---
title: Access Review
description: The following are Identity Governance API Access Review endpoints:
component: identity-governance
version: 7.1.2
page_id: identity-governance:api-guide:chap-access-review-api
canonical_url: https://docs.pingidentity.com/identity-governance/7.1.2/api-guide/chap-access-review-api.html
section_ids:
admin_certification: Admin Certification
admin_policy: Admin Policy
admin_dashboard: Admin Dashboard
admin_settings: Admin Settings
certifier: Certifier
utility: Utility
---
# Access Review
The following are Identity Governance API Access Review endpoints:
## Admin Certification
* POST Cancel Certification(s)
Allows governance administrators to cancel certifications.
Endpoint
```
{{idmRoot}}/governance/adminCancelCert/{{certType}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Body
```
{
"ids": [
"{{certtocancelid}}"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/adminCancelCert/{{certtype}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"{{certtocancelid}}"
]
}'
```
* POST Cancel Ad-hoc User Certification
Create an ad-hoc user certification campaign.
Endpoint
```
{{idmRoot}}/governance/certification/user
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Body
```
{
"certObjectType":"user",
"name":"Quarterly Certification",
"description":"Scheduled certification to run every three months",
"frequency":"scheduled",
"schedule":"47 0 0 1 1/3 ?",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":"managed/role/2005"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"managed/role/2007",
"certifierType":"authzRoles",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/scheduledCertification/{{certtype}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"certObjectType":"user",
"name":"Quarterly Certification",
"description":"Scheduled certification to run every three months",
"frequency":"scheduled",
"schedule":"47 0 0 1 1/3 ?",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":"managed/role/2005"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"managed/role/2007",
"certifierType":"authzRoles",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
* POST Create Ad-hoc Object Certification
Create an ad-hoc object certification campaign.
Endpoint
```
{{idmRoot}}/governance/certification/object
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Body
```
{
"certObjectType":"role",
"name":"Object Certification",
"description":"Example object cert",
"frequency":"ad-hoc",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"name",
"targetValue":"Finance Lead"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"members":{
"selected":true
},
"description":{
"selected":true
},
"assignments":{
"selected":true
}
},
"certifyMetadata":true
},
"certifierName":"aclark",
"certifierType":"user",
"certifierKey":"",
"deadline":"2020-08-06T13:30:00-04:00",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"defaultCertifierType":"authzRoles",
"defaultCertifierName":"internal/role/governance-administrator",
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/certification/object' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"certObjectType":"role",
"name":"Object Certification",
"description":"Example object cert",
"frequency":"ad-hoc",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"name",
"targetValue":"Finance Lead"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"members":{
"selected":true
},
"description":{
"selected":true
},
"assignments":{
"selected":true
}
},
"certifyMetadata":true
},
"certifierName":"aclark",
"certifierType":"user",
"certifierKey":"",
"deadline":"2020-08-06T13:30:00-04:00",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"defaultCertifierType":"authzRoles",
"defaultCertifierName":"internal/role/governance-administrator",
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
* POST Create Scheduled Certification
Create a scheduled certification definition.
Endpoint
```
{{idmRoot}}/governance/scheduledCertification/{{certtype}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Body
```
{
"certObjectType":"user",
"name":"Quarterly Certification",
"description":"Scheduled certification to run every three months",
"frequency":"scheduled",
"schedule":"47 0 0 1 1/3 ?",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":"managed/role/2005"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"managed/role/2007",
"certifierType":"authzRoles",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/scheduledCertification/{{certtype}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"certObjectType":"user",
"name":"Quarterly Certification",
"description":"Scheduled certification to run every three months",
"frequency":"scheduled",
"schedule":"47 0 0 1 1/3 ?",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":"managed/role/2005"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"managed/role/2007",
"certifierType":"authzRoles",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
* POST Create Triggered Certification
Create a triggered certification definition.
Endpoint
```
{{idmRoot}}/governance/triggeredCertification/user?_action=create
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
_action create
```
Body
```
{
"certObjectType":"user",
"name":"Event Based Cert",
"description":"Test",
"frequency":"event-based",
"expression":"{\"operator\":\"changed\",\"operand\":{\"field\":\"manager\",\"value\":\"\"}}",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":""
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"",
"certifierType":"manager",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/triggeredCertification/user?_action=create' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"certObjectType":"user",
"name":"Event Based Cert",
"description":"Test",
"frequency":"event-based",
"expression":"{\"operator\":\"changed\",\"operand\":{\"field\":\"manager\",\"value\":\"\"}}",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":""
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"",
"certifierType":"manager",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
* POST Delete Scheduled Certification
Delete scheduled certification definitions.
Endpoint
```
{{idmRoot}}/governance/scheduledCertification/{{certtype}}?_action=delete
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
_action delete
```
Body
```
{
"ids": [
"26c64da2-a702-4cea-a79e-9879477049d4"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/scheduledCertification/{{certtype}}?_action=delete' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"26c64da2-a702-4cea-a79e-9879477049d4"
]
}'
```
* POST Delete Triggered Certification
Delete triggered certification definitions.
