Grip Security

the grip security connector enables seamless integration with the grip security platform, allowing for efficient management and automation of security tasks related to saas applications grip security offers a comprehensive saas management platform that enhances visibility and control over saas applications this connector enables swimlane turbine users to manage access revocation, workflow cancellations, label management, and user information retrieval directly within the security automation workflows by integrating with grip security, users can streamline saas security operations, enforce compliance, and respond to incidents more efficiently, leveraging the extensive capabilities of the swimlane turbine platform limitations none to date prerequisites to effectively utilize the grip security connector within the swimlane turbine platform, ensure you have the following prerequisites in place api key authentication with the following parameters url the endpoint url for the grip security api access token your personal access token for authenticating api requests capabilities this connector provides the following capabilities cancel access revocation cancel justification request cancel workflow by workflow run id create label delete label delete user label get access revocation status get alert get alert v2 get justification request link get justification request status get saas get saas applications for user get saas id get saas user and so on cancel access revocation stop the process of employee access revocation grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/7a10116c1a37d cancel access revocation ) cancel justification request cancels an open justification request the request can be canceled using its unique request id grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/0d815514796ab cancel justification request ) cancel workflow by workflow run id cancel a workflow run by the workflow run id grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/ef1137e9ca34d cancel workflow by workflow run id ) create label creates label for the given saas id grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/d97d503037a4b create label ) delete label deletes a specified label from a saas application within grip security using the saas id and label provided grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/a414a861ee6ec delete label ) delete a user label delete a specific label from the user grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/dc4b00ba8344e delete a user label ) get access revocation status retrieve the result of a specific employee access revocation grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/4116f308ba4bb get access revocation status ) get alert retrieve the information of the alert with the matching alert id grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/4100ffe50da66 get alert ) get alert v2 retrieve the information of the alert with the matching alert id using v2 api grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/11b5aa1d646c0 get alert ) get justification request link retrieve the link of the justification request grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/ae812b3bfcf6d get justification request link ) get justification request status retrieve the status of the justification request grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/d80b4bada6889 get justification request status ) get saas retrieve the information of the saas with the matching saas id grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/1c66d637a4728 get saa s ) get saas applications for user get saas applications for user grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/9a1cf7710431d get saa s applications for user ) get saas id retrieve the saas application id of a saas by it's name the result will be in array, in case there is more than one saas with the same name grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/83c3c79bdb1bd get saas id ) get saas user retrieve all the data on a specific saas application user grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/384a7a2971ba4 get saas user ) get user retrieve the information of the user with the matching user mail grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/4930e3a1dbc52 get user ) get user id retrieve the userid out of the user email address grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/9cbe8055b82d3 get user id ) get users for saas application retrieve a list of all the users in a specific saas grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/df46c6db4c08c get users for saa s application ) list alerts retrieve a list of alerts from the grip system the list is paginated using query parameters grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/8138dd5c78b18 list alerts ) list alerts v2 retrieve a list of alerts from the grip system using v2 api the list is paginated using query parameters grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/38adfda2eca8e list alerts ) list audit logs retrieve a list of audit logs from the grip system the list is paginated using query parameters grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/1d5f8e825f9c4 list audit logs ) list offboarding workflows retrieve the results of all offboarding workflows grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/dc4d2e89e4a6d list offboarding workflows ) list saas retrieve a list of all the saas in the organization, including organizational data and grip data the list is paginated using query parameters grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/60dabc18f8891 list saa s ) list users retrieve a list of all the users in the organization, including organizational data and grip data the list is paginated using query parameters grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/7256414af9f9a list users ) run workflow by id run a workflow for the workflow id every workflow should contain at least one of the following app name / app id in case of application based workflow,identity email / identity id in case