", "value": "spadmin@sailpointdemo.com", "primary": "true" } ], "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User", "urn:ietf:params:scim:schemas:core: 2. 0 :User", "urn:ietf:params:scim:schemas:extension:enterprise: 2. 0 :User" ], "name": { "formatted": "Andy Dwyer", "familyName": "Dwyer", "givenName": "Andrew" }, "active": true, "userName": "mouseRat", "password": "xyzzy" } ' "http://localhost: 8080 /iiq/scim/v 2 /Users/ 2 c 909180534353 fe 0153574354 ea 0104 "
Sample Response (in JSON)
"urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User":{ "entitlements":[ ], "capabilities":[ ], "roles":[ ], "isManager":false }, "emails":[ { "type":"work", "value":"spadmin@sailpointdemo.com", "primary":"true" } ], "displayName":"Andrew Dywer", "meta":{ "created":" 2016 - 03 - 08 T 11 : 25 : 43. 786 - 06 : 00 ", "location":"http://localhost: 8080 /iiq/scim/v 2 /Users/ 2 c 909180534353 fe 0153574354 ea 0104 ", "lastModified":" 2016 - 03 - 08 T 12 : 04 : 40. 111 - 06 : 00 ", "version":"W/" 1457460280111 "", "resourceType":"User" }, "schemas":[ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :User", "urn:ietf:params:scim:schemas:core: 2. 0 :User", "urn:ietf:params:scim:schemas:extension:enterprise: 2. 0 :User" ], "name":{ "formatted":"Andrew Dywer", "familyName":"Dywer", "givenName":"Andrew" }, "active":true, "id":" 2 c 909180534353 fe 0153574354 ea 0104 ",
Get a Single Application
This request is used to get application details when creating, editing, or deleting an account for an identity. To get application
information using this request, the application id MUST be included.
Sample Request
curl - u ":" "http://localhost: 8080 /iiq/scim/v 2 /Applications/"
Sample Response (in JSON)
"id": " 2 c 9084 ee 5571 ab 87015571 ac 44810319 ", "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application" ], "identAttr": {}, "applicationSchemas": [ { "value": " 2 c 9084 ee 5571 ab 87015571 ac 4482031 b", "$ref": "http://localhost: 8080 /iiq/scim/v 2 /Schemas/urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ee 5571 ab 87015571 ac 4482031 b", "type": "account" } ], "name": "HR_Employees", "features": [ "DIRECT_PERMISSIONS", "NO_RANDOM_ACCESS", "DISCOVER_SCHEMA" ], "owner": { "value": " 2 c 9084 ee 5571 ab 87015571 ac 426 d 0316 ", "$ref": "http://localhost: 8080 /iiq/scim/v 2 /Users/ 2 c 9084 ee 5571 ab 87015571 ac 426 d 0316 ", "displayName": "HR_Employees App Owners" }, "type": "Delimited File Parsing Connector", "meta": { "lastModified": " 2016 - 06 - 21 T 01 : 42 : 49. 362 - 05 : 00 ", "created": " 2016 - 06 - 21 T 01 : 36 : 03. 074 - 05 : 00 ", "location": "http://localhost: 8080 /iiq/scim/v 2 /Applications/ 2 c 9084 ee 5571 ab 87015571 ac 44810319 ", "resourceType": "Application", "version": "W/" 1466491369362 "" } }
HTTP REQUEST
GET http://localhost: 8080 /iiq/scim/v 2 /Applications/
Accounts (/accounts)
The Accounts resource allows for retrieving, updating, and deleting of accounts on target systems.
Parameter Description
id The unique identifier for the Account object associated with IdentityIQ
nativeIdentity The Account unique identifier associated with the native application
Parameter Description
displayName The name of the Account, suitable for display to end-users
instance The instance identifier of the Account
uuid The UUID of the Account
password T rehteu^ rpnaesswd ord^ of^ the^ account,^ used^ in^ creating^ or^ changing^ an^ account^ password.^ Write-only,^ and^ never
lastRefresh The last refresh date of the Account
lastTargetAggregation The date aggregation was last targeted of the Account
manuallyCorrelated Flag to indicate this account has been manually correlated in the UI
hasEntitlements Flag to indicate this account has one or more entitlement attributes
identity The corresponding User object of the Account
application The corresponding Application object of the Account
inactive The status of the account
Get All Accounts
The request retrieves all accounts for all identities within IdentityIQ.
