MachineIdentities
All URIs are relative to https://sailpoint.api.identitynow.com
| Method | HTTP request | Description |
|---|---|---|
| New-MachineIdentityV1 | POST /machine-identities/v1 | Create machine identity |
| Remove-MachineIdentityV1 | DELETE /machine-identities/v1/{id} | Delete machine identity |
| Get-MachineIdentityV1 | GET /machine-identities/v1/{id} | Get machine identity details |
| Get-MachineIdentitiesV1 | GET /machine-identities/v1 | List machine identities |
| Get-MachineIdentityUserEntitlementsV1 | GET /machine-identity-user-entitlements/v1 | List machine identity's user entitlements |
| Start-MachineIdentityAggregationV1 | POST /sources/v1/{sourceId}/aggregate-agents | Start machine identity aggregation |
| Update-MachineIdentityV1 | PATCH /machine-identities/v1/{id} | Update machine identity details |
create-machine-identity-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Use this API to create a machine identity. The maximum supported length for the description field is 2000 characters.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Body | Machineidentityrequest | Machineidentityrequest | True |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Machine Identity created. | Machineidentityresponse |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Machineidentityrequest = @""@
# Create machine identity
try {
$Result = ConvertFrom-JsonToMachineidentityrequest -Json $Machineidentityrequest
New-MachineIdentityV1 -XSailPointExperimental $XSailPointExperimental -Machineidentityrequest $Result
# Below is a request that includes all optional parameters
# New-MachineIdentityV1 -XSailPointExperimental $XSailPointExperimental -Machineidentityrequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling New-MachineIdentityV1"
Write-Host $_.ErrorDetails
}
delete-machine-identity-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
The API returns successful response if the requested machine identity was deleted.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | Machine Identity ID |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
(empty response body)
Responses
| Code | Description | Data Type |
|---|---|---|
| 204 | No content - indicates the request was successful but there is no content to be returned in the response. | |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Delete machine identity
try {
Remove-MachineIdentityV1 -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Remove-MachineIdentityV1 -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Remove-MachineIdentityV1"
Write-Host $_.ErrorDetails
}
get-machine-identity-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
This API returns a single machine identity using the Machine Identity ID.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | Machine Identity ID |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | A machine identity object | Machineidentityresponse |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
# Get machine identity details
try {
Get-MachineIdentityV1 -Id $Id -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-MachineIdentityV1 -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-MachineIdentityV1"
Write-Host $_.ErrorDetails
}
list-machine-identities-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
This API returns a list of machine identities.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Query | Filters | String | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: id: eq, in, sw displayName: eq, in, sw cisIdentityId: eq, in, sw nativeIdentity: eq, in, sw attributes: eq manuallyEdited: eq subtype: eq, in owners.primaryIdentity.id: eq, in, sw owners.primaryIdentity.name: eq, in, isnull, pr owners.secondaryIdentity.id: eq, in, sw owners.secondaryIdentity.name: eq, in, isnull, pr source.name: eq, in, sw source.id: eq, in entitlement.id: eq, in entitlement.name: eq, in, sw |
| Query | Sorters | String | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: nativeIdentity, name, owners.primaryIdentity.name, source.name, created, modified |
| Query | Count | Boolean | (optional) (default to $false) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
| Query | Limit | Int32 | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | Offset | Int32 | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | List of machine identities. | Machineidentityresponse[] |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'identityId eq "2c9180858082150f0180893dbaf44201"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in, sw* **displayName**: *eq, in, sw* **cisIdentityId**: *eq, in, sw* **nativeIdentity**: *eq, in, sw* **attributes**: *eq* **manuallyEdited**: *eq* **subtype**: *eq, in* **owners.primaryIdentity.id**: *eq, in, sw* **owners.primaryIdentity.name**: *eq, in, isnull, pr* **owners.secondaryIdentity.id**: *eq, in, sw* **owners.secondaryIdentity.name**: *eq, in, isnull, pr* **source.name**: *eq, in, sw* **source.id**: *eq, in* **entitlement.id**: *eq, in* **entitlement.name**: *eq, in, sw* (optional)
$Sorters = "nativeIdentity" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **nativeIdentity, name, owners.primaryIdentity.name, source.name, created, modified** (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List machine identities
try {
Get-MachineIdentitiesV1 -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-MachineIdentitiesV1 -XSailPointExperimental $XSailPointExperimental -Filters $Filters -Sorters $Sorters -Count $Count -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-MachineIdentitiesV1"
Write-Host $_.ErrorDetails
}
list-machine-identity-user-entitlements-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
This API returns a list of user entitlements associated with machine identities.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Query | Filters | String | (optional) | Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: machineIdentityId: eq, in machineIdentityName: eq, in, sw entitlement.id: eq, in entitlement.name: eq, in, sw source.id: eq, in source.name: eq, in, sw |