Endpoint
```
{{idmRoot}}/governance/triggeredCertification/{{certtype}}?_action=delete
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
_action delete
```
Body
```
{
"ids": [
"26c64da2-a702-4cea-a79e-9879477049d4"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/triggeredCertification/{{certtype}}?_action=delete' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"26c64da2-a702-4cea-a79e-9879477049d4"
]
}'
```
* POST Edit Scheduled Certification
Update a scheduled certification definition.
Endpoint
```
{{idmRoot}}/governance/scheduledCertification/{{certtype}}/26c64da2-a702-4cea-a79e-9879477049d4?_action=update
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
_action update
```
Body
```
{
"certObjectType":"user",
"name":"Quarterly Certification",
"description":"Scheduled certification to run every three months",
"frequency":"scheduled",
"schedule":"47 0 0 1 1/3 ?",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":"managed/role/2005"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"managed/role/2007",
"certifierType":"authzRoles",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/scheduledCertification/{{certtype}}/26c64da2-a702-4cea-a79e-9879477049d4?_action=update' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"certObjectType":"user",
"name":"Quarterly Certification",
"description":"Scheduled certification to run every three months",
"frequency":"scheduled",
"schedule":"47 0 0 1 1/3 ?",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":"managed/role/2005"
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"managed/role/2007",
"certifierType":"authzRoles",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
* POST Edit Triggered Certification
Update a triggered certification definition.
Endpoint
```
{{idmRoot}}/governance/triggeredCertification/{{certtype}}/{{triggeredusercertificationid}}?_action=update
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
_action update
```
Body
```
{
"certObjectType":"user",
"name":"Event Based Certification",
"description":"Test",
"frequency":"event-based",
"expression":"{\"operator\":\"changed\",\"operand\":{\"field\":\"manager\",\"value\":\"\"}}",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":""
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"",
"certifierType":"manager",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/triggeredCertification/{{certtype}}/{{triggeredusercertificationid}}?_action=update' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"certObjectType":"user",
"name":"Event Based Certification",
"description":"Test",
"frequency":"event-based",
"expression":"{\"operator\":\"changed\",\"operand\":{\"field\":\"manager\",\"value\":\"\"}}",
"targetFilter":{
"operator":"AND",
"operand":[
{
"operator":"EQUALS",
"operand":{
"targetName":"roles",
"targetValue":""
}
}
]
},
"stages":[
{
"name":"Stage 1",
"entitlementFilter":{
"attributes":{
"roles":{
"selected":true
}
}
},
"certifierName":"",
"certifierType":"manager",
"certifierKey":"",
"deadline":"14 days",
"escalationSchedule":[
],
"riskLevelFilter":[
]
}
],
"onExpire":"stageOnly",
"remediationProcess":"RemoveEntitlements"
}'
```
* GET Admin Event Details
Allows governance administrators to get event details.
Endpoint
```
{{idmRoot}}/governance/adminCertEventDetails/{{certtype}}/{{usercertificationid}}/{{stageIndex}}/{{eventIndex}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminCertEventDetails/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}/{{eventIndex}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Scheduled Certification
Read a scheduled certification definition.
Endpoint
```
{{idmRoot}}/governance/scheduledCertification/{{certtype}}/26c64da2-a702-4cea-a79e-9879477049d4
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
Content-Type application/json
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/scheduledCertification/{{certtype}}/26c64da2-a702-4cea-a79e-9879477049d4' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json'
```
* GET Get Certification
Get a specific certification.
Endpoint
```
{{idmRoot}}/governance/adminCertification/
{{certtype}}/
{{usercertificationid}}?status={{certStatus}}&pageNumber=0&pageSize={{pageSize}}&sortBy&q={{query}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
status Cert status ('active' or 'clased')
pageNumber 0 (Pagination control)
pageSize Page size (Size per page)
sortBy (Property to sort by)
q Query (Query for name)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminCertification/
{{certtype}}/
{{usercertificationid}}?status={{certStatus}}&pageNumber=0&pageSize={{pageSize}}&sortBy=&q={{query}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Admin Certification List
Get the certification list.
Endpoint
```
{{idmRoot}}/governance/adminCertList/
{{certtype}}/
{{usercertificationid}}?pageSize={{pageSize}}&pageNumber=0
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
pageSize Page size (Size per page)
pageNumber 0 (Pagination control)
sortBy (Property to sort by)
q Query (Query for name)
selected 0 (Selected stage)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminCertList/
{{certtype}}/
{{usercertificationid}}?pageSize={{pageSize}}&pageNumber=0' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Tasks For Specific User
Returns a list of tasks of the requested type that are assigned to the logged in user either directly or through a role.
Endpoint
```
{{idmRoot}}/governance/dashboard/{{userId}}?status=active&type=user
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
status active (active or closed)
type user (Type of task: user, object, violation)
pageNumber 0 (Pagination control)
pageSize Page size (Size per page)
sortBy (Property to sort by)
q Query (Query for name)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/dashboard/{{userId}}?status=active&type=user' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Triggered Certification
Read a triggered certification definition.
