Automated commit 'IDNARSENAL-21734: create specs for new identities r…

…ole assignments endpoints (#1564)

IDNARSENAL-21734: create specs for new identities role assignments endpoints' by github action: 8239272377

idn/beta/paths/identities-role-assignment.yaml

@@ -0,0 +1,42 @@
+get:
+  operationId: getRoleAssignment
+  tags:
+    - Identities
+  summary: Get role assignment
+  security:
+    - UserContextAuth:
+        - "idn:identity:read"
+  parameters:
+    - in: path
+      name: identityId
+      schema:
+        type: string
+      required: true
+      description: Identity Id
+      example: "ef38f94347e94562b5bb8424a56397d8"
+    - in: path
+      name: assignmentId
+      schema:
+        type: string
+      required: true
+      description: Assignment Id
+      example: "1cbb0705b38c4226b1334eadd8874086"
+  responses:
+    "200":
+      description: A role assignment object
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/RoleAssignmentDto.yaml"
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "404":
+      $ref: "../../v3/responses/404.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"

idn/beta/paths/identities-role-assignments.yaml

@@ -0,0 +1,56 @@
+get:
+  operationId: getRoleAssignments
+  tags:
+    - Identities
+  summary: Get role assignments
+  description: >-
+    This returns either a list of Role Assignments when querying with either a Role Id or Role Name,
+    or a list of Role Assignment References if querying with only identity Id.
+  security:
+    - UserContextAuth:
+        - "idn:identity:read"
+  parameters:
+    - in: path
+      name: identityId
+      schema:
+        type: string
+      required: true
+      description: Identity Id to get the role assignments for
+      example: ef38f94347e94562b5bb8424a56397d8
+    - in: query
+      name: roleId
+      schema:
+        type: string
+      required: false
+      description: Role Id to filter the role assignments with
+      example: e7697a1e96d04db1ac7b0f4544915d2c
+    - in: query
+      name: roleName
+      schema:
+        type: string
+      required: false
+      description: Role name to filter the role assignments with
+      example: "Engineer"
+  responses:
+    "200":
+      description: A role assignment object
+      content:
+        application/json:
+          schema:
+            type: array
+            items:
+              anyOf:
+                - $ref: "../schemas/RoleAssignmentRef.yaml"
+                - $ref: "../schemas/RoleAssignmentDto.yaml"
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "404":
+      $ref: "../../v3/responses/404.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"

idn/beta/schemas/AccessRequestContext.yaml

@@ -0,0 +1,10 @@
+type: object
+properties:
+  requestedContext:
+    type: array
+    items:
+      $ref: "./ContextAttributeDto.yaml"
+  assignedContext:
+    type: array
+    items:
+      $ref: "./RoleMatchDto.yaml"

idn/beta/schemas/AccountInfoDto.yaml

@@ -0,0 +1,14 @@
+type: object
+properties:
+  nativeIdentity:
+    type: string
+    description: "The unique ID of the account generated by the source system"
+    example: "CN=Abby Smith,OU=Austin,OU=Americas,OU=Demo,DC=seri,DC=acme,DC=com"
+  displayName:
+    type: string
+    description: "Display name for this account"
+    example: "Abby.Smith"
+  uuid:
+    type: string
+    description: "UUID associated with this account"
+    example: "{ad9fc391-246d-40af-b248-b6556a2b7c01}"

idn/beta/schemas/ContextAttributeDto.yaml

@@ -0,0 +1,16 @@
+type: object
+properties:
+  attribute:
+    type: string
+    description: The name of the attribute
+    example: "location"
+  value:
+    oneOf:
+      - type: string
+        example: "Austin"
+      - type: array
+        items:
+          type: string
+          example: [ "Austin", "Houston", "Dallas" ]
+    description: The value of the attribute.  This can be either a string or a multi-valued string
+    example: "Austin"

