Jump to

• Request
• Response
• Examples

Check status of the separation of duties request(s)

post

/access-governance/access-controls/20250331/separationOfDuties/status

Returns the current status for one or more separation of duties requests.

Request

Header Parameters

• if-match: string
  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
• opc-request-id: string
  The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.
• opc-retry-token: string
  Minimum Length: 1

  Maximum Length: 64

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.

Body ()

Separation of duties request IDs.

Root Schema : CheckSeparationOfDutiesStatusDetails

Type: object

List of request statuses per Request ID.

Show Source

• items(required): array items
  List of request statuses.

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"List of request statuses.",
            "items":{
                "$ref":"#/definitions/CheckSeparationOfDutiesRequestStatus"
            }
        }
    },
    "description":"List of request statuses per Request ID."
}

Nested Schema : items

Type: array

List of request statuses.

Show Source

• Array of: object CheckSeparationOfDutiesRequestStatus
  Request status.

{
    "type":"array",
    "description":"List of request statuses.",
    "items":{
        "$ref":"#/definitions/CheckSeparationOfDutiesRequestStatus"
    }
}

Nested Schema : CheckSeparationOfDutiesRequestStatus

Type: object

Request status.

Show Source

• events(required): array events
  Separation of Duties Events.
• requestedBy(required): string
  Who or what made the request.
• requestId(required): string
  Unique identifier that is immutable on creation.
• requestStatus(required): string
  Allowed Values: [ "SUCCESS", "FAILED", "IN_PROGRESS" ]

  Request Status.
• timeRequestCompletion: string(date-time)
  Request Completion time.
• timeRequested: string(date-time)
  Request time.

{
    "type":"object",
    "required":[
        "events",
        "requestId",
        "requestStatus",
        "requestedBy"
    ],
    "properties":{
        "requestId":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation."
        },
        "requestStatus":{
            "type":"string",
            "description":"Request Status.",
            "enum":[
                "SUCCESS",
                "FAILED",
                "IN_PROGRESS"
            ],
            "x-obmcs-top-level-enum":"#/definitions/SeparationOfDutiesRequestStatus"
        },
        "timeRequested":{
            "type":"string",
            "format":"date-time",
            "description":"Request time."
        },
        "timeRequestCompletion":{
            "type":"string",
            "format":"date-time",
            "description":"Request Completion time."
        },
        "requestedBy":{
            "type":"string",
            "description":"Who or what made the request."
        },
        "events":{
            "type":"array",
            "description":"Separation of Duties Events.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesEvent"
            }
        }
    },
    "description":"Request status."
}

Nested Schema : events

Type: array

Separation of Duties Events.

Show Source

• Array of: object SeparationOfDutiesEvent
  Separation Of Duties Event.

{
    "type":"array",
    "description":"Separation of Duties Events.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesEvent"
    }
}

Nested Schema : SeparationOfDutiesEvent

Type: object

Separation Of Duties Event.

Show Source

• createdBy(required): string
  Who or what created the event.
• hasViolation(required): boolean
  Whether a violation was detected.
• id(required): string
  Unique identifier that is immutable on creation.
• provider(required): string
  Separation Of Duties provider.
• requestPayload(required): object RequestPayload
  Represents the payload for a request.
• status(required): string
  Allowed Values: [ "SUCCESS", "FAILED", "IN_PROGRESS", "PENDING" ]

  Processing Status.
• timeCreated: string(date-time)
  Creation time of the event.
• timeProcessingEnded: string(date-time)
  Separation Of Duties processing end time.
• timeProcessingStarted: string(date-time)
  Separation Of Duties processing start time.
• violationSummary(required): array violationSummary
  Separation Of Duties Violation Summary.