Endpoint
```
{{idmRoot}}/governance/triggeredCertification/{{certtype}}/{{triggeredusercertificationid}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/triggeredCertification/{{certtype}}/{{triggeredusercertificationid}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* GET Query Certifications
Query certification definitions.
Endpoint
```
{{idmRoot}}/governance/adminCertification/
{{certtype}}?status=active&pageNumber=0&pageSize=10&sortBy=nextDeadline
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
status active (active or closed)
pageNumber 0 (Pagination control)
pageSize 10 (Size per page)
sortBy nextDeadline
q**
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminCertification/
{{certtype}}?status=active&pageNumber=0&pageSize=10&sortBy=nextDeadline' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Query Scheduled Certifications
Query scheduled certification definitions.
Endpoint
```
{{idmRoot}}/governance/scheduledCertification/{{certtype}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
q Filter
sortBy Sort by field
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/scheduledCertification/{{certtype}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* GET Query Triggered Certifications
Query triggered certification definitions.
Endpoint
```
{{idmRoot}}/governance/triggeredCertification/
{{certtype}}?pageSize=10&sortBy=name&status=triggered&pageNumber=0
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
pageSize 10 (Size per page)
sortBy name (Sort by field)
status triggered
pageNumber 0
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/triggeredCertification/
{{certtype}}?pageSize=10&sortBy=name&status=triggered&pageNumber=0' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* POST Reassign Events
Bulk reassign events. Include eventIds in body to reassign specific events, else include campaignIds in body to reassign all events for the old certifier ID in the given campaigns. If neither eventIds nor campaignIds is present, will reassign ALL tasks for oldCertifierId to newCertifierId.
Endpoint
```
{{idmRoot}}/governance/certify/{{certtype}}/reassign
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
queryFilter Target a specific subset of events within the stage
```
Body raw
```
{
"newCertifierId": "",
"oldCertifierId": "",
"campaignIds": [
],
"eventIds": [
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/certify/{{certtype}}/reassign' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"newCertifierId": "",
"oldCertifierId": "",
"campaignIds": [
],
"eventIds": [
]
}'
```
* POST Remediate Certification
Call the basic remediation script on a certification event object. Content of request can be dependent on customizations to remediation script, however the example workflow will pass the entire event object to this endpoint. The OOTB script only requires the properties found in this example.
Endpoint
```
{{idmRoot}}/governance/remediation
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
field allowBulkCertify (Single setting ID to return)
```
Body raw
```
{
"remediationType": "revokeCertification",
"stageIndex": 0,
"stages": [
{
"eventData": {
"metadata": [],
"application": [],
"managedObject": [
{
"riskLevel": 0,
"comments": null,
"attributeValue": "AB123",
"values": [],
"attributeName": "Job Code",
"certifiable": 1,
"outcome": "revoke",
"objectType": "jobCode"
}
]
},
"longTargetId": "managed/user/138"
}
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/remediation' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"remediationType": "revokeCertification",
"stageIndex": 0,
"stages": [
{
"eventData": {
"metadata": [],
"application": [],
"managedObject": [
{
"riskLevel": 0,
"comments": null,
"attributeValue": "AB123",
"values": [],
"attributeName": "Job Code",
"certifiable": 1,
"outcome": "revoke",
"objectType": "jobCode"
}
]
},
"longTargetId": "managed/user/138"
}
]
}'
```
* POST Remediate Violation
Call the basic remediation script on a violation object. Content of request can be dependent on customizations to remediation script, however the example workflow will pass the entire violation object to this endpoint. The OOTB script only requires the targetId and the policy expression violated.
Endpoint
```
{{idmRoot}}/governance/remediation
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
field allowBulkCertify (Single setting ID to return)
```
Body raw
```
{
"targetId": "managed/user/1024",
"expression": "{'\''operator'\'':'\''EQUALS'\'','\''operand'\'':{'\''targetName'\'':'\''jobCode'\'','\''targetValue'\'':'\''AB123'\''}}",
"remediationType": "revokeViolation"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/remediation' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"targetId": "managed/user/1024",
"expression": "{'\''operator'\'':'\''EQUALS'\'','\''operand'\'':{'\''targetName'\'':'\''jobCode'\'','\''targetValue'\'':'\''AB123'\''}}",
"remediationType": "revokeViolation"
}'
```
## Admin Policy
* POST Cancel Exception
Cancel an existing violation exception. Admin action.
Endpoint
```
{{idmRoot}}/governance/violation/{{violationId}}?_action=cancelexception
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action cancelexception
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation/{{violationId}}?_action=cancelexception' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
}'
```
* POST Cancel Exception(s)
Bulk cancel violations.
