List Campaign Templates​
List Campaign Templates
Query Parameters
- limit int32
Possible values:
<= 250
Default value:
250
Max number of results to return. See V3 API Standard Collection Parameters for more information.
Example: 250 - offset int32
Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.
- count boolean
If true it will populate the X-Total-Count response header with the number of results that would be returned if limit and offset were ignored.
Since requesting a total count can have a performance impact, it is recommended not to send count=true if that value will not be used.
See V3 API Standard Collection Parameters for more information.
Example: true - sorters comma-separated
Sort results using the standard syntax described in V3 API Standard Collection Parameters
Sorting is supported for the following fields: name, created, modified
- filters comma-separated
Filter results using the standard syntax described in V3 API Standard Collection Parameters
Filtering is supported for the following fields: name, id
- 200
- 400
- 401
- 403
- 429
- 500
List of campaign template objects
- application/json
- Schema
- Example (from schema)
- Example
Schema array
- id string
Id of the campaign template
- name string
This template's name. Has no bearing on generated campaigns' names.
- description string
This template's description. Has no bearing on generated campaigns' descriptions.
- created date-time
Creation date of Campaign Template
- modified date-time
Modification date of Campaign Template
- scheduled boolean
Indicates if this campaign template has been scheduled.
ownerRef object
The owner of this template, and the owner of campaigns generated from this template via a schedule. This field is automatically populated at creation time with the current user.
id stringId of the owner
type stringPossible values: [
IDENTITY
]Type of the owner
name stringName of the owner
email stringEmail of the owner
- deadlineDuration string
The time period during which the campaign should be completed, formatted as an ISO-8601 Duration. When this template generates a campaign, the campaign's deadline will be the current date plus this duration. For example, if generation occurred on 2020-01-01 and this field was "P2W" (two weeks), the resulting campaign's deadline would be 2020-01-15 (the current date plus 14 days).
campaign object
id stringId of the campaign
name stringThe campaign name. If this object is part of a template, special formatting applies; see the
/campaign-templates/{id}/generate
endpoint documentation for details.description stringThe campaign description. If this object is part of a template, special formatting applies; see the
/campaign-templates/{id}/generate
endpoint documentation for details.deadline date-timeThe campaign's completion deadline.
type stringPossible values: [
MANAGER
,SOURCE_OWNER
,SEARCH
,ROLE_COMPOSITION
]The type of campaign. Could be extended in the future.
emailNotificationEnabled booleanDefault value:
false
Enables email notification for this campaign
autoRevokeAllowed booleanDefault value:
false
Allows auto revoke for this campaign
recommendationsEnabled booleanDefault value:
false
Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.
status stringPossible values: [
PENDING
,STAGED
,CANCELING
,ACTIVATING
,ACTIVE
,COMPLETING
,COMPLETED
,ERROR
,ARCHIVED
]The campaign's current status.
correlatedStatus stringPossible values: [
CORRELATED
,UNCORRELATED
]The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).
created date-timeCreated time of the campaign
modified date-timeModified time of the campaign
filter object
Determines which items will be included in this campaign. The default campaign filter is used if this field is left blank.
id stringThe ID of whatever type of filter is being used.
type stringPossible values: [
CAMPAIGN_FILTER
,RULE
]Type of the filter
name stringName of the filter
sunsetCommentsRequired booleanDefault value:
true
Determines if comments on sunset date changes are required.
sourceOwnerCampaignInfo object
Must be set only if the campaign type is SOURCE_OWNER.
sourceIds string[]The list of sources to be included in the campaign.
searchCampaignInfo object
Must be set only if the campaign type is SEARCH.
type stringPossible values: [
IDENTITY
,ACCESS
]The type of search campaign represented.
description stringDescribes this search campaign. Intended for storing the query used, and possibly the number of identities selected/available.