Sample Request
curl - u ":" "http://localhost: 8080 /iiq/scim/v 2 /Accounts"
Sample Response (in JSON)
"id": " 2 c 9084 ee 5576 d 46 f 015576 d 4 a 7620003 ", "identity": { "value": " 2 c 9084 ee 5576 d 164015576 d 271 be 05 f 4 ", "$ref": "http://localhost: 8080 /iiq/scim/v 2 /Users/ 2 c 9084 ee 5576 d 164015576 d 271 be 05 f 4 ", "displayName": "James Smith" }, "hasEntitlements": false, "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account", "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ee 5576 d 164015576 d 20 b 60031 b" ], "manuallyCorrelated": false, "application": { "value": " 2 c 9084 ee 5576 d 164015576 d 20 b 5 f 0319 ", "$ref": "http://localhost: 8080 /iiq/scim/v 2 /Applications/ 2 c 9084 ee 5576 d 164015576 d 20 b 5 f 0319 ", "displayName": "HR_Employees" }, "nativeIdentity": " 1 a", "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ee 5576 d 164015576 d 20 b 60031 b": { "employeeId": " 1 a", "region": "Americas", "lastName": "Smith", "email": "James.Smith@demoexample.com", "location": "Austin", "department": "Executive Management", "managerId": "NULL",
"L 08 ",
"L 09 "
],
"inactiveIdentity": "FALSE", "fullName": "James.Smith", "firstName": "James" }, "lastRefresh": " 2016 - 06 - 22 T 01 : 38 : 15. 917 - 05 : 00 ", "displayName": "James.Smith", "meta": { "location": "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 5576 d 46 f 015576 d 4 a 7620003 ", "resourceType": "Account", "version": "W/" 1466577495995 "" } }
HTTP REQUEST
GET http://localhost: 8080 /iiq/scim/v 2 /Accounts/accountID
Filter Accounts
This request retrieves accounts that meet the filter criteria. The following fields are filterable or searchable: displayName, lastRefresh,
nativeIdentity, uuid, lastTargetAgg, identity, and application. Search on application schema specific attributes is not supported.
Sample Request
curl - u ":" "http://localhost: 8080 /iiq/scim/v 2 /Accounts?attributes=displayName&filter=(displayName co "Smith")"
Sample Response (in JSON)
"schemas": [ "urn:ietf:params:scim:api:messages: 2. 0 :ListResponse" ], "startIndex": 1 , "totalResults": 5 , "Resources": [ { "id": " 2 c 9084 ee 5576 d 46 f 015576 d 62 cce 0 fdd", "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account" ], "nativeIdentity": "CN=James Smith,OU=Austin,OU=Americas,OU=DemoData,DC=test,DC=sailpoint,DC=com", "displayName": "James Smith", "meta": { "location": "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 5576 d 46 f 015576 d 62 cce 0 fdd", "resourceType": "Account", "version": "W/" 1466577595603 "" } }, { "id": " 2 c 9084 ee 5576 d 46 f 015576 d 4 a 7620003 ", "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account" ], "nativeIdentity": " 1 a", "displayName": "James.Smith", "meta": { "location": "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 5576 d 46 f 015576 d 4 a 7620003 ", "resourceType": "Account", "version": "W/" 1466577495995 "" } },
"id": " 2 c 9084 ee 5576 d 46 f 015576 d 5 f 31 d 0 e 98 ", "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account" ], "nativeIdentity": "CN=James Smith,OU=Austin,OU=Americas,OU=DemoData,DC=test,DC=sailpoint,DC=com", "displayName": "James.Smith", "meta": { "location": "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 5576 d 46 f 015576 d 5 f 31 d 0 e 98 ", "resourceType": "Account", "version": "W/" 1466577648646 "" } }, { "id": " 2 c 9084 ee 5576 d 46 f 015576 d 6689 a 1103 ", "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account" ], "nativeIdentity": " 1 a", "displayName": "James.Smith", "meta": { "location": "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 5576 d 46 f 015576 d 6689 a 1103 ", "resourceType": "Account", "version": "W/" 1466577648646 "" } }, { "id": " 2 c 9084 ee 5576 d 46 f 015576 d 525 d 408 ad", "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account" ], "nativeIdentity": " 100 ", "displayName": "JamesSmith", "meta": { "location": "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 5576 d 46 f 015576 d 525 d 408 ad", "resourceType": "Account", "version": "W/" 1466577648646 "" } } ] }
HTTP REQUEST
http://localhost: 8080 /iiq/scim/v 2 /Accounts?attributes=displayName&filter=(displayName co "Smith")
Create an Account
This request is a basic request that creates an Active Directory account. Account creation depends greatly on the application schema,
so requests must be modified accordingly.