Endpoint
```
{{idmRoot}}/governance/violation?_action=cancelexception
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
sortBy Sort key
q Query value
pageSize Page size(Results per page)
pageNumber 0 (Page number of results)
_action** cancelexception
```
Body raw
```
{
"ids": [
"{{exceptionToCancelId}}"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation?_action=cancelexception' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"{{exceptionToCancelId}}"
]
}'
```
* POST Cancel Violation
Cancel a violation.
Endpoint
```
{{idmRoot}}/governance/violation/{{violationId}}?_action=cancel
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action cancel
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation/{{violationId}}?_action=cancel' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
}'
```
* POST Cancel Violation(s)
Bulk cancel violations.
Endpoint
```
{{idmRoot}}/governance/violation?_action=cancel
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
sortBy Sort key
q Query value
pageSize Page size (Results per page)
pageNumber 0 (Page number of results)
_action** cancel
```
Body raw
```
{
"ids": [
"{{violationToCancelId}}"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation?_action=cancel' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"{{violationToCancelId}}"
]
}'
```
* POST Comment on Violation
Comment on a violation. Owner action.
Endpoint
```
{{idmRoot}}/governance/violation/{{violationId}}?_action=comment
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action comment
```
Body raw
```
{
"comments": "Comments to add"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation/{{violationId}}?_action=comment' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"comments": "Comments to add"
}'
```
* POST Configure a Reactive Scan
Configure the information for reactive policy scans.
Endpoint
```
{{idmRoot}}/governance/policyScan?_action=configure
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action configure
```
Body raw
```
{
"expirationDate":"15 days",
"escalationSchedule":[]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/policyScan?_action=configure' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"expirationDate":"15 days",
"escalationSchedule":[]
}'
```
* POST Create Ad-hoc Policy Scan
Creates and runs an ad-hoc policy scan.
Endpoint
```
{{idmRoot}}/governance/policyScan?_action=adhoc
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action adhoc
```
Body raw
```
{
"name":"Adhoc Scan",
"scanType":"ad-hoc",
"schedule":"",
"targetFilter":{
"operator":"ALL",
"operand":[
]
},
"policies":[
"managed/policy/9b929e44-e120-4988-95b3-6306b4fa0533"
],
"expirationDate":"07/31/2020",
"escalationSchedule":[
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/policyScan?_action=adhoc' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"name":"Adhoc Scan",
"scanType":"ad-hoc",
"schedule":"",
"targetFilter":{
"operator":"ALL",
"operand":[
]
},
"policies":[
"managed/policy/9b929e44-e120-4988-95b3-6306b4fa0533"
],
"expirationDate":"07/31/2020",
"escalationSchedule":[
]
}'
```
* POST Create Scheduled Policy Scan
Creates a scheduled policy scan.
Endpoint
```
{{idmRoot}}/governance/policyScan?_action=scheduled
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action scheduled
```
Body raw
```
{
"name":"Scheduled scan monthly",
"scanType":"scheduled",
"schedule":"28 2 0 1 1/1 ?",
"targetFilter":{
"operator":"ALL",
"operand":[
]
},
"policies":[
"managed/policy/9b929e44-e120-4988-95b3-6306b4fa0533"
],
"expirationDuration":"7 days",
"escalationSchedule":[
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/policyScan?_action=scheduled' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"name":"Scheduled scan monthly",
"scanType":"scheduled",
"schedule":"28 2 0 1 1/1 ?",
"targetFilter":{
"operator":"ALL",
"operand":[
]
},
"policies":[
"managed/policy/9b929e44-e120-4988-95b3-6306b4fa0533"
],
"expirationDuration":"7 days",
"escalationSchedule":[
]
}'
```
* POST Create Policy
Creates a new policy.
Endpoint
```
{{idmRoot}}/governance/adminPolicy?action=create
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
action create
```
Body raw
```
{
"name":"Policy Name",
"description":"Example policy",
"expression":"{\"operator\":\"EQUALS\",\"operand\":{\"targetName\":\"roles\",\"targetValue\":\"managed/role/2003\"}}",
"riskLevel":"1",
"ownerType":"user",
"owner":{
"_ref":"managed/user/357"
},
"remediationProcess":"{{violationRemediationWorkflow}}",
"active":"true"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/adminPolicy?action=create' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"name":"Policy Name",
"description":"Example policy",
"expression":"{\"operator\":\"EQUALS\",\"operand\":{\"targetName\":\"roles\",\"targetValue\":\"managed/role/2003\"}}",
"riskLevel":"1",
"ownerType":"user",
"owner":{
"_ref":"managed/user/357"
},
"remediationProcess":"{{violationRemediationWorkflow}}",
"active":"true"
}'
```
* POST Delete Policies
Delete policies from the system.
Endpoint
```
{{idmRoot}}/governance/adminPolicy?action=delete
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
action delete
```
Body raw
```
{
"ids": [
"{{policyToDeleteId}}"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/adminPolicy/policies?action=delete' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"{{policyToDeleteId}}"
]
}'
```
* POST Delete Policy Scans
Delete scheduled policy scans from the system.
