Jump to

• Request
• Response
• Examples

Precheck an Access Request

post

/access-governance/access-controls/20250331/accessRequests/actions/precheck

Checks a proposed access request for access guardrails & separation of duties violations. You can call this API before creating an access request when needed.

Request

Header Parameters

• opc-request-id: string
  The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.

Body ()

Details for the proposed Access Request.

Root Schema : CreateAccessRequestDetails

Type: object

The information about new AccessRequest.

Show Source

• accessBundles: array accessBundles
  list of Access bundle items.
• accessLimitDataDetails: array accessLimitDataDetails
  List of access limit data associated to permission request
• accountProfileDetails: array accountProfileDetails
  List of account profiles associated to access request. Required only if the associated access bundle has Account Profile attached to it.
• attributes: object attributes
  Additional Properties Allowed: additionalProperties

  Attributes of the corresponding model. Example: `{"foo-namespace": {"bar-key": "value"}}`
• createdBy: string
  The user that created the request
• identities: array identities
  list of identity ids
• justification: string
  Justification for creating the access request
• orchestratedSystemAttributes: array orchestratedSystemAttributes
  list of orchestratedSystemAttributes associated with targets
• permissionRoles: array permissionRoles
  list of Permission roles items.
• requestStatus: string
  Status of the access request

{
    "type":"object",
    "properties":{
        "justification":{
            "type":"string",
            "description":"Justification for creating the access request"
        },
        "requestStatus":{
            "type":"string",
            "description":"Status of the access request"
        },
        "createdBy":{
            "type":"string",
            "description":"The user that created the request"
        },
        "permissionRoles":{
            "type":"array",
            "description":"list of Permission roles items.",
            "items":{
                "type":"string"
            }
        },
        "accessBundles":{
            "type":"array",
            "description":"list of Access bundle items.",
            "items":{
                "type":"string"
            }
        },
        "identities":{
            "type":"array",
            "description":"list of identity ids",
            "items":{
                "type":"string"
            }
        },
        "orchestratedSystemAttributes":{
            "type":"array",
            "description":"list of orchestratedSystemAttributes associated with targets",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttribute"
            }
        },
        "accountProfileDetails":{
            "type":"array",
            "description":"List of account profiles associated to access request. Required only if the associated access bundle has Account Profile attached to it.",
            "items":{
                "$ref":"#/definitions/AccountProfileInfo"
            }
        },
        "attributes":{
            "type":"object",
            "description":"Attributes of the corresponding model. \nExample: `{\"foo-namespace\": {\"bar-key\": \"value\"}}`\n",
            "additionalProperties":{
                "type":"object",
                "properties":{
                }
            }
        },
        "accessLimitDataDetails":{
            "type":"array",
            "description":"List of access limit data associated to permission request",
            "items":{
                "$ref":"#/definitions/AccessLimitDataDetails"
            }
        }
    },
    "description":"The information about new AccessRequest."
}

Nested Schema : accessBundles

Type: array

list of Access bundle items.

Show Source

• Array of: string

{
    "type":"array",
    "description":"list of Access bundle items.",
    "items":{
        "type":"string"
    }
}

Nested Schema : accessLimitDataDetails

Type: array

List of access limit data associated to permission request

Show Source

• Array of: object AccessLimitDataDetails
  Access Limit Data configured by Identity

{
    "type":"array",
    "description":"List of access limit data associated to permission request",
    "items":{
        "$ref":"#/definitions/AccessLimitDataDetails"
    }
}

Nested Schema : accountProfileDetails

Type: array

List of account profiles associated to access request. Required only if the associated access bundle has Account Profile attached to it.

