IdentityNow REST APIs
The APIs listed here are outdated, and SailPoint no longer actively maintains them. Refer to https://developer.sailpoint.com/ for SailPoint API documentation.
- Account Activities
- Access Requests
- Access Request Config
- Accounts
- Access Profiles
- Identities
- Launcher
- Miscellaneous
- OAuth
- OAuth Clients
- Password Dictionary
- Personal Access Tokens
- Public Identity Config
- Requestable Objects
- Search
- Sources
- Tagged Objects
- Transforms
Account Activities
Name |
Request |
Description |
GET /v3/account-activities |
This gets a collection of account activities that satisfy the given query parameters. |
|
GET /v3/account-activities/{id} |
This gets an account activity object that satisfies the given query parameters. |
Access Requests
Name |
Request |
Description |
POST /v3/access-requests |
This submits the access request into IdentityNow, where it will follow any IdentityNow approval processes. This doesn't return a result because the request has been submitted/accepted by the system. |
|
GET /beta/access-request-status |
This gets a list of access request statuses according to the provided query parameters. |
|
POST /v2/approvals/{id}/approve-request |
Approves an access request. |
|
POST /v2/approvals/{approvalId}/reject-request |
Rejects an access request. |
|
POST /v2/approvals/{approvalId}/forward |
Forwards an access request approval. |
|
GET /v2/access-requests |
Lists the access request for an identity. |
|
GET /v2/approvals |
Lists the access request approvals. |
|
GET /v2/identities/{id}/approvals |
Lists access request approvals owned by the given identity. |
Access Request Config
Name |
Request |
Description |
GET /beta/access-request-config |
Gets the access request configurations - settings like escalations, reminders, who can request for whom, etc. |
|
PUT /beta/access-request-config |
Updates the access request configurations- settings like escalations, who can request for whom, reminders, etc. |
Accounts
Name |
Request |
Description |
GET /beta/accounts |
This lists all accounts in the system. |
|
GET /beta/accounts/{id} |
This gets a specific account in the system. |
|
PATCH /beta/accounts/{id} |
This updates a specific account's correlation. |
|
POST /vs/accounts |
Creates a new account on a flat-file source. |
|
PUT /v2/accounts/{id} |
Updates a specific account. |
|
PATCH /v2/accounts/{id} |
Updates a specific account. |
|
DELETE /v2/accounts/{id} |
Deletes a specific account. |
|
GET /v2/accounts |
List accounts for a given source. |
Access Profiles
Name |
Request |
Description |
POST /v2/access-profiles |
Creates a new access profile. |
|
GET /v2/access-profiles/{id} |
Retrieves an access profile by ID. |
|
DELETE /v2/access-profiles/{id} |
Deletes a specific access profile. |
|
PUT /v2/access-profiles/{id} |
Updates a specific access profile. |
|
PATCH /v2/access-profiles/{id} |
Updates a specific access profile. |
|
GET /v2/access-profiles |
List access profiles. |
|
GET /v2/access-profiles/{id}/entitlements |
List entitlements for a specific access profile. |
Identities
Name |
Request |
Description |
Create Identity |
POST /v2/identities |
Creates a new identity. |
GET /v2/identities/{id} |
Retrieves the identity by ID or alias. |
|
DELETE /v2/identities/{id} |
Deletes an existing identity. |
|
PATCH /v2/identities/{id} |
Updates one or more attributes of an identity, found by ID or alias. |
|
GET /v2/identities |
Retrieves the identities. |
|
POST /v2/identities/bulk-lock |
Locks one or more identities. Identities MUST reset their password in order to be unlocked. |
|
GET /v2/identities/{id}/apps |
Lists all apps available to the given identity. The list will include apps which have launchers created for the identity. |
Launcher
Name |
Request |
Description |
GET /v2/launchers/{id} |
Retrieves the details of the launcher. |
|
POST /v2/launchers/{id}/click |
Increments internal ‘click’ statistics for the launcher. |
|
POST /v2/identities/{id}/launchers |
Creates a new launcher for the given identity. This endpoint is found in links within the ‘accessMethods’ attribute for GET identities/{id}/apps response body. |
|
PATCH /v2/launchers/{id} |
Updates one or more attributes of a launcher. |
|
DELETE /v2/identities/{id}/launchers/{launcher-id} |
Deletes an existing launcher for the given identity. |
|
GET /v2/identities/{id}/launchers |
Lists the launchers for the given identity. |
Miscellaneous
Name |
Request |
Description |
GET /v2/task-results/{id} |
Retrieves the results of a background task. |
|
GET /v2/org |
Retrieves information and operational settings for your org (as determined by the URL domain). |
|
PATCH /v2/org |
Updates one or more attributes for your org. |
OAuth
Name |
Request |
Description |
Get OAuth Token |
POST /oauth/token |
This gets an OAuth token from the IdentityNow API Gateway. |
OAuth Clients
Name |
Request |
Description |
GET /beta/oauth-clients |
This lists all OAuth Clients on IdentityNow's API Gateway. |
|
GET /beta/oauth-clients/{id} |
This gets a specific OAuth Client on IdentityNow's API Gateway. |
|
POST /beta/oauth-clients |
This creates a specific OAuth Client for IdentityNow's API Gateway. |
|
DELETE /beta/oauth-clients/{id} |
This deletes a specific OAuth Client on IdentityNow's API Gateway. |
Password Dictionary
Name |
Request |
Description |
GET /beta/password-dictionary |
Gets the currently configured password dictionary. |
|
PUT /beta/password-dictionary |
Updates the currently configured password dictionary. |
Personal Access Tokens
Name |
Request |
Description |
GET /beta/personal-access-tokens/ |
Lists all the personal access tokens in IdentityNow. |
|
POST /beta/personal-access-tokens/ |
Creates a personal access token tied to the currently authenticated user. |
|
DELETE /beta/personal-access-tokens/{id} |
Deletes a specific personal access token in IdentityNow. |
Public Identity Config
Name |
Request |
Description |
GET /beta/public-identities-config |
Gets the public identity configuration object, which is used to display identity attributes in various areas of IdentityNow. |
|
PUT /beta/public-identities-config |