Endpoint
```
{{idmRoot}}/governance/adminPolicy/policies?action=delete
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
action delete
```
Body raw
```
{
"ids": [
"{{scanToCancelId}}"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/adminPolicy/policies?action=delete' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"{{scanToCancelId}}"
]
}'
```
* POST Delete Scheduled Policy Scans
Delete policy scan definitions.
Endpoint
```
{{idmRoot}}/governance/adminPolicy/policies?action=delete
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
action delete
```
Body raw
```
{
"ids": [
"{{scheduledScanId}}"
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/policyScan?_action=delete' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"ids": [
"{{scheduledScanId}}"
]
}'
```
* POST Edit Policy
Edit an existing policy.
Endpoint
```
{{idmRoot}}/governance/adminPolicy/{{policyId}}?action=update
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
action update
```
Body raw
```
{
"name":"Policy Create Test",
"description":"Testing a created policy update",
"expression":"{\"operator\":\"EQUALS\",\"operand\":{\"targetName\":\"roles\",\"targetValue\":\"managed/role/2003\"}}",
"riskLevel":"1",
"ownerType":"user",
"owner":{
"_ref":"managed/user/357"
},
"remediationProcess":"RevokeResources",
"active":"true"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/adminPolicy/{{policyId}}?action=update' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"name":"Policy Create Test",
"description":"Testing a created policy update",
"expression":"{\"operator\":\"EQUALS\",\"operand\":{\"targetName\":\"roles\",\"targetValue\":\"managed/role/2003\"}}",
"riskLevel":"1",
"ownerType":"user",
"owner":{
"_ref":"managed/user/357"
},
"remediationProcess":"RevokeResources",
"active":"true"
}'
```
* PUT Edit Scheduled Policy Scan
Edit a scheduled policy scan definition.
Endpoint
```
{{idmRoot}}/governance/policyScan/{{scheduledScanId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Body raw
```
{
"name":"Scheduled scan monthly",
"scanType":"scheduled",
"schedule":"28 2 0 1 1/1 ?",
"targetFilter":{
"operator":"ALL",
"operand":[
]
},
"policies":[
"managed/policy/9b929e44-e120-4988-95b3-6306b4fa0533"
],
"expirationDuration":"7 days",
"escalationSchedule":[
]
}'
```
Example Request
```
curl --location -g --request PUT '{{idmRoot}}/governance/policyScan/{{scheduledScanId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"name":"Scheduled scan monthly",
"scanType":"scheduled",
"schedule":"28 2 0 1 1/1 ?",
"targetFilter":{
"operator":"ALL",
"operand":[
]
},
"policies":[
"managed/policy/9b929e44-e120-4988-95b3-6306b4fa0533"
],
"expirationDuration":"7 days",
"escalationSchedule":[
]
}'
```
* GET get Active Policy Scans
Query active policy scans.
Endpoint
```
{{idmRoot}}/governance/activePolicyScan}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/activePolicyScan' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Individual Policy Scan
Query an individual policy scan.
Endpoint
```
{{idmRoot}}/governance/activePolicyScan}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/activePolicyScan/{{activePolicyScanId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Reactive Scan Configuration
Read reactive scan configuration.
Endpoint
```
{{idmRoot}}/governance/policyScan/reactive
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/policyScan/reactive' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* GET Get Violation
Read a specific violation, as governance administrator.
Endpoint
```
{{idmRoot}}/governance/violation/{{violationId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/violation/{{violationId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Grant Exception to Violation
Grant an exception for the violation. Owner action.
Endpoint
```
{{idmRoot}}/governance/violation/{{violationId}}?_action=approve
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Body raw
```
{
"comments": "Exception justification",
"exceptionEndDate": "2020-06-09T10:28:46-04:00"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation/{{violationId}}?_action=approve' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"comments": "Exception justification",
"exceptionEndDate": "2020-06-09T10:28:46-04:00"
}'
```
* GET Query Policies
Query existing policies as a governance administrator.
Endpoint
```
{{idmRoot}}/governance/adminPolicy/policies?pageSize={{pageSize}}&pageNumber=0
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
pageSize Page size (Number of results per page)
pageNumber 0 (current results page)
sortBy Sort key
q Query value
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminPolicy/policies?pageSize={{pageSize}}&pageNumber=0' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
```
* GET Query Policy Scans
Query policy scans.
Endpoint
```
{{idmRoot}}/governance/policyScan?q&pageSize=10&pageNumber=0
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
q Query value
pageSize Page size (Number of results per page)
pageNumber 0 (current results page)
sortBy Field to sort by
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/policyScan?q=&pageSize=10&pageNumber=0' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* GET Query Violations
Query violations as a governance administrator.
Endpoint
```
{{idmRoot}}/governance/violation/admin?status=active
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
status active (Violation status: active/closed/exception)
target Violation target user
owner Violation owner
sortBy Sort key
q Query value
pageSize Page size (Number of results per page)
pageNumber 0 (current results page)
fields Fields to return
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/violation/admin?status=active' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Read Scheduled Policy Scan
Read a scheduled policy scan definition.