Show Source

• Array of: object AccountProfileInfo
  Account Profile Configuration by Identity

{
    "type":"array",
    "description":"List of account profiles associated to access request. Required only if the associated access bundle has Account Profile attached to it.",
    "items":{
        "$ref":"#/definitions/AccountProfileInfo"
    }
}

Nested Schema : attributes

Type: object

Additional Properties Allowed

Show Source

• object additionalProperties

{
    "type":"object",
    "description":"Attributes of the corresponding model. \nExample: `{\"foo-namespace\": {\"bar-key\": \"value\"}}`\n",
    "additionalProperties":{
        "type":"object",
        "properties":{
        }
    }
}

Attributes of the corresponding model. Example: `{"foo-namespace": {"bar-key": "value"}}`

Nested Schema : identities

Type: array

list of identity ids

Show Source

• Array of: string

{
    "type":"array",
    "description":"list of identity ids",
    "items":{
        "type":"string"
    }
}

Nested Schema : orchestratedSystemAttributes

Type: array

list of orchestratedSystemAttributes associated with targets

Show Source

• Array of: object OrchestratedSystemAttribute
  Account & permission attributes

{
    "type":"array",
    "description":"list of orchestratedSystemAttributes associated with targets",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttribute"
    }
}

Nested Schema : permissionRoles

Type: array

list of Permission roles items.

Show Source

• Array of: string

{
    "type":"array",
    "description":"list of Permission roles items.",
    "items":{
        "type":"string"
    }
}

Nested Schema : AccessLimitDataDetails

Type: object

Access Limit Data configured by Identity

Show Source

• accessBundleId: string
  Access bundle Id
• accessLimitDataInfo: object AccessLimitDataInfo
  Access Limit Data information object.
• identityAccessLimitDetails: array identityAccessLimitDetails
  Access Limit Data for Identity
• isIdentitySpecific: boolean
  Same configuration for all identities.

{
    "type":"object",
    "properties":{
        "accessBundleId":{
            "type":"string",
            "description":"Access bundle Id"
        },
        "isIdentitySpecific":{
            "type":"boolean",
            "description":"Same configuration for all identities."
        },
        "identityAccessLimitDetails":{
            "type":"array",
            "description":"Access Limit Data for Identity",
            "items":{
                "$ref":"#/definitions/IdentityAccessLimitDataInfo"
            }
        },
        "accessLimitDataInfo":{
            "$ref":"#/definitions/AccessLimitDataInfo"
        }
    },
    "description":"Access Limit Data configured by Identity"
}

Nested Schema : AccessLimitDataInfo

Type: object

Access Limit Data information object.

Show Source

• accessLimitData: object AccessLimitData
  The Temporal Access Bundle data.
• accessLimitType: string
  Allowed Values: [ "INDEFINITELY", "NUMBER_OF_DAYS", "NUMBER_OF_HOURS", "DATE_TIME_RANGE" ]

  Time limit type of the access bundle

{
    "type":"object",
    "properties":{
        "accessLimitType":{
            "type":"string",
            "description":"Time limit type of the access bundle",
            "enum":[
                "INDEFINITELY",
                "NUMBER_OF_DAYS",
                "NUMBER_OF_HOURS",
                "DATE_TIME_RANGE"
            ],
            "x-obmcs-top-level-enum":"#/definitions/AccessLimitType",
            "x-default-description":"INDEFINITELY"
        },
        "accessLimitData":{
            "$ref":"#/definitions/AccessLimitData"
        }
    },
    "description":"Access Limit Data information object."
}

Nested Schema : identityAccessLimitDetails

Type: array

Access Limit Data for Identity

Show Source

• Array of: object IdentityAccessLimitDataInfo
  Access Limit Data for Identity

{
    "type":"array",
    "description":"Access Limit Data for Identity",
    "items":{
        "$ref":"#/definitions/IdentityAccessLimitDataInfo"
    }
}

Nested Schema : AccessLimitData

Type: object

The Temporal Access Bundle data.

Show Source

• dateTimeConfig: object AccessLimitDateTimeConfig
  The Temporal Access Bundle data for date time.
• daysConfig: object AccessLimitDaysConfig
  The Temporal Access Bundle data for days.
• hoursConfig: object AccessLimitHoursConfig
  The Temporal Access Bundle data for hours.

