Sailpoint Identity IQ

this connector ingests data from the sailpoint identityiq and integrates it with swimlane prerequisites to set up the asset, you need the following inputs url username password capabilities the sailpoint identityiq connector integration provides the following capabilities get role by id get user by id get users api documentation link sailpoint identityiq api documentation link https //developer sailpoint com/iiq/api/ configurations http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get role by id the role resource with matching id or name is returned attributes to include in the response can be specified with the 'attributes' query parameter attributes to exclude from the response can be specified with the 'excludedattributes' query parameter endpoint url /roles/ {{roleid}} method get input argument name type required description roleid string required id or name of role resource lookupbyname boolean optional a boolean value that determines if the role resource will be looked up by name instead of id (value in path parameter 'roleid') setting this query parameter to true will cause the value pulled from the 'roleid' path parameter to be treated as a name when searching for the resource attributes string optional the role attributes to include in the response the query parameter value is a comma separated list of fields to be returned in the response for each role excludedattributes string optional the role attributes to exclude frome the response the query parameter value is a comma separated list of fields to be excluded from the response for each role output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier name string name of the resource descriptions array output field descriptions locale string output field locale value string value for the parameter type object type of the resource iiq boolean output field iiq requirements boolean output field requirements permits boolean output field permits displayname string name of the resource manualassignment boolean output field manualassignment name string name of the resource autoassignment boolean output field autoassignment assignmentselector boolean output field assignmentselector displayablename string name of the resource active boolean output field active activationdate string date value deactivationdate string date value owner object output field owner displayname string name of the resource value string value for the parameter $ref string output field $ref inheritance array output field inheritance example \[ { "status code" 200, "response headers" { "date" "fri, 06 oct 2023 06 05 14 gmt", "content type" "application/json;charset=utf 8", "transfer encoding" "chunked", "connection" "keep alive", "cache control" "no cache, no store, private, max age=0, must revalidate", "strict transport security" "max age=31536000", "x frame options" "sameorigin", "x content type options" "nosniff" }, "reason" "ok", "json body" { "id" "c0b4568a4fe7458c434ee77d1fbt156b", "name" "addirect production manager", "descriptions" \[], "type" {}, "displayablename" "staging test engineer it", "active" true, "activationdate" "2022 02 11t01 08 45 866 05 00", "deactivationdate" "2022 02 11t01 08 45 866 05 00", "owner" {}, "inheritance" \[], "requirements" \[], "permits" \[], "classifications" \[], "meta" {}, "schemas" \[] } } ] get user by id the user resource with matching id is returned there are attributes marked as 'returned only by request', such as roles, which must be provided as part of the attributes query parameter in order to be included in the response endpoint url /users/ {{userid}} method get input argument name type required description userid string required the id of user resource if lookupbyname is set to true, this path parameter should be set to the username of the user attributes string optional a comma separated list of attributes to return in the response this query parameter supersedes excludedattributes, so providing the same attribute(s) to both will result in the attribute(s) being returned excludedattributes string optional a comma separated list of attributes to exclude from the response some attributes cannot be excluded lookupbyname boolean optional a boolean value that determines if the user resource will be looked up by username instead of userid (value in path parameter 'userid') setting this query parameter to true will cause the value pulled from the 'userid' path parameter to be treated as a username when searching for the resource output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier username string name of the resource name object name of the resource formatted string output field formatted familyname string name of the resource givenname string name of the resource displayname string name of the resource usertype string type of the resource active boolean output field active emails array output field emails type string type of the resource value string value for the parameter primary string output field primary urn\ ietf\ params\ scim\ schemas\ sailpoint 1 0\ user object output field urn\ ietf\ params\ scim\ schemas\ sailpoint 1 0 \ user accounts array output field accounts displayname string name of the resource value string value for the parameter $ref string output field $ref entitlements array output field entitlements value string value for the parameter display string output field display type string type of the resource application string output field application example \[ { "status code" 200, "response headers" { "date" "fri, 06 oct 2023 06 05 14 gmt", "content type" "application/json;charset=utf 8", "transfer encoding" "chunked", "connection" "keep alive", "cache control" "no cache, no store, private, max age=0, must revalidate", "strict transport security" "max age=31536000", "x frame options" "sameorigin", "x content type options" "nosniff" }, "reason" "ok", "json body" { "id" "c0b4568a4fe7458c434ee77d1fbt156b", "username" "mock user", "name" {}, "displayname" "barbara jensen", "usertype" "employee", "active" true, "emails" \[], "urn\ ietf\ params\ scim\ schemas\ sailpoint 1 0\ user" {}, "urn\ ietf\ params\ scim\ schemas\ extension\ enterprise 2 0\ user" {}, "meta" {}, "schemas" \[] } } ] get users this endpoint returns all user resources there are attributes marked as 'returned only by request', such as roles, which must be provided as part of the attributes query parameter in order to be included in the response endpoint url /users method get input argument name type required description filter string optional allows for query filters according to rfc 7644, section 3 4 2 2 not all operations are supported sortby string optional allows sorting the results by a resource's attributes sortorder string optional determines what order to sort results in startindex number optional determines the starting index of the result set count number optional specifies the number of results per page attributes string optional a comma separated list of attributes to return in the response this query parameter supersedes excludedattributes, so providing the same attribute(s) to both will result in the attribute(s) being returned excludedattributes string optional a comma separated list of attributes to exclude from the response some attributes cannot be excluded output parameter type description status code number http status code of the response reason string response reason phrase totalresults string result of the operation startindex number output field startindex schemas array output field schemas resources array output field resources id string unique identifier username string name of the resource name object name of the resource formatted string output field formatted familyname string name of the resource givenname string name of the resource displayname string name of the resource usertype string type of the resource active boolean output field active emails array output field emails type string type of the resource value string value for the parameter primary string output field primary urn\ ietf\ params\ scim\ schemas\ sailpoint 1 0\ user object output field urn\ ietf\ params\ scim\ schemas\ sailpoint 1 0 \ user accounts array output field accounts displayname string name of the resource value string value for the parameter $ref string output field $ref entitlements array output field entitlements example \[ { "status code" 200, "response headers" { "date" "fri, 06 oct 2023 06 05 14 gmt", "content type" "application/json;charset=utf 8", "transfer encoding" "chunked", "connection" "keep alive", "cache control" "no cache, no store, private, max age=0, must revalidate", "strict transport security" "max age=31536000", "x frame options" "sameorigin", "x content type options" "nosniff" }, "reason" "ok", "json body" { "totalresults" "18,", "startindex" 1, "schemas" \[], "resources" \[] } } ] response headers header description example cache control directives for caching mechanisms no cache, no store, private, max age=0, must revalidate connection http response header connection keep alive content type the media type of the resource application/json;charset=utf 8 date the date and time at which the message was originated fri, 06 oct 2023 06 05 14 gmt strict transport security http response header strict transport security max age=31536000 transfer encoding http response header transfer encoding chunked x content type options http response header x content type options nosniff x frame options http response header x frame options sameorigin