Autonomous Identity 2021.3.0

Entitlements

The following are Autonomous Identity filtering by entitlements endpoints:

GET /api/entitlements/search

Search for entitlements by name and with applied filters. [Ent Owner, App Owner, Admin]

Endpoint

/api/entitlements/search?q=QueryString

Authorization

<Bearer Token JWT-value>

Params

by      appOwner or enttOwner
user    user ID
q       Search query string (required)
appId   Application ID to use as a filter

Example Request

curl --location --request GET 'https://autoid-api.forgerock.com/api/entitlements/search?by=enttOwner&user=john.doe&q=WEB&appId=Salesforce' \
--header 'Content-Type: application/json'

Example Response

{
  "values": [
    {
      "id": "string",
      "app_id": "string",
      "app_name": "string",
      "entt_name": "string"
    }
  ]
}
POST /api/entitlements/stats

Get data for entitlements view. [Supervisor, Ent Owner, Admin]

Endpoint

/api/entitlements/stats?by=supervisor/entitlementOwner/admin

Authorization

<Bearer Token JWT-value>

Params

by      supervisor, roleOwner

Body

{
	"ownerId": "timothy.slack",
	"isHighRiskOnly": true,
	"isMediumLowRiskOnly": false,
	"isUserEntitlementsIncluded": true,
	"filters": [{
		"type": "app_id",
		"group": "criticality",
		"value": "Essential"
	}]
}

Example Request

curl --location --request POST 'https://autoid-api.forgerock.com/api/entitlements/stats?by=supervisor' \
--header 'content-type: application/json' \
--data-raw '{
	"ownerId": "timothy.slack",
	"isHighRiskOnly": true,
	"isMediumLowRiskOnly": false,
	"isUserEntitlementsIncluded": true,
	"filters": [{
		"type": "app_id",
		"group": "criticality",
		"value": "Essential"
	}]
}'

Example Response

{
  "total_entitlements": 0,
  "total_subordinates": 0,
  "unscoredEntitlements": 0,
  "scoredEntitlements": 0,
  "usersWithNoEntitlement": 0,
  "usersWithNoScoredEntitlement": 0,
  "distinct_apps": [
    {
      "app_id": "string",
      "app_name": "string",
      "low": 0,
      "medium": 0,
      "high": 0
    }
  ],
  "users": [
    {
      "user": "string",
      "user_name": "string",
      "high": 0,
      "medium": 0,
      "low": 0,
      "avg": "string"
    }
  ],
  "entitlements": [
    {
      "entitlement": "string",
      "entitlement_name": "string",
      "app_id": "string",
      "high_risk": "string",
      "high": 0,
      "medium": 0,
      "low": 0,
      "avg": "string"
    }
  ]
}
GET /api/entitlements/id/{id}

Get entitlement details. [User, Supervisor, Ent Owner, App Owner, Admin]

Endpoint

/api/entitlements/id/{id+}

Authorization

<Bearer Token JWT-value>

Params

by      entitlement ID

Example Request

curl -X GET "https://autoid-api.forgerock.com/api/entitlements/id/1234" \
-H  "accept: application/json"

Example Response

{
  "entitlement_name": "string",
  "scores": {
    "avg": 0,
    "high": 0,
    "medium": 0,
    "low": 0
  },
  "drivingFactors": [
    {
      "attribute": {
        "id": "string",
        "title": "string",
        "value": "string"
      },
      "count": 0
    }
  ],
  "userScores": [
    {
      "score": 0,
      "count": 0
    }
  ],
  "users": [
    {
      "user": "string",
      "user_name": "string",
      "app_id": "string",
      "freq": 0,
      "frequnion": 0,
      "justification": [
        {
          "title": "string",
          "value": "string"
        }
      ],
      "rawJustification": [
        "string"
      ],
      "score": 0
    }
  ]
}
GET /api/entitlements/unscored

Get unscored entitlements and users for a given Supervisor or Entitlement Owner ID. [Supervisor, Ent Owner, Admin]

Endpoint

/api/entitlements/unscored

Authorization

<Bearer Token JWT-value>

Params

by      supervisor, entitlement owner
user    supervisor or entitlement owner user ID

Example Request

curl -X GET "https://autoid-api.forgerock.com/api/entitlements/unscored?by=supervisor&user=1234" \
-H  "accept: application/json"
Copyright © 2010-2022 ForgeRock, all rights reserved.