Endpoint
```
{{idmRoot}}/governance/policyScan/{{scheduledScanId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/policyScan/{{scheduledScanId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* GET Reassign Violation(s)
Bulk reassign violations. Must include a new owner id to reassign to. To reassign select violations, include an array of IDs corresponding to the intended violations. To reassign all of a given user's violations, include an oldOwnerId in lieu of the IDs array.
Endpoint
```
{{idmRoot}}/governance/violation?_action=reassign
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
sortBy Sort key
q Query value
pageSize Page size (Number of results per page)
pageNumber 0 (current results page)
_action reassign
```
Body raw
```
{
"newOwnerId": "{{newOwnerId}}",
"ids": [
"{{violationToReassignId}}"
]
}'
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation?_action=reassign' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"newOwnerId": "{{newOwnerId}}",
"ids": [
"{{violationToReassignId}}"
]
}'
```
* POST Remediate Violation
Kick off the remediation process for the violation. Owner action.
Endpoint
```
{{idmRoot}}/governance/violation/{{violationId}}?_action=remediate
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action remediate
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/violation/{{violationId}}?_action=remediate' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
}'
```
* POST Run Reactive Scan
Runs a reactive scan for all policies against a given user.
Endpoint
```
{{idmRoot}}/governance/policyScan?_action=reactive
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
_action reactive
```
Body raw
```
{
"userId": "{{userId}}"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/policyScan?_action=reactive' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"userId": "{{userId}}"
}'
```
## Admin Dashboard
* GET Get Admin Dashboard Metrics
Get the admin dashboard statistics.
Endpoint
```
{{idmRoot}}/governance/adminDashboard
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminDashboard' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get Individual Admin Dashboard Metric
Query for a single admin dashboard statistic, using the stat ID.
Endpoint
```
{{idmRoot}}/governance/adminDashboard/{{statId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminDashboard/{{statId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Query Entitlements with History
Returns a list of the available entitlements that are stored within the certification history repo object. Used by the admin dashboard to allow the user to query for a specific entitlement's history.
Endpoint
```
{{idmRoot}}/governance/adminDashboard?action=getStoredEntitlements&q=
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Params
```
field allowBulkCertify (Single setting ID to return)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminDashboard?action=getStoredEntitlements&q=' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Query Policy Violation Results
Returns the results of all policy violations, organized by policy. Can provide an optional policy id (e.g. managed/policy/{{ID}}) to get information for a specific policy.
Endpoint
```
{{idmRoot}}/governance/adminDashboard?action=getPolicyTotals
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
action getPolicyTotals (Dashboard action)
id managed/policy/99b41c9e-de1b-447e-92b8-cc2546a8b40 (Policy to search for, in long id format, option)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/adminDashboard?action=getPolicyTotals' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Get User Certification Profile
Get certification profile for a given user.
Endpoint
```
{{idmRoot}}/governance/userEventData/user/{{userId}}?system=IDM
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
```
Params
```
system IDM
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/userEventData/user/{{userId}}?system=IDM' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}'
```
* GET Get Entitlement Certification History
Get certification history for a single entitlement.
Endpoint
```
{{idmRoot}}/governance/userEventData/object?targetId={{entitlementId}}
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
```
Params
```
targetId entitlementId (Entitlement to get certification history for)
history true (Return individual certification history of item)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/userEventData/object?targetId={{entitlementId}}' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}'
```
## Admin Settings
* PUT Edit Notification
Update a specific governance notification.
Endpoint
```
{{idmRoot}}/governance/notification/{{notificationId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type: application/json
```
Body raw
```
{
"_id":"CERTIFICATION_CREATED_ADHOC",
"displayName":"Certification Creation Adhoc",
"from":"governanceNotifier@Ping Identity.com",
"to":"${x.toEmailAddress}",
"cc":"",
"subject":"ATTENTION: Certification Task Assigned",
"type":"text/html",
"body":"A certification task for $x.certificationName was assigned to you from an ad hoc certification campaign.
Please log into FRGovernance as soon as you are able to review and complete the certification Task.",
"enabled":true
}
```
Example Request
```
curl --location -g --request PUT '{{idmRoot}}/governance/notification/{{notificationId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"_id":"CERTIFICATION_CREATED_ADHOC",
"displayName":"Certification Creation Adhoc",
"from":"governanceNotifier@Ping Identity.com",
"to":"${x.toEmailAddress}",
"cc":"",
"subject":"ATTENTION: Certification Task Assigned",
"type":"text/html",
"body":"A certification task for $x.certificationName was assigned to you from an ad hoc certification campaign.
Please log into FRGovernance as soon as you are able to review and complete the certification Task.",
"enabled":true
}'
```
* GET Get Access Review System Settings
Get access review settings.
Endpoint
```
{{idmRoot}}/governance/systemSettings
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
**field allowBulkCertify (Single setting ID to return)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/systemSettings' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Query Access Review Notifications
Query for governance notifications.