of identity based workflow grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/07776a4d92de2 run workflow by id ) send justification request initiates a request for a user to justify their use of an application the request can be sent to users identified by either user id or email grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/dc6b0f9306561 send justification request ) start access revocation start an employee access revocation task on specific employee for selected saas grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/a40d967e3147c start access revocation ) start offboarding start an offboarding workflow for the specific users every workflow should contains name, list of users ids, specified with their inheritor mailbox in case they are deactivated in the mail platform, turn on enhanced mode if needed grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/b9e17bf2c6761 status offboarding ) status of a workflow retrieve the status of a workflow grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/4c82cd4216645 status of a workflow ) status offboarded user retrieve the status of an offboarding workflow, with results for supported applications grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/19bab44b151a4 status offboarded user ) status offboarding retrieves the status of an offboarding workflow grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/b9e17bf2c6761 status offboarding ) stop offboarding stop the process of offboarding grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/bc2e9127270f0 stop offboarding ) update primary contact update primary contact of a specific saas grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/025a29d1acdcc update primary contact ) update sanction status updates the sanction state of a specified saas application based on the provided input grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/011ade02e2b98 update sanction status ) user label add a label for a specific user id if the specific label already exists in the env, it will add it to the user if it doesn't it will create it and add it to the user grip security documentation for this action can be found \[here] ( https //apidocs grip security/docs/api docs/95aea440bbf3e user label ) configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required access token access token string required actions cancel access revocation halts the ongoing process of revoking an employee's access in grip security using a specified actionid endpoint url /public/actions/accessrevocation/employee/stop method post input argument name type required description actionid string optional unique identifier input example {"json body" {"actionid" "4a156b6a 0d73 4d7b 92f3 7bc07d13205f"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} cancel justification request cancels an existing justification request in grip security using a unique requestid endpoint url /public/actions/justification/cancel method post input argument name type required description requestid string optional unique identifier input example {"json body" {"requestid" "d385ab22 0f51 4b97 9ecd b8ff3fd4fcb6"}} output parameter type description status code number http status code of the response reason string response reason phrase requestid string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"requestid" "d385ab22 0f51 4b97 9ecd b8ff3fd4fcb6"}} cancel workflow by workflow run id cancels an ongoing workflow run in grip security using the provided workflow run id endpoint url workflows/{{workflow run id}}/cancel method post input argument name type required description path parameters workflow run id string required the id of the workflow run to cancel input example {"path parameters" {"workflow run id" "497f6eca 6276 4993 bfeb 53cbbbba6f08"}} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"message" "workflow cancelled successfully"}} create label generates a new label for a given saas id within grip security, utilizing the 'label' data provided in the json body endpoint url saas/{{saas id}}/label method post input argument name type required description path parameters saas id string required parameters for the create label action label string optional parameter for create label input example {"json body" {"label" ""},"path parameters" {"saas id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} delete label removes a specific label from a saas application in grip security using the provided saas id and label endpoint url saas/{{saas id}}/label method delete input argument name type required description path parameters saas id string required the id of the saas application to delete the label from label string optional the label to delete input example {"json body" {"label" "alpha123"},"path parameters" {"saas id" "12345"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} delete user label removes a specified label from a user in grip security by utilizing the user's id and the label name endpoint url users/{{user id}}/label method delete input argument name type required description path parameters user id string required parameters for the delete user label action label string optional parameter for delete user label input example {"json body" {"label" ""},"path parameters" {"user id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"message" "string"}} get access revocation status retrieve the revocation status for an employee's access in grip security by providing the action id endpoint url /public/actions/accessrevocation/employee/{{action id}}/status method get input argument name type required description path parameters action id string required parameters for the get access revocation status action input example {"path parameters" {"action id" "4a156b6a 0d73 4d7b 92f3 7bc07d13205f"}} output parameter type description status code number http status code of the response reason string response reason phrase actionid string unique identifier status string status value createdby string output field createdby startedat string output field startedat completedat string output field