reviewer object
If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP
type stringPossible values: [
ACCOUNT_CORRELATION_CONFIG
,ACCESS_PROFILE
,ACCESS_REQUEST_APPROVAL
,ACCOUNT
,APPLICATION
,CAMPAIGN
,CAMPAIGN_FILTER
,CERTIFICATION
,CLUSTER
,CONNECTOR_SCHEMA
,ENTITLEMENT
,GOVERNANCE_GROUP
,IDENTITY
,IDENTITY_PROFILE
,IDENTITY_REQUEST
,LIFECYCLE_STATE
,PASSWORD_POLICY
,ROLE
,RULE
,SOD_POLICY
,SOURCE
,TAG
,TAG_CATEGORY
,TASK_RESULT
,REPORT_RESULT
,SOD_VIOLATION
,ACCOUNT_ACTIVITY
]DTO type
id stringID of the object to which this reference applies
name stringHuman-readable display name of the object to which this reference applies
query stringThe scope for the campaign. The campaign will cover identities returned by the query and identities that have access items returned by the query. One of
query
oridentityIds
must be set.identityIds string[]Possible values:
<= 1000
A direct list of identities to include in this campaign. One of
identityIds
orquery
must be set.accessConstraints object[]
Possible values:
<= 1000
Further reduces the scope of the campaign by excluding identities (from
query
oridentityIds
) that do not have this access.type stringPossible values: [
ENTITLEMENT
,ACCESS_PROFILE
,ROLE
]Type of Access
ids string[]Must be set only if operator is SELECTED.
operator stringPossible values: [
ALL
,SELECTED
]Used to determine whether the scope of the campaign should be reduced for selected ids or all.
roleCompositionCampaignInfo object
Optional configuration options for role composition campaigns.
reviewer object
If specified, this identity or governance group will be the reviewer for all certifications in this campaign. The allowed DTO types are IDENTITY and GOVERNANCE_GROUP
type stringPossible values: [
ACCOUNT_CORRELATION_CONFIG
,ACCESS_PROFILE
,ACCESS_REQUEST_APPROVAL
,ACCOUNT
,APPLICATION
,CAMPAIGN
,CAMPAIGN_FILTER
,CERTIFICATION
,CLUSTER
,CONNECTOR_SCHEMA
,ENTITLEMENT
,GOVERNANCE_GROUP
,IDENTITY
,IDENTITY_PROFILE
,IDENTITY_REQUEST
,LIFECYCLE_STATE
,PASSWORD_POLICY
,ROLE
,RULE
,SOD_POLICY
,SOURCE
,TAG
,TAG_CATEGORY
,TASK_RESULT
,REPORT_RESULT
,SOD_VIOLATION
,ACCOUNT_ACTIVITY
]DTO type
id stringID of the object to which this reference applies
name stringHuman-readable display name of the object to which this reference applies
roleIds string[]Optional list of roles to include in this campaign. Only one of
roleIds
andquery
may be set; if neither are set, all roles are included.remediatorRef object
This determines who remediation tasks will be assigned to. Remediation tasks are created for each revoke decision on items in the campaign. The only legal remediator type is 'IDENTITY', and the chosen identity must be a Role Admin or Org Admin.
type stringPossible values: [
IDENTITY
]Legal Remediator Type
id stringThe ID of the remediator.
name stringThe name of the remediator.
query stringOptional search query to scope this campaign to a set of roles. Only one of
roleIds
andquery
may be set; if neither are set, all roles are included.description stringDescribes this role composition campaign. Intended for storing the query used, and possibly the number of roles selected/available.
alerts object[]
A list of errors and warnings that have accumulated.
level stringPossible values: [
ERROR
,WARN
,INFO
]Denotes the level of the message
localizations object[]
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
totalCertifications integerThe total number of certifications in this campaign.
completedCertifications integerThe number of completed certifications in this campaign.
sourcesWithOrphanEntitlements object[]
A list of sources in the campaign that contain \"orphan entitlements\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).
id stringId of the source
type stringPossible values: [
SOURCE
]Type
name stringName of the source
mandatoryCommentRequirement stringPossible values: [
ALL_DECISIONS
,REVOKE_ONLY_DECISIONS
,NO_DECISIONS
]Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.