Endpoint
```
{{idmRoot}}/governance/notification?_queryId=query-all-ids
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
_queryId query-all-ids
**type role (Single managed object to fetch)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/notification?_queryId=query-all-ids' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* GET Read Notification
Read a specific governance notification.
Endpoint
```
{{idmRoot}}/governance/notification/{{notificationId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
**type role (Single managed object to fetch)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/notification/{{notificationId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* POST Update Access Review System Settings
Update the governance settings.
Endpoint
```
{{idmRoot}}/governance/systemSettings
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
**field allowBulkCertify (Single setting ID to return)
```
Body raw
```
{
"_id": "",
"systemSettings": [
{
"section": "General",
"fields": [
{
"id": "allowBulkCertify",
"type": "boolean",
"value": false
}
]
},
{
"section": "Display",
"fields": [
{
"id": "userDisplayFormat",
"type": "string",
"value": "{{givenName}} {{sn}} ({{userName}})"
}
]
},
{
"section": "Delegation",
"fields": [
{
"id": "delegationEnabled",
"type": "boolean",
"value": false
},
{
"id": "userDelegate",
"type": "dropdown",
"value": "manager"
}
]
},
{
"section": "Risk Level Management",
"fields": [
{
"id": "riskLevel",
"type": "dblSlider",
"value": {
"lower": 5,
"higher": 6
}
}
]
},
{
"section": "Custom attribute mapping",
"fields": [
{
"id": "userAttrMappings",
"type": "dropdown",
"attributes": [
{
"id": "givenName",
"value": "givenName"
},
{
"id": "sn",
"value": "sn"
},
{
"id": "mail",
"value": "mail"
}
]
}
]
},
{
"section": "Menu Management",
"fields": [
{
"id": "menuManagement",
"type": "string",
"value": []
}
]
}
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/systemSettings' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"_id": "",
"systemSettings": [
{
"section": "General",
"fields": [
{
"id": "allowBulkCertify",
"type": "boolean",
"value": false
}
]
},
{
"section": "Display",
"fields": [
{
"id": "userDisplayFormat",
"type": "string",
"value": "{{givenName}} {{sn}} ({{userName}})"
}
]
},
{
"section": "Delegation",
"fields": [
{
"id": "delegationEnabled",
"type": "boolean",
"value": false
},
{
"id": "userDelegate",
"type": "dropdown",
"value": "manager"
}
]
},
{
"section": "Risk Level Management",
"fields": [
{
"id": "riskLevel",
"type": "dblSlider",
"value": {
"lower": 5,
"higher": 6
}
}
]
},
{
"section": "Custom attribute mapping",
"fields": [
{
"id": "userAttrMappings",
"type": "dropdown",
"attributes": [
{
"id": "givenName",
"value": "givenName"
},
{
"id": "sn",
"value": "sn"
},
{
"id": "mail",
"value": "mail"
}
]
}
]
},
{
"section": "Menu Management",
"fields": [
{
"id": "menuManagement",
"type": "string",
"value": []
}
]
}
]
}'
```
## Certifier
* POST Event Action - Certify
Certify an entire event.
Endpoint
```
{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}/{{eventIndex}}?action=certify&actingId={{certifierId}}
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
Content-Type: application/json
```
Params
```
_action certify (Action to take: certify, revoke, abstain, certify-remaining, reset, comment, claim, reassign)
actingId {{certifierId}} (ID of acting certifier (user or role)
queryFilter Target a specific subset of events within the stage
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}/{{eventIndex}}?action=certify&actingId={{certifierId}}' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{}'
```
* GET Get Certification List
Get the certifier view of the events in a campaign.
Endpoint
```
{{idmRoot}}/governance/certificationList/
{{certtype}}/
{{usercertificationid}}?pageSize={{pageSize}}&pageNumber=0
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
```
Params
```
pageSize Page size
pageNumber 0
sortBy
q
selected 0 (selected stage)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/certificationList/
{{certtype}}/
{{usercertificationid}}?pageSize={{pageSize}}&pageNumber=0' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}'
```
* GET Get Certifier Event Details
Get the certifier view of an event.
Endpoint
```
{{idmRoot}}/governance/certificationEventDetails/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}/{{eventIndex}}
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/certificationEventDetails/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}/{{eventIndex}}' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}'
```
* GET Get User Tasks
Returns a list of tasks of the requested type that are assigned to the logged in user either directly or through a role.
Endpoint
```
{{idmRoot}}/governance/dashboard?status=active&type=user
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
```
Params
```
status active (Active or closed)
type user (Type of task: user, object, violation)
pageNumber 0 (Page number)
pageSize Page size (Number of results per page)
sortBy Property to sorty by
q String to sort by
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/dashboard?status=active&type=user' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}'
```
* POST Stage Action - Certify Remaining
Certify remaining events in a stage.