{
    "type":"object",
    "properties":{
        "daysConfig":{
            "$ref":"#/definitions/AccessLimitDaysConfig"
        },
        "hoursConfig":{
            "$ref":"#/definitions/AccessLimitHoursConfig"
        },
        "dateTimeConfig":{
            "$ref":"#/definitions/AccessLimitDateTimeConfig"
        }
    },
    "description":"The Temporal Access Bundle data."
}

Nested Schema : AccessLimitDateTimeConfig

Type: object

The Temporal Access Bundle data for date time.

Show Source

• expirationEndTime: integer(int64)
  Time in epoch when the access should be expired
• expirationStartTime: integer(int64)
  Time in epoch when the access should be granted

{
    "type":"object",
    "properties":{
        "expirationStartTime":{
            "type":"integer",
            "format":"int64",
            "description":"Time in epoch when the access should be granted"
        },
        "expirationEndTime":{
            "type":"integer",
            "format":"int64",
            "description":"Time in epoch when the access should be expired"
        }
    },
    "description":"The Temporal Access Bundle data for date time."
}

Nested Schema : AccessLimitDaysConfig

Type: object

The Temporal Access Bundle data for days.

Show Source

• expirationInDays: integer
  Maximum number of days allowed before expiry
• extensionApprovalWorkflowId: object IdInfo
  Generic identifying information object.
• extensionInDays: integer
  Number of days extensions is allowed
• notificationInDays: integer
  Number of days when notification should be sent

{
    "type":"object",
    "properties":{
        "expirationInDays":{
            "type":"integer",
            "description":"Maximum number of days allowed before expiry"
        },
        "notificationInDays":{
            "type":"integer",
            "description":"Number of days when notification should be sent"
        },
        "extensionInDays":{
            "type":"integer",
            "description":"Number of days extensions is allowed"
        },
        "extensionApprovalWorkflowId":{
            "$ref":"#/definitions/IdInfo"
        }
    },
    "description":"The Temporal Access Bundle data for days."
}

Nested Schema : AccessLimitHoursConfig

Type: object

The Temporal Access Bundle data for hours.

Show Source

• expirationInHours: integer
  Maximum number of hours allowed before expiry
• extensionApprovalWorkflowId: object IdInfo
  Generic identifying information object.
• extensionInHours: integer
  Number of hours extensions is allowed
• notificationInHours: integer
  Number of hours when notification should be sent

{
    "type":"object",
    "properties":{
        "expirationInHours":{
            "type":"integer",
            "description":"Maximum number of hours allowed before expiry"
        },
        "notificationInHours":{
            "type":"integer",
            "description":"Number of hours when notification should be sent"
        },
        "extensionInHours":{
            "type":"integer",
            "description":"Number of hours extensions is allowed"
        },
        "extensionApprovalWorkflowId":{
            "$ref":"#/definitions/IdInfo"
        }
    },
    "description":"The Temporal Access Bundle data for hours."
}

Nested Schema : IdInfo

Type: object

Generic identifying information object.

Show Source

• displayName: string
  Display Name of the entity.
• id: string
  Id of the entity.
• name: string
  Name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"Id of the entity."
        },
        "name":{
            "type":"string",
            "description":"Name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic identifying information object."
}

Nested Schema : IdentityAccessLimitDataInfo

Type: object

Access Limit Data for Identity

Show Source

• accessLimitDataInfo: object AccessLimitDataInfo
  Access Limit Data information object.
• identityId: string
  Global Identity Id

{
    "type":"object",
    "properties":{
        "identityId":{
            "type":"string",
            "description":"Global Identity Id"
        },
        "accessLimitDataInfo":{
            "$ref":"#/definitions/AccessLimitDataInfo"
        }
    },
    "description":"Access Limit Data for Identity"
}

Nested Schema : AccountProfileInfo

Type: object

Account Profile Configuration by Identity

Show Source

• accountAttributes: array accountAttributes
  Account Attribute Values
• accountProfileId: string
  Account Profile Id
• identityAccountAttributesDetails: array identityAccountAttributesDetails
  Account Attributes Info by Identity
• identitySpecific: boolean
  Same configuration for all identities.

{
    "type":"object",
    "properties":{
        "accountProfileId":{
            "type":"string",
            "description":"Account Profile Id"
        },
        "identitySpecific":{
            "type":"boolean",
            "description":"Same configuration for all identities."
        },
        "identityAccountAttributesDetails":{
            "type":"array",
            "description":"Account Attributes Info by Identity",
            "items":{
                "$ref":"#/definitions/IdentityAccountAttributesInfo"
            }
        },
        "accountAttributes":{
            "type":"array",
            "description":"Account Attribute Values",
            "items":{
                "$ref":"#/definitions/QuestionAttributeDataSummary"
            }
        }
    },
    "description":"Account Profile Configuration by Identity"
}

Nested Schema : accountAttributes

Type: array

Account Attribute Values

Show Source

• Array of: object QuestionAttributeDataSummary
  Question Attributes of account profile

{
    "type":"array",
    "description":"Account Attribute Values",
    "items":{
        "$ref":"#/definitions/QuestionAttributeDataSummary"
    }
}

Nested Schema : identityAccountAttributesDetails

Type: array

Account Attributes Info by Identity

Show Source

• Array of: object IdentityAccountAttributesInfo
  Account Profile Attributes

{
    "type":"array",
    "description":"Account Attributes Info by Identity",
    "items":{
        "$ref":"#/definitions/IdentityAccountAttributesInfo"
    }
}

Nested Schema : QuestionAttributeDataSummary

Type: object

Question Attributes of account profile

Show Source

• children: array children
  nested attributes
• isQuestion: boolean
  Boolean value for checking if this is attribute is a question for requester.
• name: string
  Attribute name - Unique identifier
• values: array values
  Attribute Values

{
    "type":"object",
    "properties":{
        "name":{
            "type":"string",
            "description":"Attribute name - Unique identifier"
        },
        "values":{
            "type":"array",
            "description":"Attribute Values",
            "items":{
                "type":"string"
            }
        },
        "children":{
            "type":"array",
            "description":"nested attributes",
            "items":{
                "$ref":"#/definitions/NestedQuestionAttributeSummary"
            }
        },
        "isQuestion":{
            "type":"boolean",
            "description":"Boolean value for checking if this is attribute is a question for requester."
        }
    },
    "description":"Question Attributes of account profile"
}

Nested Schema : children

Type: array

nested attributes

Show Source

• Array of: object NestedQuestionAttributeSummary
  Nested set of question attributes

{
    "type":"array",
    "description":"nested attributes",
    "items":{
        "$ref":"#/definitions/NestedQuestionAttributeSummary"
    }
}

Nested Schema : values

Type: array

Attribute Values

Show Source

• Array of: string

{
    "type":"array",
    "description":"Attribute Values",
    "items":{
        "type":"string"
    }
}

Nested Schema : NestedQuestionAttributeSummary

Type: object

Nested set of question attributes

Show Source

• items: array items
  Question attributes

{
    "type":"object",
    "properties":{
        "items":{
            "type":"array",
            "description":"Question attributes",
            "items":{
                "$ref":"#/definitions/QuestionAttributeDataSummary"
            }
        }
    },
    "description":"Nested set of question attributes"
}

Nested Schema : items

Type: array

Question attributes

Show Source

• Array of: object QuestionAttributeDataSummary
  Question Attributes of account profile

{
    "type":"array",
    "description":"Question attributes",
    "items":{
        "$ref":"#/definitions/QuestionAttributeDataSummary"
    }
}

Nested Schema : IdentityAccountAttributesInfo

Type: object

Account Profile Attributes

Show Source

• accountAttributes: array accountAttributes
  Account Attribute Values
• identityId: string
  Global Identity Id

{
    "type":"object",
    "properties":{
        "identityId":{
            "type":"string",
            "description":"Global Identity Id"
        },
        "accountAttributes":{
            "type":"array",
            "description":"Account Attribute Values",
            "items":{
                "$ref":"#/definitions/QuestionAttributeDataSummary"
            }
        }
    },
    "description":"Account Profile Attributes"
}

Nested Schema : accountAttributes

Type: array

Account Attribute Values

Show Source

• Array of: object QuestionAttributeDataSummary
  Question Attributes of account profile

{
    "type":"array",
    "description":"Account Attribute Values",
    "items":{
        "$ref":"#/definitions/QuestionAttributeDataSummary"
    }
}

Nested Schema : additionalProperties

Type: object

Show Source

{
    "type":"object",
    "properties":{
    }
}

Nested Schema : OrchestratedSystemAttribute

Type: object

Account & permission attributes

Show Source

• accountAttributes: array accountAttributes
  List of Orchestrated System account attributes
• orchestratedSystem: object Info
  Generic information object.
• permissionAttributes: array permissionAttributes
  List of Orchestrated System permission attributes

{
    "type":"object",
    "properties":{
        "orchestratedSystem":{
            "$ref":"#/definitions/Info"
        },
        "accountAttributes":{
            "type":"array",
            "description":"List of Orchestrated System account attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        },
        "permissionAttributes":{
            "type":"array",
            "description":"List of Orchestrated System permission attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        }
    },
    "description":"Account & permission attributes"
}

Nested Schema : accountAttributes

Type: array

List of Orchestrated System account attributes

Show Source

• Array of: object OrchestratedSystemAttributeData
  Orchestrated System Attributes

{
    "type":"array",
    "description":"List of Orchestrated System account attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : Info

Type: object

Generic information object.

Show Source

• displayName: string
  Display Name of the entity.
• id: string
  id of the entity.
• name: string
  name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"id of the entity."
        },
        "name":{
            "type":"string",
            "description":"name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic information object."
}

Nested Schema : permissionAttributes

Type: array

List of Orchestrated System permission attributes

Show Source

• Array of: object OrchestratedSystemAttributeData
  Orchestrated System Attributes

{
    "type":"array",
    "description":"List of Orchestrated System permission attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Nested Schema : OrchestratedSystemAttributeData

Type: object

Orchestrated System Attributes

Show Source

• children: array children
  nested attributes
• defaultValues: array defaultValues
  Attribute Value
• discriminator: string
  this field signify attribute field is password
• lookupType: string
  LookupID for the attribute
• name: string
  Attribute name
• permissionType: string
  Permission Type
• title: string
  Display Name for the attribute.
• type: string
  Type of attribute

{
    "type":"object",
    "properties":{
        "name":{
            "type":"string",
            "description":"Attribute name"
        },
        "type":{
            "type":"string",
            "description":"Type of attribute"
        },
        "title":{
            "type":"string",
            "description":"Display Name for the attribute."
        },
        "children":{
            "type":"array",
            "description":"nested attributes",
            "items":{
                "$ref":"#/definitions/NestedAttributes"
            }
        },
        "lookupType":{
            "type":"string",
            "description":"LookupID for the attribute"
        },
        "defaultValues":{
            "type":"array",
            "description":"Attribute Value",
            "items":{
                "type":"string"
            }
        },
        "permissionType":{
            "type":"string",
            "description":"Permission Type"
        },
        "discriminator":{
            "type":"string",
            "description":"this field signify attribute field is password"
        }
    },
    "description":"Orchestrated System Attributes"
}

Nested Schema : children

Type: array

nested attributes

Show Source

• Array of: object NestedAttributes
  Nested set of Orchestrated System attributes

{
    "type":"array",
    "description":"nested attributes",
    "items":{
        "$ref":"#/definitions/NestedAttributes"
    }
}

Nested Schema : defaultValues

Type: array

Attribute Value

Show Source

• Array of: string

{
    "type":"array",
    "description":"Attribute Value",
    "items":{
        "type":"string"
    }
}

Nested Schema : NestedAttributes

Type: object

Nested set of Orchestrated System attributes

Show Source

• items: array items
  Orchestrated System attributes

{
    "type":"object",
    "properties":{
        "items":{
            "type":"array",
            "description":"Orchestrated System attributes",
            "items":{
                "$ref":"#/definitions/OrchestratedSystemAttributeData"
            }
        }
    },
    "description":"Nested set of Orchestrated System attributes"
}