[
{
"id": "2c9079b270a266a60170a277bb960008",
"name": "Manager Campaign Template",
"description": "Template for the annual manager campaign.",
"created": "2020-03-05T22:44:00.364Z",
"modified": "2020-03-05T22:52:09.969Z",
"scheduled": false,
"ownerRef": {
"id": "2c918086676d3e0601677611dbde220f",
"type": "IDENTITY",
"name": "Mister Manager",
"email": "mr.manager@example.com"
},
"deadlineDuration": "P2W",
"campaign": {
"id": "2c9079b270a266a60170a2779fcb0007",
"name": "Manager Campaign",
"description": "Everyone needs to be reviewed by their manager",
"deadline": "2020-03-15T10:00:01.456Z",
"type": "MANAGER",
"emailNotificationEnabled": false,
"autoRevokeAllowed": false,
"recommendationsEnabled": true,
"status": "ACTIVE",
"correlatedStatus": "CORRELATED",
"created": "2020-03-03T22:15:13.611Z",
"modified": "2020-03-03T22:20:12.674Z",
"filter": {
"id": "0fbe863c063c4c88a35fd7f17e8a3df5",
"type": "CAMPAIGN_FILTER",
"name": "Test Filter"
},
"sunsetCommentsRequired": true,
"sourceOwnerCampaignInfo": {
"sourceIds": [
"0fbe863c063c4c88a35fd7f17e8a3df5"
]
},
"searchCampaignInfo": {
"type": "ACCESS",
"description": "Search Campaign description",
"reviewer": {
"type": "IDENTITY",
"id": "2c91808568c529c60168cca6f90c1313",
"name": "William Wilson"
},
"query": "Search Campaign query description",
"identityIds": [
"0fbe863c063c4c88a35fd7f17e8a3df5"
],
"accessConstraints": [
{
"type": "ENTITLEMENT",
"ids": [
"2c90ad2a70ace7d50170acf22ca90010"
],
"operator": "SELECTED"
}
]
},
"roleCompositionCampaignInfo": {
"reviewer": {
"type": "IDENTITY",
"id": "2c91808568c529c60168cca6f90c1313",
"name": "William Wilson"
},
"roleIds": [
"2c90ad2a70ace7d50170acf22ca90010"
],
"remediatorRef": {
"type": "IDENTITY",
"id": "2c90ad2a70ace7d50170acf22ca90010",
"name": "Role Admin"
},
"query": "Search Query",
"description": "Role Composition Description"
},
"alerts": [
{
"level": "ERROR",
"localizations": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
],
"totalCertifications": 100,
"completedCertifications": 10,
"sourcesWithOrphanEntitlements": [
{
"id": "2c90ad2a70ace7d50170acf22ca90010",
"type": "SOURCE",
"name": "Source with orphan entitlements"
}
],
"mandatoryCommentRequirement": "NO_DECISIONS"
}
}
]
[
{
"id": "e7dbec99d49349c8951bd84f58a05120",
"name": "Manager Review",
"created": "2022-08-02T19:16:42.632Z",
"modified": null,
"description": "A review of everyone's access by their manager.",
"deadlineDuration": "P14D",
"ownerRef": {
"email": "support@testmail.identitysoon.com",
"type": "IDENTITY",
"id": "7ec252acbd4245548bc25df22348cb75",
"name": "SailPoint Support"
},
"scheduled": false,
"campaign": {
"created": null,
"modified": null,
"filter": {
"type": "CAMPAIGN_FILTER",
"id": "e0adaae69852e8fe8b8a3d48e5ce757c",
"name": "Test Manager Filter"
},
"sunsetCommentsRequired": true,
"sourceOwnerCampaignInfo": null,
"searchCampaignInfo": null,
"roleCompositionCampaignInfo": null,
"alerts": null,
"totalCertifications": null,
"completedCertifications": null,
"sourcesWithOrphanEntitlements": null,
"id": null,
"name": "Manager Review",
"description": "Review everyone's access.",
"deadline": null,
"type": "MANAGER",
"status": null,
"emailNotificationEnabled": true,
"autoRevokeAllowed": false,
"recommendationsEnabled": false,
"mandatoryCommentRequirement": "NO_DECISIONS"
}
},
{
"id": "b7e6459eed5247ac8b98a5fed81fe27f",
"name": "Reporting Access Review",
"created": "2022-07-28T19:19:40.035Z",
"modified": null,
"description": "A review of everyone's access to the reporting system.",
"deadlineDuration": "P14D",
"ownerRef": {
"email": "support@testmail.identitysoon.com",
"type": "IDENTITY",
"id": "7ec252acbd4245548bc25df22348cb75",
"name": "SailPoint Support"
},
"scheduled": false,
"campaign": {
"created": null,
"modified": null,
"filter": {
"type": "CAMPAIGN_FILTER",
"id": "e0adaae69852e8fe8b8a3d48e5ce757c",
"name": "Test Search Filter"
},
"sunsetCommentsRequired": true,
"sourceOwnerCampaignInfo": null,
"searchCampaignInfo": {
"type": "ACCESS",
"description": "Identities with reporting abilities",
"reviewerId": null,
"reviewer": null,
"query": "@access(name: (\"reporter\"))",
"identityIds": null,
"accessConstraints": []
},
"roleCompositionCampaignInfo": null,
"alerts": null,
"totalCertifications": null,
"completedCertifications": null,
"sourcesWithOrphanEntitlements": null,