completedat userid string unique identifier usermail string output field usermail userfullname string name of the resource userdisplayname string name of the resource details string output field details output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"actionid" "4a156b6a 0d73 4d7b 92f3 7bc07d13205f","status" "completed","createdby" "string","startedat" "2019 08 24t14 15 22z","completedat" "2019 08 24t14 15 22z","userid" "8e6afaf9 ce27 419e bf33 4b02fc2e90ca","usermail" "string","userfullname" "string","userdisplayname" "string","details" "string"}} get alert retrieve detailed information for a specific alert in grip security using the unique readable id provided endpoint url /public/alerts/{{alert readable id}} method get input argument name type required description path parameters alert readable id string required parameters for the get alert action input example {"path parameters" {"alert readable id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase alertid string unique identifier alerttype string type of the resource alertseverity string output field alertseverity createdat string output field createdat updatedat string output field updatedat category string output field category uniquefieldsdata object response data description string output field description mitigationsteps object output field mitigationsteps mitigationsteps header string output field mitigationsteps header mitigationsteps steps array output field mitigationsteps steps potentialimpacts array output field potentialimpacts relatedentity object output field relatedentity relatedentity id string unique identifier relatedentity name string name of the resource relatedentity email string output field relatedentity email relatedentity entitytype string type of the resource alerturl string url endpoint for the request status string status value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"alertid" "string","alerttype" "string","alertseverity" "string","createdat" "string","updatedat" "string","category" "string","uniquefieldsdata" {},"description" "string","mitigationsteps" {"header" "string","steps" \[]},"potentialimpacts" \["string"],"relatedentity" {"id" "string","name" "string","email" "string","entitytype" "identity"},"alerturl" "string","status" "string"}} get alert v2 retrieve detailed information for a specific alert in grip security using the alert's readable id endpoint url /public/v2/alerts/{{alert readable id}} method get input argument name type required description path parameters alert readable id string required parameters for the get alert v2 action input example {"path parameters" {"alert readable id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase alertid string unique identifier alerttype string type of the resource alertseverity string output field alertseverity createdat string output field createdat updatedat string output field updatedat category string output field category uniquefieldsdata object response data description string output field description mitigationsteps object output field mitigationsteps mitigationsteps header string output field mitigationsteps header mitigationsteps steps array output field mitigationsteps steps potentialimpacts array output field potentialimpacts relatedentity object output field relatedentity relatedentity id string unique identifier relatedentity name string name of the resource relatedentity email string output field relatedentity email relatedentity entitytype string type of the resource alerturl string url endpoint for the request status string status value alertname string name of the resource policyreadableid number unique identifier mitigationdescription string output field mitigationdescription relatedentityid string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"alertid" "string","alerttype" "string","alertseverity" "string","createdat" "string","updatedat" "string","category" "string","uniquefieldsdata" {},"description" "string","mitigationsteps" {"header" "string","steps" \[]},"potentialimpacts" \["string"],"relatedentity" {"id" "string","name" "string","email" "string","entitytype" "identity"},"alerturl" "string","status" "string","alertname" "string","policyreadableid" 0}} get justification request link retrieve a specific justification request link from grip security using the provided request id endpoint url /public/actions/justification/{{request id}}/link method get input argument name type required description path parameters request id string required parameters for the get justification request link action input example {"path parameters" {"request id" "d385ab22 0f51 4b97 9ecd b8ff3fd4fcb6"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" "string"} get justification request status retrieve the current status of a justification request in grip security using the provided request id endpoint url /public/actions/justification/{{request id}}/status method get input argument name type required description path parameters request id string required parameters for the get justification request status action input example {"path parameters" {"request id" "d385ab22 0f51 4b97 9ecd b8ff3fd4fcb6"}} output parameter type description status code number http status code of the response reason string response reason phrase requestid string unique identifier status string status value createdby string output field createdby startedat string output field startedat completedat string output field completedat recipientname string name of the resource recipientmail string output field recipientmail saasid string unique identifier saasname string name of the resource response object output field response output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"requestid" "d385ab22 0f51 4b97 9ecd b8ff3fd4fcb6","status" "sent","createdby" "string","startedat" "2019 08 24t14 15 22z","completedat" "2019 08 24t14 15 22z","recipientname" "string","recipientmail" "string","saasid" "cb85d5df 47f3 4b28 b393 8104f184d6be","saasname" "string","response" {}}} get saas retrieves detailed information for a specific