{
    "type":"object",
    "required":[
        "createdBy",
        "hasViolation",
        "id",
        "provider",
        "requestPayload",
        "status",
        "violationSummary"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation."
        },
        "status":{
            "type":"string",
            "description":"Processing Status.",
            "enum":[
                "SUCCESS",
                "FAILED",
                "IN_PROGRESS",
                "PENDING"
            ],
            "x-obmcs-top-level-enum":"#/definitions/SeparationOfDutiesEventStatus"
        },
        "createdBy":{
            "type":"string",
            "description":"Who or what created the event."
        },
        "timeCreated":{
            "type":"string",
            "format":"date-time",
            "description":"Creation time of the event."
        },
        "timeProcessingStarted":{
            "type":"string",
            "format":"date-time",
            "description":"Separation Of Duties processing start time."
        },
        "timeProcessingEnded":{
            "type":"string",
            "format":"date-time",
            "description":"Separation Of Duties processing end time."
        },
        "requestPayload":{
            "$ref":"#/definitions/RequestPayload"
        },
        "hasViolation":{
            "type":"boolean",
            "description":"Whether a violation was detected."
        },
        "provider":{
            "type":"string",
            "description":"Separation Of Duties provider."
        },
        "violationSummary":{
            "type":"array",
            "description":"Separation Of Duties Violation Summary.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesViolationSummary"
            }
        }
    },
    "description":"Separation Of Duties Event."
}

Nested Schema : RequestPayload

Type: object

Represents the payload for a request.

Show Source

• accountData: object AccountData
  Information about the user account.
• childAssignmentData: array childAssignmentData
  List of child assignment data.
• requestData: object SeparationOfDutiesAnalysisDetails
  Details for performing Separation of Duties analysis.
• userData: object UserData
  Data of the User associated to a Separation of Duties event.

{
    "type":"object",
    "properties":{
        "requestData":{
            "$ref":"#/definitions/SeparationOfDutiesAnalysisDetails"
        },
        "userData":{
            "$ref":"#/definitions/UserData"
        },
        "accountData":{
            "$ref":"#/definitions/AccountData"
        },
        "childAssignmentData":{
            "type":"array",
            "description":"List of child assignment data.",
            "items":{
                "$ref":"#/definitions/ChildAssignmentData"
            }
        }
    },
    "description":"Represents the payload for a request."
}

Nested Schema : violationSummary

Type: array

Separation Of Duties Violation Summary.

Show Source

• Array of: object SeparationOfDutiesViolationSummary
  A Separation of Duties violation.

{
    "type":"array",
    "description":"Separation Of Duties Violation Summary.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesViolationSummary"
    }
}

Nested Schema : AccountData

Type: object

Information about the user account.

Show Source

• attributes(required): array attributes
  Account attributes.

{
    "type":"object",
    "required":[
        "attributes"
    ],
    "properties":{
        "attributes":{
            "type":"array",
            "description":"Account attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Information about the user account."
}

Nested Schema : childAssignmentData

Type: array

List of child assignment data.

Show Source

• Array of: object ChildAssignmentData
  Entitlement attributes.

{
    "type":"array",
    "description":"List of child assignment data.",
    "items":{
        "$ref":"#/definitions/ChildAssignmentData"
    }
}

Nested Schema : SeparationOfDutiesAnalysisDetails

Type: object

Details for performing Separation of Duties analysis.

Show Source

• accountData: object AccountData
  Information about the user account.
• orchestratedSystemIdentityId: string
  The ID of the Identity on the Orchestrated System.
• permissionAssignments(required): array permissionAssignments
  Permissions to be analyzed along with the account.
• requestedBy(required): string
  The user who requested the analysis.

{
    "type":"object",
    "required":[
        "permissionAssignments",
        "requestedBy"
    ],
    "properties":{
        "orchestratedSystemIdentityId":{
            "type":"string",
            "description":"The ID of the Identity on the Orchestrated System."
        },
        "accountData":{
            "$ref":"#/definitions/AccountData"
        },
        "permissionAssignments":{
            "type":"array",
            "description":"Permissions to be analyzed along with the account.",
            "items":{
                "$ref":"#/definitions/AccountPermission"
            }
        },
        "requestedBy":{
            "type":"string",
            "description":"The user who requested the analysis."
        }
    },
    "description":"Details for performing Separation of Duties analysis."
}

Nested Schema : UserData

Type: object

Data of the User associated to a Separation of Duties event.

Show Source

• attributes(required): array attributes
  User attributes.

{
    "type":"object",
    "required":[
        "attributes"
    ],
    "properties":{
        "attributes":{
            "type":"array",
            "description":"User attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Data of the User associated to a Separation of Duties event."
}

Nested Schema : attributes

Type: array

Account attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Account attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : Attribute

Type: object

Attribute of the account.

Show Source

• action: string
  Allowed Values: [ "ADD", "UPDATE" ]

  Operation to be done on the attribute.
• additionalAttributes: array additionalAttributes
  Additional attributes.
• attributes: array attributes
  Attributes.
• displayName: string
  Display Name of the attribute.
• name(required): string
  Name of the attribute.
• value: array value
  Value of the attribute.

{
    "type":"object",
    "required":[
        "name"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the attribute."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the attribute."
        },
        "value":{
            "type":"array",
            "description":"Value of the attribute.",
            "items":{
                "type":"string"
            }
        },
        "action":{
            "type":"string",
            "description":"Operation to be done on the attribute.",
            "enum":[
                "ADD",
                "UPDATE"
            ],
            "x-obmcs-top-level-enum":"#/definitions/AttributeAction"
        },
        "additionalAttributes":{
            "type":"array",
            "description":"Additional attributes.",
            "items":{
                "$ref":"#/definitions/AdditionalAttribute"
            }
        },
        "attributes":{
            "type":"array",
            "description":"Attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Attribute of the account."
}

Nested Schema : additionalAttributes

Type: array

Additional attributes.

Show Source

• Array of: object AdditionalAttribute
  Additional Attribute.

{
    "type":"array",
    "description":"Additional attributes.",
    "items":{
        "$ref":"#/definitions/AdditionalAttribute"
    }
}

Nested Schema : attributes

Type: array

Attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : value

Type: array

Value of the attribute.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Value of the attribute.",
    "items":{
        "type":"string"
    }
}

Nested Schema : AdditionalAttribute

Type: object

Additional Attribute.

Show Source

• name(required): string
  Name of the attribute.
• value(required): array value
  Value of the attribute.

{
    "type":"object",
    "required":[
        "name",
        "value"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the attribute."
        },
        "value":{
            "type":"array",
            "description":"Value of the attribute.",
            "items":{
                "type":"string"
            }
        }
    },
    "description":"Additional Attribute."
}

Nested Schema : value

Type: array

Value of the attribute.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Value of the attribute.",
    "items":{
        "type":"string"
    }
}

Nested Schema : ChildAssignmentData

Type: object

Entitlement attributes.

Show Source

• attributes(required): array attributes
  Entitlement attributes.

{
    "type":"object",
    "required":[
        "attributes"
    ],
    "properties":{
        "attributes":{
            "type":"array",
            "description":"Entitlement attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Entitlement attributes."
}

Nested Schema : attributes

Type: array

Entitlement attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Entitlement attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : permissionAssignments

Type: array

Permissions to be analyzed along with the account.

Show Source

• Array of: object AccountPermission
  Permission to be scanned.

{
    "type":"array",
    "description":"Permissions to be analyzed along with the account.",
    "items":{
        "$ref":"#/definitions/AccountPermission"
    }
}

Nested Schema : AccountPermission

Type: object

Permission to be scanned.

Show Source

• action(required): string
  Allowed Values: [ "ADD", "UPDATE" ]

  Action on the permission.
• attributes(required): array attributes
  Account attributes.
• id(required): string
  Permission ID.

{
    "type":"object",
    "required":[
        "action",
        "attributes",
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Permission ID."
        },
        "action":{
            "type":"string",
            "description":"Action on the permission.",
            "enum":[
                "ADD",
                "UPDATE"
            ],
            "x-obmcs-top-level-enum":"#/definitions/AttributeAction"
        },
        "attributes":{
            "type":"array",
            "description":"Account attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Permission to be scanned."
}

Nested Schema : attributes

Type: array

Account attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Account attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : attributes

Type: array

User attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"User attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : SeparationOfDutiesViolationSummary

Type: object

A Separation of Duties violation.

Show Source

• controlName: string
  Control name.
• existingRoles: array existingRoles
  Roles already granted to an identity.
• requestedRoles: array requestedRoles
  Roles requested for an identity.

{
    "type":"object",
    "properties":{
        "controlName":{
            "type":"string",
            "description":"Control name."
        },
        "existingRoles":{
            "type":"array",
            "description":"Roles already granted to an identity.",
            "items":{
                "$ref":"#/definitions/RoleInfo"
            }
        },
        "requestedRoles":{
            "type":"array",
            "description":"Roles requested for an identity.",
            "items":{
                "$ref":"#/definitions/RoleInfo"
            }
        }
    },
    "description":"A Separation of Duties violation."
}

Nested Schema : existingRoles

Type: array

Roles already granted to an identity.