Nested Schema : items

Type: array

Orchestrated System attributes

Show Source

• Array of: object OrchestratedSystemAttributeData
  Orchestrated System Attributes

{
    "type":"array",
    "description":"Orchestrated System attributes",
    "items":{
        "$ref":"#/definitions/OrchestratedSystemAttributeData"
    }
}

Back to Top

Response

Supported Media Types

• application/json

200 Response

The results of the precheck analysis.

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : AccessRequestPrecheckResult

Type: object

Results of running access guardrails & separation of duties analysis for an access request, without creating the access request.

Show Source

• accessGuardrailViolations(required): object AccessGuardrailViolationCollection
  Collection of access guardrail violations.
• separationOfDutiesAnalysisRequests(required): object SeparationOfDutiesRequestCollection
  A collection of separation of duties request summaries.

{
    "type":"object",
    "required":[
        "accessGuardrailViolations",
        "separationOfDutiesAnalysisRequests"
    ],
    "properties":{
        "accessGuardrailViolations":{
            "$ref":"#/definitions/AccessGuardrailViolationCollection"
        },
        "separationOfDutiesAnalysisRequests":{
            "$ref":"#/definitions/SeparationOfDutiesRequestCollection"
        }
    },
    "description":"Results of running access guardrails & separation of duties analysis for an access request, without creating the access request.\n"
}

Nested Schema : AccessGuardrailViolationCollection

Type: object

Collection of access guardrail violations.

Show Source

• items(required): array items
  List of access guardrail violation details.

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"List of access guardrail violation details.",
            "items":{
                "$ref":"#/definitions/AccessGuardrailViolationSummary"
            }
        }
    },
    "description":"Collection of access guardrail violations."
}

Nested Schema : SeparationOfDutiesRequestCollection

Type: object

A collection of separation of duties request summaries.

Show Source

• items(required): array items
  List of separation of duties request summaries.

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"List of separation of duties request summaries.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesRequestSummary"
            }
        }
    },
    "description":"A collection of separation of duties request summaries."
}

Nested Schema : items

Type: array

List of access guardrail violation details.

Show Source

• Array of: object AccessGuardrailViolationSummary
  Access Guardrail violation summary.

{
    "type":"array",
    "description":"List of access guardrail violation details.",
    "items":{
        "$ref":"#/definitions/AccessGuardrailViolationSummary"
    }
}

Nested Schema : AccessGuardrailViolationSummary

Type: object

Access Guardrail violation summary.

Show Source

• accessGuardrailId: string
  Id of the access guardrail associated to an Access Bundle.
• accessGuardrailName: string
  Name of the access guardrail associated to an Access Bundle.
• violationDetails: object violationDetails
  Additional Properties Allowed: additionalProperties

  A map where keys represent global identities and values are lists of violations in strings.

{
    "type":"object",
    "properties":{
        "accessGuardrailId":{
            "type":"string",
            "description":"Id of the access guardrail associated to an Access Bundle."
        },
        "accessGuardrailName":{
            "type":"string",
            "description":"Name of the access guardrail associated to an Access Bundle."
        },
        "violationDetails":{
            "type":"object",
            "description":"A map where keys represent global identities and values are lists of violations in strings.",
            "additionalProperties":{
                "type":"array",
                "items":{
                    "type":"string"
                }
            }
        }
    },
    "description":"Access Guardrail violation summary."
}

Nested Schema : violationDetails

Type: object

Additional Properties Allowed

Show Source

• array additionalProperties

{
    "type":"object",
    "description":"A map where keys represent global identities and values are lists of violations in strings.",
    "additionalProperties":{
        "type":"array",
        "items":{
            "type":"string"
        }
    }
}

A map where keys represent global identities and values are lists of violations in strings.

Nested Schema : additionalProperties

Type: array

Show Source

• Array of: string

{
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : items

Type: array

List of separation of duties request summaries.