"id": null,
"name": "Search Campaign",
"description": "Review everyone's access to the reporting system.",
"deadline": null,
"type": "SEARCH",
"status": null,
"emailNotificationEnabled": true,
"autoRevokeAllowed": false,
"recommendationsEnabled": false,
"mandatoryCommentRequirement": "NO_DECISIONS"
}
},
{
"id": "b9f41bc69e7a4291b9de0630396d030d",
"name": "Campaign With Admin Role",
"created": "2022-08-02T13:40:36.857Z",
"modified": null,
"description": "Campaign With Admin Role",
"deadlineDuration": null,
"ownerRef": {
"email": "support@testmail.identitysoon.com",
"type": "IDENTITY",
"id": "7ec252acbd4245548bc25df22348cb75",
"name": "SailPoint Support"
},
"scheduled": false,
"campaign": {
"created": null,
"modified": null,
"filter": null,
"sunsetCommentsRequired": true,
"sourceOwnerCampaignInfo": null,
"searchCampaignInfo": null,
"roleCompositionCampaignInfo": {
"remediatorRef": {
"type": "IDENTITY",
"id": "7ec252acbd4245548bc25df22348cb75",
"name": "SailPoint Support"
},
"reviewerId": null,
"reviewer": null,
"roleIds": [
"b15d609fc5c8434b865fe552315fda8f"
],
"query": null,
"description": null
},
"alerts": null,
"totalCertifications": null,
"completedCertifications": null,
"sourcesWithOrphanEntitlements": null,
"id": null,
"name": "Campaign With Admin Role",
"description": "Campaign With Admin Role",
"deadline": null,
"type": "ROLE_COMPOSITION",
"status": null,
"emailNotificationEnabled": false,
"autoRevokeAllowed": false,
"recommendationsEnabled": false,
"mandatoryCommentRequirement": "NO_DECISIONS"
}
},
{
"id": "b9f41bc69e7a4291b9de0630396d030d",
"name": "AD Source Review",
"created": "2022-08-02T13:40:36.857Z",
"modified": null,
"description": "A review of our AD source.",
"deadlineDuration": "P1M",
"ownerRef": {
"email": "support@testmail.identitysoon.com",
"type": "IDENTITY",
"id": "7ec252acbd4245548bc25df22348cb75",
"name": "SailPoint Support"
},
"scheduled": false,
"campaign": {
"created": null,
"modified": null,
"filter": {
"type": "CAMPAIGN_FILTER",
"id": "e0adaae69852e8fe8b8a3d48e5ce757c",
"name": "Test Source Owner Filter"
},
"sunsetCommentsRequired": true,
"sourceOwnerCampaignInfo": {
"sourceIds": [
"2c918084707deba501709d45ce4e5569"
]
},
"searchCampaignInfo": null,
"roleCompositionCampaignInfo": null,
"alerts": null,
"totalCertifications": null,
"completedCertifications": null,
"sourcesWithOrphanEntitlements": null,
"id": null,
"name": "AD Source Review",
"description": "Review everyone's access.",
"deadline": null,
"type": "SOURCE_OWNER",
"status": null,
"emailNotificationEnabled": true,
"autoRevokeAllowed": false,
"recommendationsEnabled": false,
"correlatedStatus": "CORRELATED",
"mandatoryCommentRequirement": "NO_DECISIONS"
}
}
]
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (from schema)
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (from schema)
Schema
- error
A message describing the error
{
"error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (from schema)
- 403
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 403 response object
{
"detailCode": "403 Forbidden",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The server understood the request but refuses to authorize it."
}
]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (from schema)
Schema
- message
A message describing the error
{
"message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (from schema)
- 500
Schema
- detailCode string
Fine-grained error code providing more detail of the error.
- trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale stringThe locale for the message text, a BCP 47 language tag.
localeOrigin stringPossible values: [
DEFAULT
,REQUEST
]An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text stringActual text of the error message in the indicated locale.
{
"detailCode": "400.1 Bad Request Content",
"trackingId": "e7eab60924f64aa284175b9fa3309599",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
],
"causes": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "The request was syntactically correct but its content is semantically invalid."
}
]
}
An example of a 500 response object
{
"detailCode": "500.0 Internal Fault",
"trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
"messages": [
{
"locale": "en-US",
"localeOrigin": "DEFAULT",
"text": "An internal fault occurred."
}
]
}