idn/beta/schemas/RoleAssignmentDto.yaml

@@ -0,0 +1,62 @@
+type: object
+properties:
+  id:
+    type: string
+    description: "Assignment Id"
+    example: "1cbb0705b38c4226b1334eadd8874086"
+  role:
+    $ref: "./BaseReferenceDto.yaml"
+    description: "Role Id and Name related to this assignment"
+    example:
+      id: "e7697a1e96d04db1ac7b0f4544915d2c"
+      type: "ROLE"
+      name: "Engineer"
+  comments:
+    type: string
+    description: "Comments added by the user when the assignment was made"
+    example: "I'm a new Engineer and need this role to do my work"
+  assignmentSource:
+    type: string
+    description: "Source describing how this assignment was made"
+    example: "UI"
+  assigner:
+    $ref: "./BaseReferenceDto.yaml"
+    description: "The identity that performed the assignment. This could be blank or system"
+    example:
+      id: "2c9180867c184ff6017c2a2fbf031666"
+      type: "IDENTITY"
+      name: "Jeff Richardson"
+  assignedDimensions:
+    type: array
+    description: "Dimensions assigned related to this role"
+    example: [
+      {
+        "id": "1acc8ffe5fcf457090de28bee2af36ee",
+        "type": "DIMENSION",
+        "name": "Northeast region"
+      }
+    ]
+    items:
+      $ref: "./BaseReferenceDto.yaml"
+  accessRequestContext:
+    $ref: "./AccessRequestContext.yaml"
+    description: "The context around the access request for this assignment"
+    example:
+      requestedContext: [
+        {
+
+        }
+      ]
+      assignedContext: [
+        {
+
+        }
+      ]
+  accountTargets:
+    type: array
+    items:
+      $ref: "./RoleTargetDto.yaml"
+  removeDate:
+    type: string
+    description: "Date that the assignment will be removed"
+    example: "Wed Feb 14 10:58:42"

idn/beta/schemas/RoleAssignmentRef.yaml

@@ -0,0 +1,13 @@
+type: object
+properties:
+  id:
+    type: string
+    description: "Assignment Id"
+    example: "1cbb0705b38c4226b1334eadd8874086"
+  role:
+    $ref: "./BaseReferenceDto.yaml"
+    description: "Role Id and Name related to this assignment"
+    example:
+      id: "e7697a1e96d04db1ac7b0f4544915d2c"
+      type: "ROLE"
+      name: "Engineer"

idn/beta/schemas/RoleMatchDto.yaml

@@ -0,0 +1,10 @@
+type: object
+properties:
+  roleName:
+    type: string
+    description: The name of the role
+    example: "Engineer"
+  matchedAttributes:
+    type: array
+    items:
+      $ref: "./ContextAttributeDto.yaml"

idn/beta/schemas/RoleTargetDto.yaml

@@ -0,0 +1,15 @@
+type: object
+properties:
+  source:
+    $ref: "./BaseReferenceDto.yaml"
+    description: "Source Id and Name related to this assignment"
+    example:
+      id: "d18b74853739439986501ad180b27db6"
+      type: "SOURCE"
+      name: "Active Directory"
+  accountInfo:
+    $ref: "./AccountInfoDto.yaml"
+  roleName:
+    type: string
+    description: "Specific role name for this target if using multiple accounts"
+    example: "Marketing"

idn/sailpoint-api.beta.yaml

@@ -1245,6 +1245,10 @@ paths:
     $ref: './beta/paths/identity.yaml'
   /identities/process:
     $ref: './beta/paths/identities-process.yaml'
+  /identities/{identityId}/role-assignments/{assignmentId}:
+    $ref: './beta/paths/identities-role-assignment.yaml'
+  /identities/{identityId}/role-assignments:
+    $ref: './beta/paths/identities-role-assignments.yaml'
   /identity-attributes:
     $ref: './beta/paths/identity-attributes.yaml'
   /identity-attributes/{name}: