Partial update of Provisioning Policy​
This API selectively updates an existing Provisioning Policy using a JSONPatch payload. Transforms can be used in the provisioning policy to create a new attribute that you only need during provisioning. Refer to Transforms in Provisioning Policies for more information. A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.
Path Parameters
- sourceId string requiredThe Source id. Example: 2c9180835d191a86015d28455b4a2329
- usageType string requiredPossible values: [ CREATE,UPDATE,DELETE,ASSIGN,UNASSIGN,CREATE_GROUP,UPDATE_GROUP,DELETE_GROUP,REGISTER,CREATE_IDENTITY,UPDATE_IDENTITY,EDIT_GROUP,ENABLE,DISABLE,UNLOCK,CHANGE_PASSWORD]The type of ProvisioningPolicy usage. 
- application/json-patch+json
Request Body array required
The JSONPatch payload used to update the schema.
- op string requiredPossible values: [ add,remove,replace,move,copy,test]The operation to be performed 
- path string requiredA string JSON Pointer representing the target path to an element to be affected by the operation 
- value object- The value to be used for the operation, required for "add" and "replace" operations anyOf- MOD1
- MOD2
- MOD4
 stringintegeranyOf- MOD1
- MOD2
 stringinteger
- 200
- 400
- 401
- 403
- 404
- 429
- 500
The ProvisioningPolicyDto was successfully updated.
- application/json
- Schema
- Example (from schema)
Schema
- name stringthe provisioning policy name 
- description stringthe description of the provisioning policy 
- usageType stringPossible values: [ CREATE,UPDATE,DELETE,ASSIGN,UNASSIGN,CREATE_GROUP,UPDATE_GROUP,DELETE_GROUP,REGISTER,CREATE_IDENTITY,UPDATE_IDENTITY,EDIT_GROUP,ENABLE,DISABLE,UNLOCK,CHANGE_PASSWORD]The type of ProvisioningPolicy usage. 
- fields object[]name string- The name of the attribute. transform object- Default value: - [object Object]- The transform to apply to the field attributes object- Attributes required for the transform isRequired boolean- Default value: - false- Flag indicating whether or not the attribute is required. type string- The type of the attribute. isMultiValued boolean- Default value: - false- Flag indicating whether or not the attribute is multi-valued. 
{
  "name": "example provisioning policy for inactive identities",
  "description": "this provisioning policy creates access based on an identity going inactive",
  "usageType": "CREATE",
  "fields": [
    {
      "name": "userName",
      "transform": {
        "type": "rule",
        "attributes": {
          "name": "Create Unique LDAP Attribute"
        }
      },
      "attributes": {
        "template": "${firstname}.${lastname}${uniqueCounter}",
        "cloudMaxUniqueChecks": "50",
        "cloudMaxSize": "20",
        "cloudRequired": "true"
      },
      "isRequired": false,
      "type": "string",
      "isMultiValued": false
    }
  ]
}
Client Error - Returned if the request body is invalid.
- application/json
- Schema
- Example (from schema)
Schema
- detailCode stringFine-grained error code providing more detail of the error. 
- trackingId stringUnique tracking id for the error. 
- messages object[]- Generic localized reason for error locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
- causes object[]- Plain-text descriptive reasons to provide additional detail to the text provided in the messages field locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}
Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.
- application/json
- Schema
- Example (from schema)
Schema
- errorA message describing the error 
{
  "error": "JWT validation failed: JWT is expired"
}
Forbidden - Returned if the user you are running as, doesn't have access to this end-point.
- application/json
- Schema
- Example (from schema)
- 403
Schema
- detailCode stringFine-grained error code providing more detail of the error. 
- trackingId stringUnique tracking id for the error. 
- messages object[]- Generic localized reason for error locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
- causes object[]- Plain-text descriptive reasons to provide additional detail to the text provided in the messages field locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}
An example of a 403 response object
{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}
Not Found - returned if the request URL refers to a resource or object that does not exist
- application/json
- Schema
- Example (from schema)
- 404
Schema
- detailCode stringFine-grained error code providing more detail of the error. 
- trackingId stringUnique tracking id for the error. 
- messages object[]- Generic localized reason for error locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
- causes object[]- Plain-text descriptive reasons to provide additional detail to the text provided in the messages field locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}
An example of a 404 response object
{
  "detailCode": "404 Not found",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server did not find a current representation for the target resource."
    }
  ]
}
Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.
- application/json
- Schema
- Example (from schema)
Schema
- messageA message describing the error 
{
  "message": " Rate Limit Exceeded "
}
Internal Server Error - Returned if there is an unexpected error.
- application/json
- Schema
- Example (from schema)
- 500
Schema
- detailCode stringFine-grained error code providing more detail of the error. 
- trackingId stringUnique tracking id for the error. 
- messages object[]- Generic localized reason for error locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
- causes object[]- Plain-text descriptive reasons to provide additional detail to the text provided in the messages field locale string- The locale for the message text, a BCP 47 language tag. localeOrigin string- Possible values: [ - DEFAULT,- REQUEST]- An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice. text string- Actual text of the error message in the indicated locale. 
{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}
An example of a 500 response object
{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}