saas entry in grip security using the provided saas id endpoint url /saas/{{saas id}} method get input argument name type required description path parameters saas id string required parameters for the get saas action input example {"path parameters" {"saas id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource url string url endpoint for the request logourl string url endpoint for the request gripdata object response data gripdata numberofusers number response data gripdata numberofonboardedusers number response data gripdata numberofoffboardedusers number response data gripdata ssopercentage number response data gripdata accessremovalsupport string response data gripdata riskscore number response data gripdata sanctiontag string response data gripdata labels array response data gripdata buisnessowner string response data gripdata category string response data gripdata appinstancescount number response data gripdata sourceplatforms array response data gripdata lastknownusage string response data gripdata assets array response data gripdata compliances array response data gripdata primarycontact object response data gripdata primarycontact email string response data gripdata primarycontact userid string response data output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"id" "497f6eca 6276 4993 bfeb 53cbbbba6f08","name" "string","url" "string","logourl" "string","gripdata" {"numberofusers" 0,"numberofonboardedusers" 0,"numberofoffboardedusers" 0,"ssopercentage" 0,"accessremovalsupport" "supported","riskscore" 0,"sanctiontag" "sanctioned","labels" \[],"buisnessowner" "string","category" "string","appinstancescount" 0,"sourceplatforms" \[],"lastknownusage" "2019 08 24t14 15 22z","assets" \[],"compli get saas applications for user retrieve a list of saas applications associated with a given user id in grip security endpoint url /users/{{user id}}/saas method get input argument name type required description path parameters user id string required parameters for the get saas applications for user action parameters limit number optional parameters for the get saas applications for user action parameters offset number optional parameters for the get saas applications for user action input example {"parameters" {"limit" 100,"offset" 0},"path parameters" {"user id" "12345"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"saas" {},"saasuser" {}}]} get saas id obtain a unique identifier for a specified saas application by its name within grip security endpoint url /saas/{{saas name}}/id method get input argument name type required description path parameters saas name string required parameters for the get saas id action input example {"path parameters" {"saas name" ""}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \["497f6eca 6276 4993 bfeb 53cbbbba6f08"]} get saas user retrieves detailed information for a specific user within a saas application using the user's unique identifier endpoint url saasuser/{{saas app user id}} method get input argument name type required description path parameters saas app user id string required the id of the saas application user to retrieve the data for input example {"path parameters" {"saas app user id" "3a6aaaf9 ce37 423e ba3a 4b02fc2e90ca"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} get user retrieve detailed information for a specified user in grip security using the unique user id provided as a path parameter endpoint url /users/{{user id}} method get input argument name type required description path parameters user id string required parameters for the get user action input example {"path parameters" {"user id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier mail string output field mail aliases array output field aliases fullname string name of the resource displayname string name of the resource organizationalunit string output field organizationalunit manageremail string output field manageremail gripdata object response data gripdata numberofsaas string response data gripdata ssopercentage string response data gripdata activity object response data gripdata activity platformsactivity array response data gripdata activity platformsactivity platform string response data gripdata activity platformsactivity status string response data gripdata activity hasactivemailbox boolean response data gripdata labels array response data gripdata firsteventtime string response data gripdata latesteventtime string response data gripdata lastusage string response data gripdata offboardingworkflowstatus string response data gripdata offboardingworkflowtimestamp string response data customfields object output field customfields type string type of the resource output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"id" "8e6afaf9 ce27 419e bf33 4b02fc2e90ca","mail" "example\@grip security","aliases" \["string"],"fullname" "anonymous anonymous","displayname" "string","organizationalunit" "marketing","manageremail" "manager\@grip security","gripdata" {"numberofsaas" "5","ssopercentage" "32","activity" {},"labels" \[],"firsteventtime" "2019 08 24t14 15 22z","latesteventtime" "2019 08 24t14 15 22z","lastusage" "2019 08 24t14 15 22z","offboardingwo get user id obtain a user's unique id from grip security using their email address as input endpoint url /users/{{user mail}}/id method get input argument name type required description path parameters user mail string required parameters for the get user id action input example {"path parameters" {"user mail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase userid string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"userid" "8e6afaf9 ce27 419e bf33 4b02fc2e90ca"}} get users for saas application retrieves all users associated with a specific saas application using the provided saas id parameter endpoint url /saas/{{saas id}}/users method get input argument name type required description path parameters saas id string required parameters for the get users for saas application action input example {"path parameters" {"saas