Updates the public identity configuration object, which is used to display identity attributes in various areas of IdentityNow. |
Requestable Objects
Name |
Request |
Description |
GET /v3/requestable-objects |
This gets the objects in the system that are requestable via access request. |
Search
Name |
Request |
Description |
Search |
POST /v3/search |
This performs a search with provided query and returns matching result collection. |
Search Count |
POST /v3/search/count |
This performs a search with provided query and returns count of results in the X-Total-Count header. |
Search Aggregate |
POST /v3/search/aggregate |
This performs a search query aggregation and returns aggregation result. |
Search Index |
GET /v3/search/{index}/{id} |
This fetches a single document from the specified index using the specified document ID. |
Sources
Name |
Request |
Description |
GET /beta/sources/ |
This API lists all sources in IdentityNow. |
|
GET /beta/sources/{id} |
This API gets a specific source from IdentityNow. |
|
POST /beta/sources |
This API creates a source in IdentityNow. |
|
PUT /beta/sources/{id} |
This API updates a source in IdentityNow, using a full object representation. |
|
PATCH /beta/sources/{id} |
This API updates a source in IdentityNow, using a partial object representation. |
|
DELETE /beta/sources/{id} |
This API deletes a source in IdentityNow. |
|
Aggregate Source |
POST /cc/api/source/loadAccounts/{id} |
This API aggregates all accounts on the source. |
POST /cc/api/source/reset/{id} |
This API kicks off a process to clear out all accounts and entitlements in IdentityNow. |
|
Get Source Attribute Sync Config |
GET /cc/api/source/getAttributeSyncConfig/{id} |
Gets the attribute sync configurations for a particular source. |
Set Source Attribute Sync Config |
POST /cc/api/source/setAttributeSyncConfig/{id} |
Updates the attribute sync configurations for a particular source. |
Tagged Objects
Name |
Request |
Description |
POST /beta/tagged-objects |
Adds tag to a specific object. |
|
GET /beta/tagged-objects/ |
Lists all tagged objects. |
|
GET /beta/tagged-objects/{type}/ |
Gets tagged objects for a specific type. |
|
GET /beta/tagged-objects/{type}/{id} |
Gets tags for specific object. |
|
PUT /beta/tagged-objects/{type}/{id} |
Updates tags for specific object. |
|
DELETE /beta/tagged-objects/{type}/{id} |
Deletes tags for specific object. |
|
POST /beta/tagged-objects/bulk-add |
Adds tags to many objects. |
|
POST /beta/tagged-objects/bulk-remove |
Removes tags from many objects. |
Transforms
Name |
Request |
Description |
List Transforms |
GET /cc/api/transform/list |
This API lists all transforms in IdentityNow. This includes built-in system transforms as well. |
Get Transform |
GET /cc/api/transform/get/{id} |
This API gets a specific transform from IdentityNow. |
Create Transform |
POST /cc/api/transform/create |
This API creates a transform in IdentityNow. |
Update Transform |
POST /cc/api/transform/update/{id} |
This API updates a transform in IdentityNow. |
Delete Transform |
POST /cc/api/transform/delete/{id} |
This API deletes a transform in IdentityNow. |
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Although that site has improved over time I have not seen it to be a full comprehensive listing of nearly all the different host and endpoint calls of IDN's various APIs.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
You can also use the developer tools from your browser to see what IdentityNow is doing when performing certain actions from the UI. Helps a lot to figure out which API calls to use.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
I agree that the new API portal is really lacking. The legacy and V2 methods were omitted. Although its prettier and loads faster.
I'd love to see everything included and notes and links next to any that have been superseded. If SP wants to discourage deprecated calls but they haven't been superseded, list them but with a warning/suggestion people contact support before using.
Great input and suggestions @denvercape1. Much thanks.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
@dernc Also the SailPoint team has been working on this (see url) which looks to be going in the direction the community is wanting to see as far as API documentation goes: https://developer.sailpoint.com/
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Any API available to read the Syslogs, audit log from IdentityNow. As I need to integrate with SIEM tool to read the logs from IdentityNow. I have checked in API document but not getting it.
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Most of the API's names are changed in version SailPoint - SaaS API (3.0.0) and SailPoint - Beta SaaS API (3.1.0-beta).
Version 1 (Private) and Version 2 API's are still in use or only we have to strict with V3 and Beta?
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
Link for the "Create Identity" is dead: "The article you are trying to access is permanently deleted."...
I am amazed to see people complaining about the API doc for years and little seems to have change
- Mark as Read
- Mark as New
- Bookmark
- Permalink
- Report Content to Moderator
@pbaudoux great catch! You will now find all of the API specifications on developer.sailpoint.com, specifically: https://developer.sailpoint.com/idn/api/getting-started
You should notice quite an improvement on the specifications there! Should you noticed that anything that isn't working as intended in the specifications, you can talk to us directly to my team in the Developer Community Forum and we'll take action on it immediately. If you're looking for a net new feature, we can work with product management on the idea.
Just a recap:
- Link to latest API specs. These will always be up-to-date directly from engineering.
- Link to the Developer Community forum to let us know about any issues with the specs.
- If you feel inclined to do so, you can also report a bug in the specs directly at the bottom of each endpoint, just click the link that says 'Something Wrong?...'
Let me know if you're interested in talking, if you'd like to share anything more--I'd be happy to setup some time together!