| Query | Sorters | String | (optional) | Sort results using the standard syntax described in V3 API Standard Collection Parameters Sorting is supported for the following fields: machineIdentityName, entitlement.name, source.name |
| Query | Count | Boolean | (optional) (default to $false) | If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored. Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used. See V3 API Standard Collection Parameters for more information. |
| Query | Limit | Int32 | (optional) (default to 250) | Max number of results to return. See V3 API Standard Collection Parameters for more information. |
| Query | Offset | Int32 | (optional) (default to 0) | Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information. |
Return type
Machineidentityuserentitlementresponse[]
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | List of machine identity user entitlements. | Machineidentityuserentitlementresponse[] |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
Example
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Filters = 'machineIdentityId eq "2c9180858082150f0180893dbaf44201"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **machineIdentityId**: *eq, in* **machineIdentityName**: *eq, in, sw* **entitlement.id**: *eq, in* **entitlement.name**: *eq, in, sw* **source.id**: *eq, in* **source.name**: *eq, in, sw* (optional)
$Sorters = "machineIdentityName" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **machineIdentityName, entitlement.name, source.name** (optional)
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)
# List machine identity's user entitlements
try {
Get-MachineIdentityUserEntitlementsV1 -XSailPointExperimental $XSailPointExperimental
# Below is a request that includes all optional parameters
# Get-MachineIdentityUserEntitlementsV1 -XSailPointExperimental $XSailPointExperimental -Filters $Filters -Sorters $Sorters -Count $Count -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-MachineIdentityUserEntitlementsV1"
Write-Host $_.ErrorDetails
}
start-machine-identity-aggregation-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Starts a machine identity (AI Agents) aggregation on the specified source.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | SourceId | String | True | Source ID. |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Body | Machineidentityaggregationrequest | Machineidentityaggregationrequest | True |
Return type
Machineidentityaggregationresponse
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Machine Identity Aggregation was started successfully. | Machineidentityaggregationresponse |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: application/json
- Accept: application/json
Example
$SourceId = "ef38f94347e94562b5bb8424a56397d8" # String | Source ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$Machineidentityaggregationrequest = @""@
# Start machine identity aggregation
try {
$Result = ConvertFrom-JsonToMachineidentityaggregationrequest -Json $Machineidentityaggregationrequest
Start-MachineIdentityAggregationV1 -SourceId $SourceId -XSailPointExperimental $XSailPointExperimental -Machineidentityaggregationrequest $Result
# Below is a request that includes all optional parameters
# Start-MachineIdentityAggregationV1 -SourceId $SourceId -XSailPointExperimental $XSailPointExperimental -Machineidentityaggregationrequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Start-MachineIdentityAggregationV1"
Write-Host $_.ErrorDetails
}
update-machine-identity-v1
experimental
This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.
Use this API to update machine identity details.
Parameters
| Param Type | Name | Data Type | Required | Description |
|---|---|---|---|---|
| Path | Id | String | True | Machine Identity ID. |
| XSailPointExperimental | String | True (default to "true") | Use this header to enable this experimental API. | |
| Body | RequestBody | []SystemCollectionsHashtable | True | A JSON of updated values JSON Patch standard. |
Return type
Responses
| Code | Description | Data Type |
|---|---|---|
| 200 | Updated Machine Identity object. | Machineidentityresponse |
| 400 | Client Error - Returned if the request body is invalid. | Errorresponsedto |
| 401 | Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. | ListMachineIdentitiesV1401Response |
| 403 | Forbidden - Returned if the user you are running as, doesn't have access to this end-point. | Errorresponsedto |
| 404 | Not Found - returned if the request URL refers to a resource or object that does not exist | Errorresponsedto |
| 429 | Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. | ListMachineIdentitiesV1429Response |
| 500 | Internal Server Error - Returned if there is an unexpected error. | Errorresponsedto |
HTTP request headers
- Content-Type: application/json-patch+json
- Accept: application/json
Example
$Id = "ef38f94347e94562b5bb8424a56397d8" # String | Machine Identity ID.
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")
$RequestBody = # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
$RequestBody = @"[{"op":"add","path":"/attributes/securityRisk","value":"medium"}]"@ # SystemCollectionsHashtable[] | A JSON of updated values [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
# Update machine identity details
try {
$Result = ConvertFrom-JsonToRequestBody -Json $RequestBody
Update-MachineIdentityV1 -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
# Below is a request that includes all optional parameters
# Update-MachineIdentityV1 -Id $Id -XSailPointExperimental $XSailPointExperimental -RequestBody $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-MachineIdentityV1"
Write-Host $_.ErrorDetails
}