Autonomous Identity 2022.11.11

Data Sink

Data sink is the downstream consumer of data within Autonomous Identity for service connectors and is accessible through API endpoints.

See a conceptual image of Data Sink

Data Sink

The following are Autonomous Identity datasink endpoints:

POST /api/datasink/create

POST /api/datasink/create

Create a new /common/datasink entity.

Endpoint

/api/datasink/create

Authorization

<Bearer Token JWT-value>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID) (required)

name

string

Data sink name (required)

config

object

Free form client-defined connection object

autoCertifyTimestamp

string

Last auto-certification operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

autoRequestTimestamp

string

Last auto-request operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

certifyTimestamp

string

Last certification operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

revokeTimestamp

string

Last revoke operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

rolePublishTimestamp

string

Last role publish timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

logs

object

Free form client-defined log object

Example Request

curl -k -X POST https://autoid-ui.forgerock.com/api/datasink/create' \
-H 'Authorization: Bearer <token value>' \
-H 'Content-Type: application/json' \
-d '{
  "id": "eaa19702-3806-4ee7-9466-91f0968699d9",
  "name": "Test",
  "config": { "something": 1234 }
}'

Example Response (Success)

{
  "message": "ok"
}

POST /api/datasink/update

POST /api/datasink/update

Update a /common/datasink entity.

Endpoint

/api/datasink/update

Authorization

<Bearer Token JWT-value>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID) (required)

name

string

Data sink name (required)

config

object

Free form client-defined connection object

autoCertifyTimestamp

string

Last auto-certification operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

autoRequestTimestamp

string

Last auto-request operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

certifyTimestamp

string

Last certification operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

revokeTimestamp

string

Last revoke operation timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

rolePublishTimestamp

string

Last role publish timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ)

logs

object

Free form client-defined log object

Example Request

curl -k -X POST https://autoid-ui.forgerock.com/api/datasink/update' \
-H 'Authorization: Bearer <token value>' \
-H 'Content-Type: application/json' \
-d '{
  "id": "eaa19702-3806-4ee7-9466-91f0968699d9",
  "name": "Test3",
  "config": { "something": 5678 }
}'

Example Response (Success)

{
  "message": ok
}

POST /api/datasink/delete

POST /api/datasink/delete

Remove a /common/datasink entity.

Endpoint

/api/datasink/delete

Authorization

<Bearer Token JWT-value>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID) (required)

Example Request

curl -k -X POST https://autoid-ui.forgerock.com/api/datasink/delete' \
-H 'Authorization: Bearer <token value>' \
-H 'Content-Type: application/json' \
-d '{
  "id": "eaa19702-3806-4ee7-9466-91f0968699d9"
}'

Example Response (Success)

{
  "message": ok
}

POST /api/datasink/update/status/assignments

POST /api/datasink/update/status/assignments

Update data sink status for assignment decisions. Decisions are stored in the /autoid/api/user_access_decisions JAS entity and entitlement-assignment Elasticsearch index.

Endpoint

/api/datasink/update/status/assignments

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

assignments

array

Array of assignment objects (properties below) (required)

Base Assignment Object Properties
Parameter Type Description

user

string

User ID (required)

entitlements

string array

Array of entitlement IDs (required)

datasink_status

string

Updated data sink status (required)

Example Request

curl -k -X POST \
https://autoid-ui.forgerock.com/api/datasink/update/status/assignments \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d '{
  "assignments": [
    {
      "user": "john.doe",
      "entitlements": [
        "entitlement_1"
      ],
      "datasink_status": "ack"
    },
    {
      "user": "jane.smith",
      "entitlements": [
        "entitlement_1",
        "entitlement_2",
      ],
      "datasink_status": "nack"
    }
  ]
}'

Example Response (Success)

{
  "message": ok
}

POST /api/datasink/update/status/rules

POST /api/datasink/update/status/rules

Update data sink status for rule decisions. Decisions are stored in the /autoid/api/rule_access_decisions JAS entity and entitlement-assignment Elasticsearch index.

Endpoint

/api/datasink/update/status/rules

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

rules

array

Array of rule objects (properties below) (required)

Base Rules Object Properties
Parameter Type Description

entitlement

string

Entitlement ID (required)

justification

string array

Array of justifications (required)

datasink_status

string

Updated data sink status (required)

Example Request

curl -k -X POST \
https://autoid-ui.forgerock.com/api/datasink/update/status/rules \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d '{
  "rules": [
    {
      "entitlement": "entitlement_1",
      "justification": [
        "0B_COST_CENTER_OP_TS5",
        "0C_USR_EMP_TYPE_Non-Employee",
        "10_LINE_OF_BUSINESS_Health and Safety",
        "13_USR_DEPARTMENT_NAME_Testing"
      ],
      "datasink_status": "nack"
    }
  ]
}'

Example Response (Success)

{
  "message": ok
}

POST /api/datasink/update/status/roles

POST /api/datasink/update/status/roles

Update data sink status for exported roles.

Endpoint

/api/datasink/update/status/roles

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

roles

array

Array of role objects (properties below) (required)

Base Roles Object Properties
Parameter Type Description

role_id

string

Role ID (required)

status

string

Role status (draft, candidate, active) (required)

datasink_status

string

Updated data sink status (required)

Example Request

curl -k -X POST \
/https://autoid-ui.forgerock.com/api/datasink/update/status/roles \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d '{
  "roles": [
    {
      "role_id": "027d9a1d-9a2f-488a-8ab2-adf404e0aecb",
      "status": "draft",
      "datasink_status": "nack"
    }
  ]
}'

Example Response (Success)

{
  "message": ok
}

POST /api/datasink/query

POST /api/datasink/query

Query data sink entities. Optional filtering can be applied as a JSON request body outlined below.