** Sample Request**
curl - X POST - u ":" - H "Content-Type: application/scim+json" { "identity": { "value": " 2 c 9091 cb 5512 cd 85015512 d 0071 f 001 f" }, "application": { "value": " 2 c 9091 cb 5512 cd 85015512 ce 25150004 ", }, "nativeIdentity": "CN=James 3 Smith 3 ,OU=OrganzationalGroup 2 ,OU=OrganzationalGroup 1 ,OU=JamesSmith,DC=test,DC=sailpoint,DC=com", "displayName": "James.Smith", "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9091 cb 5512 cd 85015512 ce 25240006 ": { "sn": "Smith 3 ", "cn": "James 3 Smith 3 ", "department": "Accounting",
"displayName": "HR_Employees", "value": " 2 c 9084 ce 4 ce 3093 a 014 ce 30966270026 ", "$ref": "http://moonraker.test.sailpoint.com: 8082 /identityiq/scim/v 2 /Applications/ 2 c 9084 ce 4 ce 3093 a 014 ce 30966270026 " }, "identity": { "displayName": "Mary Johnson", "value": " 2 c 9084 ce 4 ce 3093 a 014 ce 3096878002 a", "$ref": "http://moonraker.test.sailpoint.com: 8082 /identityiq/scim/v 2 /Users/ 2 c 9084 ce 4 ce 3093 a 014 ce 3096878002 a" }, "meta": { "created": " 2015 - 04 - 22 T 16 : 30 : 17. 760 - 05 : 00 ", "location": "http://moonraker.test.sailpoint.com: 8082 /identityiq/scim/v 2 /Accounts/ 2 c 9084 ce 4 ce 309 ba 014 ce 309 e 1200005 ", "lastModified": " 2015 - 04 - 22 T 16 : 30 : 17. 776 - 05 : 00 ", "version": "W/" 1429738217776 "", "resourceType": "Account" }, "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account", "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ce 4 ce 3093 a 014 ce 30966270027 " ], "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ce 4 ce 3093 a 014 ce 30966270027 ": { "inactiveIdentity": "FALSE", "firstName": "Mary", "lastName": "Johnson", "jobtitle": "Global Infrastructure Manager", "fullName": "Mary.Johnson", "employeeId": " 1 a 2 a", "location": "Austin", "managerId": " 1 a", "department": "Regional Operations", "region": "Americas", "costcenter": [ "R 03 ", "L 07 " ], "email": "Mary.Johnson@demoexample.com" }, "hasEntitlements": false, "id": " 2 c 9084 ce 4 ce 309 ba 014 ce 309 e 1200005 ", "locked": false }
HTTP REQUEST
PUT https://localhost: 8080 /iiq/scim/v 2 /Accounts/
Change Account Password
This request is used to change or reset a password for an account. In this example, Mary Johnson’s account password is changed to
“passwordSwordfish”. Please note, the password attribute is not returned in the GET response, so the attribute must be added to the
body.
** Sample Request**
curl - X PUT - u ":" - H "Content-Type: application/scim_json" { "password": "passwordSwordfish", "lastRefresh": " 2015 - 04 - 22 T 16 : 30 : 17. 760 - 05 : 00 ", "displayName": "Mary.Johnson", "active": false, "manuallyCorrelated": false, "nativeIdentity": " 1 a 2 a", "application": { "displayName": "HR_Employees", "value": " 2 c 9084 ce 4 ce 3093 a 014 ce 30966270026 ", "$ref": "http://moonraker.test.sailpoint.com: 8082 /identityiq/scim/v 2 /Applications/ 2 c 9084 ce 4 ce 3093 a 014 ce 30966270026 " },
"identity": { "displayName": "Mary Johnson", "value": " 2 c 9084 ce 4 ce 3093 a 014 ce 3096878002 a", "$ref": "http://moonraker.test.sailpoint.com: 8082 /identityiq/scim/v 2 /Users/ 2 c 9084 ce 4 ce 3093 a 014 ce 3096878002 a" }, "meta": { "created": " 2015 - 04 - 22 T 16 : 30 : 17. 760 - 05 : 00 ", "location": "http://moonraker.test.sailpoint.com: 8082 /identityiq/scim/v 2 /Accounts/ 2 c 9084 ce 4 ce 309 ba 014 ce 309 e 1200005 ", "lastModified": " 2015 - 04 - 22 T 16 : 30 : 17. 776 - 05 : 00 ", "version": "W/" 1429738217776 "", "resourceType": "Account" }, "schemas": [ "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Account", "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ce 4 ce 3093 a 014 ce 30966270027 " ], "urn:ietf:params:scim:schemas:sailpoint: 1. 0 :Application:Schema: 2 c 9084 ce 4 ce 3093 a 014 ce 30966270027 ": { "inactiveIdentity": "FALSE", "firstName": "Mary", "lastName": "Johnson", "jobtitle": "Global Infrastructure Manager", "fullName": "Mary.Johnson", "employeeId": " 1 a 2 a", "location": "Austin", "managerId": " 1 a", "department": "Regional Operations", "region": "Americas", "costcenter": [ "R 03 ", "L 07 " ], "email": "Mary.Johnson@demoexample.com" }, "hasEntitlements": false, "id": " 2 c 9084 ce 4 ce 309 ba 014 ce 309 e 1200005 ", "locked": false }
HTTP REQUEST
PUT https://localhost: 8080 /iiq/scim/v 2 /Accounts/
Delete Account
This request is used to delete a valid account on a target application for a given identity. In this example, Adam Kennedy’s Active
Directory account is deleted, preventing Adam from accessing the application in the future.
** Sample Request**
curl - X DELETE - u ":" - H "Content-Type: application/scim_json" "http://localhost: 8080 /iiq/scim/v 2 /Accounts/ 2 c 9084 ee 56 c 0905 f 0156 c 090 b 4 d 800 b 8 "
HTTP REQUEST
DELETE http://localhost: 8080 /iiq/scim/v 2 /Accounts/
Entitlements (/Entitlements)
The Entitlement resource allows for getting entitlements within IdentityIQ.