id" ""}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"user" {},"saasuser" {}}]} list alerts retrieve a paginated list of alerts from the grip security system, utilizing query parameters for targeted results endpoint url /public/alerts method get input argument name type required description parameters alert severity number optional parameters for the list alerts action parameters alert type string optional parameters for the list alerts action parameters category string optional parameters for the list alerts action parameters limit number optional parameters for the list alerts action parameters offset number optional parameters for the list alerts action parameters related entity id string optional parameters for the list alerts action parameters related entity type string optional parameters for the list alerts action input example {"parameters" {"alert severity" 0,"alert type" "string","category" "string","limit" 200,"offset" 0,"related entity id" "string","related entity type" "identity"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"next" 200,"prev" 0},"reason" "ok","json body" \[{"alertid" "string","alerttype" "string","alertseverity" "string","createdat" "string","updatedat" "string","category" "string","uniquefieldsdata" {},"description" "string","mitigationsteps" {},"potentialimpacts" \[],"relatedentity" {},"alerturl" "string","status" "string"}]} list alerts v2 retrieve a paginated list of alerts from grip security using query parameters for targeted results endpoint url /public/v2/alerts method get input argument name type required description parameters alert severity number optional parameters for the list alerts v2 action parameters alert type string optional parameters for the list alerts v2 action parameters category string optional parameters for the list alerts v2 action parameters limit number optional parameters for the list alerts v2 action parameters offset number optional parameters for the list alerts v2 action parameters related entity id string optional parameters for the list alerts v2 action parameters related entity type string optional parameters for the list alerts v2 action input example {"parameters" {"alert severity" 0,"alert type" "string","category" "string","limit" 200,"offset" 0,"related entity id" "string","related entity type" "identity"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"next" 200,"prev" 0},"reason" "ok","json body" \[{"alertid" "string","alerttype" "string","alertseverity" "string","createdat" "string","updatedat" "string","category" "string","uniquefieldsdata" {},"description" "string","mitigationsteps" {},"potentialimpacts" \[],"relatedentity" {},"alerturl" "string","status" "string","alertname" "string","policyreadableid" 0}]} list audit logs retrieve a paginated list of audit logs from the grip security system using query parameters endpoint url audit trail method get input argument name type required description parameters limit number optional for pagination purposes will set the maximum amount of audit logs which will return from a single query parameters offset number optional for pagination purposes will get only audit logs after this offset if there are 200 audit logs in a page, the offset for page 2 will be 200 input example {"parameters" {"limit" 100,"offset" 0}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} list offboarding workflows retrieve the results of all offboarding workflows in grip security, providing a comprehensive overview endpoint url workflows/offboarding method get input argument name type required description parameters limit number optional for pagination purposes will set the maximum amount of workflows which will return from a single query parameters offset number optional for pagination purposes will get only workflows after this offset if there are 200 workflows in a page, the offset for page 2 will be 200 input example {"parameters" {"limit" 100,"offset" 0}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"workflowid" "43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4","status" "completed","createdby" "string","startedat" "2019 08 24t14 15 22z","completedat" "2019 08 24t14 15 22z","workflowname" "22 11 10 15 52","numberofemployees" 0}]} list saas retrieve a paginated list of all saas applications within the organization, complete with relevant data endpoint url /saas method get input argument name type required description parameters limit number optional parameters for the list saas action parameters offset number optional parameters for the list saas action input example {"parameters" {"limit" 100,"offset" 0}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"id" "497f6eca 6276 4993 bfeb 53cbbbba6f08","name" "string","url" "string","logourl" "string","gripdata" {}}]} list users retrieve a comprehensive list of users, including both organizational and grip security specific data endpoint url /users method get input argument name type required description parameters next number optional parameters for the list users action parameters offset number optional parameters for the list users action input example {"parameters" {"next" 1,"offset" 0}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"id" "8e6afaf9 ce27 419e bf33 4b02fc2e90ca","mail" "example\@grip security","aliases" \[],"fullname" "anonymous anonymous","displayname" "string","organizationalunit" "marketing","manageremail" "manager\@grip security","gripdata" {},"customfields" {},"type" "string"}]} run workflow by id executes a specified workflow in grip security using the workflow id, applicable for both application based and identity based workflows endpoint url workflows/{{workflow id}}/run method post input argument name type required description path parameters workflow id string required the id of the workflow to run identityemail array optional the identities email in grip's identity profile page this field should be selected if the workflow entity is 'identity', it is preferable to enter identity id than identity email this value can get list identityid array optional the identities id in grip it can be copied from the