Endpoint

/api/datasink/query

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID)

name

string

Data sink name

autoCertifyTimestamp

object

Last auto-certify operation timestamp filter object (available properties below)

autoRequestTimestamp

object

Last auto-request operation timestamp filter object (available properties below)

certifyTimestamp

object

Last certify operation timestamp filter object (available properties below)

revokeTimestamp

object

Last revoke operation timestamp filter object (available properties below)

rolePublishTimestamp

object

Last role publish timestamp filter object (available properties below)

timestampThresholds Object Properties
Parameter Type Description

gt

string

Greater than timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ). Cannot be present with gte.

gte

string

Greater than or equal timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ). Cannot be present with gt.

lt

string

Less than timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ). Cannot be present with lte.

lte

string

Less than or equal timestamp (format: yyyy-mm-ddThh:mm:ss.SSSZ). Cannot be present with le.

Example Request

curl -k -X POST \
https://autoid-ui.forgerock.com/api/datasink/query \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d '{
  "name": "IIQ",
  "certifyTimestamp": {
    "gt": "2021-11-19T10:01:19.937Z",
    "lte": "2021-11-20T10:01:19.937Z"
  }
}'

Example Response (Success)

[
  {
    "id": "b72c15b7-7dcb-44ac-b1d3-162565e360b4",
    "name": "IIQ",
    "certifyTimestamp": "2021-11-19T11:01:19.937Z",
    "auto_request_timestamp": "2021-10-01T10:01:19.937Z"
  },
  {
    "id": "9501810e-1480-4f41-80d4-bc97154fddeb",
    "name": "IIQ",
    "certifyTimestamp": "2021-11-20T09:01:19.937Z",
    "auto_request_timestamp": "2021-10-01T10:01:19.937Z"
  }
]

POST /api/datasink/update/timestamp

POST /api/datasink/update/timestamp

Update timestamps for a data sink entity.

Endpoint

/api/datasink/update/timestamp

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID)

autoCertifyTimestamp

object

Last auto-certify operation timestamp filter object (format: yyyy-mm-ddThh:mm:ss.SSSZ)

autoRequestTimestamp

object

Last auto-request operation timestamp filter object (format: yyyy-mm-ddThh:mm:ss.SSSZ)

certifyTimestamp

object

Last certify operation timestamp filter object (format: yyyy-mm-ddThh:mm:ss.SSSZ)

revokeTimestamp

object

Last revoke operation timestamp filter object (format: yyyy-mm-ddThh:mm:ss.SSSZ)

rolePublishTimestamp

object

Last role publish timestamp filter object (format: yyyy-mm-ddThh:mm:ss.SSSZ)

Example Request

curl -k -X POST \
https://autoid-ui.forgerock.com/api/datasink/update/timestamp \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d ' {
  "id": "87e341c0-c1aa-4b0e-9ae5-1384bb6de8fc",
  "certifyTimestamp": "2021-11-19T10:01:19.937Z",
  "revokeTimestamp": "2021-11-19T10:01:19.937Z"
}'

Example Response (Success)

{
  "message": "ok"
}

POST /api/datasink/query/logs

POST /api/datasink/query/logs

Query data sink logs. Optional filtering can be applied as a JSON request body outlined below.

Endpoint

/api/datasink/query/logs

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID)

name

string

Data sink name

Example Request

curl -k -X POST \
https://autoid-ui.forgerock.com/api/datasink/query/logs \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d '{
  "name": "IIQ"
}'

Example Response (Success)

[
  {
    "id": "5f8c48c5-8f70-43a0-a9a6-61d1b017dac7",
    "name": "IIQ",
    "certify_timestamp": "2021-10-01T10:01:19.937Z",
    "revokeTimestamp": "2021-10-23T10:01:19.937Z",
    "logs": [
      {
        "message": "log 1"
      },
      {
        "message": "log 2"
      }
    ]
  },
  {
    "id": "9c68c658-2d7d-487c-a0ce-6d9cdcc7eaf7",
    "name": "IIQ",
    "certify_timestamp": "2021-10-01T10:01:19.937Z",
    "revokeTimestamp": "2021-10-01T10:01:19.937Z",
    "logs": [
      {
        "message": "log 1"
      },
      {
        "message": "log 2"
      }
    ]
  }
]

POST /api/datasink/update/logs

POST /api/datasink/update/logs

Update data sink logs.

Endpoint

/api/datasink/update/logs

Authorization

<API Key>
JSON Body Parameters
Parameter Type Description

id

string

Data sink ID (format: UUID) (required)

logs

object

JSON logs object (required)

Example Request

curl -k -X POST \
https://autoid-ui.forgerock.com/api/datasink/update/logs \
-H 'X-API-KEY: <api key value>' \
-H 'Content-Type: application/json' \
-d '{
  "id": "87e341c0-c1aa-4b0e-9ae5-1384bb6de8fc",
  "logs": {
    "logs": [
      {
        "created": "2021-11-19T09:01:19.937Z",
        "type": "INFO",
        "message": "transaction started"
      },
      {
        "created": "2021-11-19T10:01:19.937Z",
        "type": "INFO",
        "message": "transaction successful"
      }
    ]
  }
}'

Example Response (Success)

{
  "message": "ok"
}