Show Source

• Array of: object SeparationOfDutiesRequestSummary
  A summary for a separation of duties request.

{
    "type":"array",
    "description":"List of separation of duties request summaries.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesRequestSummary"
    }
}

Nested Schema : SeparationOfDutiesRequestSummary

Type: object

A summary for a separation of duties request.

Show Source

• requestId(required): string
  A string representing a separation of duties work request. Get updates on the status of a request by using the 'Check status of the separation of duties request(s)' endpoint.
• status(required): string
  The status of the separation of duties work request.

{
    "type":"object",
    "required":[
        "requestId",
        "status"
    ],
    "properties":{
        "requestId":{
            "type":"string",
            "description":"A string representing a separation of duties work request. Get updates on the status of a request by\nusing the 'Check status of the separation of duties request(s)' endpoint.\n"
        },
        "status":{
            "type":"string",
            "description":"The status of the separation of duties work request."
        }
    },
    "description":"A summary for a separation of duties request."
}

400 Response

Bad Request

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

401 Response

Unauthorized

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

404 Response

Not Found

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

409 Response

Conflict

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

429 Response

Too Many Requests

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

500 Response

Internal Server Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Default Response

Unknown Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Back to Top

Examples

The following example shows how to pre check requested access bundles for identities against access guardrails & separation of duties violations.

cURL Request Example

curl -i -X POST \
   -H "Authorization:Bearer <your-access-token>" \
   -H "Content-Type:application/json" \
   -d \
'{
"justification": "Precheck Access Request",
    "createdBy": "88b9690ece3xxx3953570480031e7d0",
    "accessBundles": [
        "24bd8566-8562-41f5-9xx-86e6b07c1c10",
        "d6109ef9-67c6-4e32-bxxb-5b260d1cc6ac",
        "c0c749ea-7c50-4fc6-bxx5-f99e4ab1208b",
        "46af0a2b-9381-4c42-xxxxx-xxxxxxxxxxx"
    ],
    "identities": [
        "globalId.ICF.063a21f6-db00-44f9-875a-83xxx583.875f18xxxxx6467b3b06f5"
    ],
    "accountProfileDetails": []
}'\
 '<${service-instance-url}/access-governance/access-controls/${versionId}/accessRequests/actions/precheck' >'

Example Request Payload

{
"justification": "Precheck Access Request",
    "createdBy": "88b9690ece3xxx3953570480031e7d0",
    "accessBundles": [
        "24bd8566-8562-41f5-9xx-86e6b07c1c10",
        "d6109ef9-67c6-4e32-bxxb-5b260d1cc6ac",
        "c0c749ea-7c50-4fc6-bxx5-f99e4ab1208b",
        "46af0a2b-9381-4c42-xxxxx-xxxxxxxxxxx"
    ],
    "identities": [
        "globalId.ICF.063a21f6-db00-44f9-875a-83xxx583.875f18xxxxx6467b3b06f5"
    ],
    "accountProfileDetails": []
}

Example of the Response Code

You'll receive 200 OK response along with the following response body:

{
    "accessGuardrailViolations": {
        "items": [
            {
                "accessGuardrailId": "e8c79607xxxx-4894-8ef3-ec1215d70025",
                "accessGuardrailName": "AGRwithLowRisk",
                "violationDetails": {
                    "globalId.ICF.063a21f6-db00-44f9-xxxxxx07583.875f18cf300b44cd1b3446467b3b06f5": [
                        "This Identity does not have identity attribute Employee user name contains 0805"
                    ]
                }
            }
        ]
    },
    "separationOfDutiesAnalysisRequests": {
        "items": [
            {
                "requestId": "001673a9xxb43fc97aedc93571e14f2",
                "status": "InProgress"
            },
            {
                "requestId": "f334fbba4e1xxa2fc2135cd73e729",
                "status": "InProgress"
            },
            {
                "requestId": null,
                "status": null
            },
            {
                "requestId": null,
                "status": null
            }
        ]
    }
}

Back to Top