This chapter describes the web services used to get information from Oracle Identity Analytics regarding audit violations. In particular, the Identity Audit web service can be used to prevent and report Segregation of Duties (SoD) violations. A Segregation of Duties violation is a violation whereby a user account, a user attribute, or a role has been assigned two entitlements that should not be held in combination.
Using the Identity Audit Web Service, SoD violations can be reported. In addition, this web service can be used to implement a preventative SoD whereby a user requesting a role from a third-party system can first be verified against Oracle Identity Analytics for any SoD.
Each web service has two parts: request parameters and the response. Request parameters such as SodState are used to request the corresponding Audit SoD, which returns a list of exceptions as a response.