url path of the identity's profile page in grip this field should be selected if the workflow entity is 'identity', this field is preferable to enter when using this type of workflow this value can get list appname array optional the application name in grip's app portfolio page this field should be selected if the workflow entity is 'app', it is preferable to enter app id than app name this value can get list appid array optional the application id in grip it can be copied from the url path of the app's portfolio page in grip this field should be selected if the workflow entity is 'app', this field is preferable to enter when using this type of workflow this value can get list inheritoremail string optional the inheritor email for the given users this field is relevant only for identity values, and should be filled only if the users' mailbox is inactive input example {"json body" {"identityemail" \["test\@example com"],"identityid" \["43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4"],"appname" \["test app"],"appid" \["43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4"],"inheritoremail" "a\@b com"},"path parameters" {"workflow id" "43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4"}} output parameter type description status code number http status code of the response reason string response reason phrase workflowrunids object unique identifier workflowrunids property1 string unique identifier workflowrunids property2 string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"workflowrunids" {"property1" "497f6eca 6276 4993 bfeb 53cbbbba6f08","property2" "497f6eca 6276 4993 bfeb 53cbbbba6f08"}}} send justification request initiates a justification request for a user's use of a specified saas application in grip security, requiring a saasapplicationid endpoint url /public/actions/justification/send method post input argument name type required description userid string optional unique identifier useremail string optional parameter for send justification request saasapplicationid string optional unique identifier communicationplatform string optional parameter for send justification request input example {"json body" {"userid" "2c4a230c 5085 4924 a3e1 25fb4fc5965b","useremail" "string","saasapplicationid" "86f9ba57 2da9 42da 8118 7ec1d4cc813c","communicationplatform" "email"}} output parameter type description status code number http status code of the response reason string response reason phrase requestid string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"requestid" "d385ab22 0f51 4b97 9ecd b8ff3fd4fcb6"}} start access revocation initiates the revocation of a specified employee's access across selected saas applications, requiring userid and saasids endpoint url /public/actions/accessrevocation/employee/start method post input argument name type required description userid string optional unique identifier saasids array optional unique identifier inheritormailbox string optional parameter for start access revocation managerapprovalemail string optional parameter for start access revocation input example {"json body" {"userid" "2c4a230c 5085 4924 a3e1 25fb4fc5965b","saasids" \["497f6eca 6276 4993 bfeb 53cbbbba6f08"],"inheritormailbox" "inheritor\@grip security","managerapprovalemail" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase actionid string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"actionid" "4a156b6a 0d73 4d7b 92f3 7bc07d13205f"}} start offboarding initiates an offboarding workflow in grip security for specified users, including user ids, inheritor mailboxes, and enhanced mode options endpoint url workflows/offboarding/start method post input argument name type required description userstooffboard array optional parameter for start offboarding userstooffboard userid string optional the id of the user in grip system the userid is the base for every api query either the userid or the useremail field is required userstooffboard inheritormailbox string optional the inheritor mail address, in case the user is inactive default is user's original mailbox userstooffboard useremail string optional the email address of the user in grip system either the useremail or the userid field is required enableenhancedmode boolean optional true if the user wants to run the offboarding on enhanced mode applications false if not workflowname string optional the name of the workflow in grip this field can be chosen by the user, and it is not mandatory input example {"json body" {"userstooffboard" \[{"userid" "8e6afaf9 ce27 419e bf33 4b02fc2e90ca","inheritormailbox" "inheritor\@grip security","useremail" "user1\@org com"}],"enableenhancedmode"\ false,"workflowname" "22 11 10 15 52"}} output parameter type description status code number http status code of the response reason string response reason phrase workflowid string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"workflowid" "43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4"}} status of a workflow retrieve the current status of a specified workflow in grip security using the workflow id endpoint url workflows/{{workflow id}}/status method get input argument name type required description path parameters workflow id string required the id of the workflow to retrieve the status for input example {"path parameters" {"workflow id" "12345"}} output parameter type description status code number http status code of the response reason string response reason phrase status string status value statusdetails string status value createdat string output field createdat completedat string output field completedat actions array output field actions actions actionname string name of the resource actions status string status value actions selfurl string url endpoint for the request output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"status" "completed","statusdetails" "this is a test status details","createdat" "2019 08 24t14 15 22z","completedat" "2019 08 24t14 15 22z","actions" \[{}]}} status offboarded user retrieve the offboarding workflow status for a user in grip security