Endpoint
```
{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}?action=certify-remaining&actingId={{certifierId}}
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
Content-Type application/json
```
Params
```
action certify-remaining (action to take: certify-remaining, reset, sign-off)
actingId {{certifierId}} (ID of acting certifier: user or role)
queryFilter Target a specific subset of events within the stage
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}?action=certify-remaining&actingId={{certifierId}}' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{}'
```
* POST Stage Action - Reset
Reset events in a stage.
Endpoint
```
{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}?action=reset&actingId={{certifierId}}
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
Content-Type application/json
```
Params
```
action reset (action to take: certify-remaining, reset, sign-off)
actingId {{certifierId}} (ID of acting certifier: user or role)
queryFilter Target a specific subset of events within the stage
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}?action=reset&actingId={{certifierId}}' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{}'
```
* POST Stage Action - Sign-off
Sign-off completed events in a stage.
Endpoint
```
{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}?action=sign-off&actingId={{certifierId}}
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
Content-Type application/json
```
Params
```
action sign-off (action to take: certify-remaining, reset, sign-off)
actingId {{certifierId}} (ID of acting certifier: user or role)
queryFilter Target a specific subset of events within the stage
```
Body raw
```
{}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/certify/
{{certtype}}/
{{usercertificationid}}/{{stageIndex}}?action=sign-off&actingId={{certifierId}}' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{}'
```
* GET Get User Violation Tasks
Get the violations that belong to the logged in user.
Endpoint
```
{{idmRoot}}/governance/violation?status=active
```
Headers
```
X-OpenIDM-Username {{endUserUsername}}
X-OpenIDM-Password {{endUserPassword}}
```
Params
```
status active (Violation status: active, closed, exception)
sortBy Sort key
q Query value
pageSize Page size (Results per page)
pageNumber 0 (page number of results)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/violation?status=active' \
--header 'X-OpenIDM-Username: {{endUserUsername}}' \
--header 'X-OpenIDM-Password: {{endUserPassword}}'
```
## Utility
* GET Get Candidates For Object Attribute
Get possible values for the given attribute on the given managed object type.
Endpoint
```
{{idmRoot}}/governance/getRelationshipObjects?managedObject=user&attribute=authzRoles
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
managedObject user
attribute authzRoles
pageNumber 0 (page number of results)
pageSize Page size (Results per page)
sortKey
ascOrder
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/getRelationshipObjects?managedObject=user&attribute=authzRoles' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json'
```
* POST Get Candidates For Object Attribute With Filter
Get possible values for the given attribute on the given managed object type, filtered by provided query.
Endpoint
```
{{idmRoot}}/governance/getRelationshipObjects?managedObject=user&attribute=authzRoles
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
managedObject user
attribute authzRoles
pageNumber 0 (page number of results)
pageSize Page size (Results per page)
sortKey
ascOrder
```
Body raw
```
{
"query": [
{
"attribute": "name",
"operator": "co",
"path": "managed/role",
"value": "Admin"
}
]
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/getRelationshipObjects?managedObject=user&attribute=authzRoles' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"query": [
{
"attribute": "name",
"operator": "co",
"path": "managed/role",
"value": "Admin"
}
]
}'
```
* GET Get Managed Object and System Information
Get the schema and configuration for managed objects and configured systems.
Endpoint
```
{{idmRoot}}/governance/managedObjectConfig
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
```
Params
```
type role (Single managed object to fetch)
```
Example Request
```
curl --location -g --request GET '{{idmRoot}}/governance/managedObjectConfig' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}'
```
* POST Parse Target Filter
Run expression parser on given managed object type.
Endpoint
```
{{idmRoot}}/governance/expressionParser/user?_action=parse
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
_action parse
```
Body raw
```
{
"operator":"EQUALS",
"operand": {
"targetName":"accountStatus",
"targetValue":"active"
}
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/expressionParser/user?_action=parse' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"operator":"EQUALS",
"operand": {
"targetName":"accountStatus",
"targetValue":"active"
}
}'
```
* POST Send Access Review Notification
Get possible values for the given attribute on the given managed object type, filtered by provided query.
Endpoint
```
{{idmRoot}}/governance/sendNotification/{{notificationId}}
```
Headers
```
X-OpenIDM-Username {{governanceAdminUsername}}
X-OpenIDM-Password {{gpvernanceAdminPassword}}
Content-Type application/json
```
Params
```
pageNumber 0 (page number of results)
pageSize Page size (Results per page)
sortKey
ascOrder
```
Body raw
```
{
"toEmailAddress": "managed/user/1024",
"certificationName": "Example Certification"
}
```
Example Request
```
curl --location -g --request POST '{{idmRoot}}/governance/sendNotification/{{notificationId}}' \
--header 'X-OpenIDM-Username: {{governanceAdminUsername}}' \
--header 'X-OpenIDM-Password: {{gpvernanceAdminPassword}}' \
--header 'Content-Type: application/json' \
--data-raw '{
"toEmailAddress": "managed/user/1024",
"certificationName": "Example Certification"
}'
```