using the specified workflow id endpoint url workflows/offboarding/{{workflow id}}/userstatus method get input argument name type required description path parameters workflow id string required the id of the workflow to retrieve the status for input example {"path parameters" {"workflow id" "cb85d5df 47f3 4b28 b393 8104f184d6be"}} output parameter type description status code number http status code of the response reason string response reason phrase usermail string output field usermail userfullname string name of the resource status string status value startedat string output field startedat completedat string output field completedat results object result of the operation results supportedforaccessremoval array result of the operation results supportedforaccessremoval saasid string unique identifier results supportedforaccessremoval saasname string name of the resource results supportedforaccessremoval accessremovalresult string result of the operation results unsupportedforaccessremoval array result of the operation results unsupportedforaccessremoval saasid string unique identifier results unsupportedforaccessremoval saasname string name of the resource results idpconnected array unique identifier results idpconnected saasid string unique identifier results idpconnected saasname string unique identifier results idpconnected idpprovider string unique identifier results idpconnected auttype string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"usermail" "test\@example com","userfullname" "test user","status" "in progress","startedat" "2019 08 24t14 15 22z","completedat" "2019 08 24t14 15 22z","results" {"supportedforaccessremoval" \[],"unsupportedforaccessremoval" \[],"idpconnected" \[]}}} status offboarding retrieves the current status of a specified offboarding workflow in grip security using the workflow id endpoint url workflows/offboarding/{{workflow id}}/status method get input argument name type required description path parameters workflow id string required the id of the workflow to retrieve the status for input example {"path parameters" {"workflow id" "43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4"}} output parameter type description status code number http status code of the response reason string response reason phrase workflowid string unique identifier status string status value createdby string output field createdby startedat string output field startedat completedat string output field completedat workflowname string name of the resource numberofemployees number output field numberofemployees results array result of the operation results usermail string result of the operation results userfullname string name of the resource results userdisplayname string name of the resource results status string status value results statusreason string status value results saasresults array result of the operation results saasresults saasid string unique identifier results saasresults saasname string name of the resource results saasresults saasuserid string unique identifier results saasresults enhancedmode boolean result of the operation results saasresults result string result of the operation output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"workflowid" "43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4","status" "completed","createdby" "string","startedat" "2019 08 24t14 15 22z","completedat" "2019 08 24t14 15 22z","workflowname" "22 11 10 15 52","numberofemployees" 0,"results" \[{}]}} stop offboarding terminate an ongoing offboarding process in grip security using the specified workflow id endpoint url workflows/offboarding/stop method post input argument name type required description workflowid string optional the id of the workflow to stop input example {"json body" {"workflowid" "43c4fa9b 0cbc 4b57 a121 9d7d46a3eaa4"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} update primary contact updates the primary contact for a specified saas using saas id and user id as identifiers endpoint url saas/{{saas id}}/update primary contact method post input argument name type required description parameters user id string required the id of the user to update the primary contact for path parameters saas id string required the id of the saas application to update the primary contact for input example {"parameters" {"user id" "12345"},"path parameters" {"saas id" "12345"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} update sanction status updates the sanction state of a specified saas application in grip security using the provided saas id and new sanction state endpoint url saas/{{saas id}}/sanction status method post input argument name type required description parameters comment string optional the comment to update the sanction status for parameters user email string optional if not received it will be the token name parameters new sanction state string required the new sanction state to update the sanction status for path parameters saas id string required the id of the saas application to update the sanction status for input example {"parameters" {"comment" "this is a test comment","user email" "test\@example com","new sanction state" "sanctioned"},"path parameters" {"saas id" "12345","user email" "test\@example com"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" {}} user label adds or updates a user's label in grip security using the specified user id and label data endpoint url /users/{{user id}}/label method post input argument name type required description path parameters user id string required parameters for the user label action headers object optional http headers for the request headers content type string optional http headers for the request label string optional parameter for user label input example {"json body" {"label" "alpha123"},"path parameters" {"user id" "12345"},"headers" {"content type" "application/json"}} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"message" "string"}} response headers header description example next http response header next 200 prev http response header prev 0