Show Source

• Array of: object RoleInfo
  Identifying information for a role.

{
    "type":"array",
    "description":"Roles already granted to an identity.",
    "items":{
        "$ref":"#/definitions/RoleInfo"
    }
}

Nested Schema : requestedRoles

Type: array

Roles requested for an identity.

Show Source

• Array of: object RoleInfo
  Identifying information for a role.

{
    "type":"array",
    "description":"Roles requested for an identity.",
    "items":{
        "$ref":"#/definitions/RoleInfo"
    }
}

Nested Schema : RoleInfo

Type: object

Identifying information for a role.

Show Source

• accessPoints: array accessPoints
  Access points of the role.
• displayName: string
  The display name of the role.
• id: string
  The id of the role.
• name: string
  The name of the role.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"The id of the role."
        },
        "name":{
            "type":"string",
            "description":"The name of the role."
        },
        "displayName":{
            "type":"string",
            "description":"The display name of the role."
        },
        "accessPoints":{
            "type":"array",
            "description":"Access points of the role.",
            "items":{
                "type":"string"
            }
        }
    },
    "description":"Identifying information for a role."
}

Nested Schema : accessPoints

Type: array

Access points of the role.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Access points of the role.",
    "items":{
        "type":"string"
    }
}

Back to Top

Response

Supported Media Types

• application/json

200 Response

Separation of duties request statuses.

Headers

• etag: string
  For optimistic concurrency control. See `if-match`.
• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : SeparationOfDutiesStatusResponse

Type: object

Current status of one or more separation of duties requests.

Show Source

• items(required): array items
  List of request status.

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"List of request status.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesStatus"
            }
        }
    },
    "description":"Current status of one or more separation of duties requests."
}

Nested Schema : items

Type: array

List of request status.

Show Source

• Array of: object SeparationOfDutiesStatus
  Separation of Duties status.

{
    "type":"array",
    "description":"List of request status.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesStatus"
    }
}

Nested Schema : SeparationOfDutiesStatus

Type: object

Separation of Duties status.

Show Source

• requestedBy(required): string
  Requested by.
• requestId(required): string
  Unique identifier that is immutable on creation.
• requestStatus(required): string
  Allowed Values: [ "SUCCESS", "FAILED", "IN_PROGRESS" ]

  Request status.
• sodEvents(required): array sodEvents
  One or more separation of duties events.
• timeRequestCompletion: string(date-time)
  Request completion time.
• timeRequested: string(date-time)
  Request time.

{
    "type":"object",
    "required":[
        "requestId",
        "requestStatus",
        "requestedBy",
        "sodEvents"
    ],
    "properties":{
        "requestId":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation."
        },
        "requestStatus":{
            "type":"string",
            "description":"Request status.",
            "enum":[
                "SUCCESS",
                "FAILED",
                "IN_PROGRESS"
            ],
            "x-obmcs-top-level-enum":"#/definitions/SeparationOfDutiesRequestStatus"
        },
        "timeRequested":{
            "type":"string",
            "format":"date-time",
            "description":"Request time."
        },
        "timeRequestCompletion":{
            "type":"string",
            "format":"date-time",
            "description":"Request completion time."
        },
        "requestedBy":{
            "type":"string",
            "description":"Requested by."
        },
        "sodEvents":{
            "type":"array",
            "description":"One or more separation of duties events.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesEvent"
            }
        }
    },
    "description":"Separation of Duties status."
}

Nested Schema : sodEvents

Type: array

One or more separation of duties events.

Show Source

• Array of: object SeparationOfDutiesEvent
  Separation Of Duties Event.

{
    "type":"array",
    "description":"One or more separation of duties events.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesEvent"
    }
}

Nested Schema : SeparationOfDutiesEvent

Type: object

Separation Of Duties Event.

Show Source

• createdBy(required): string
  Who or what created the event.
• hasViolation(required): boolean
  Whether a violation was detected.
• id(required): string
  Unique identifier that is immutable on creation.
• provider(required): string
  Separation Of Duties provider.
• requestPayload(required): object RequestPayload
  Represents the payload for a request.
• status(required): string
  Allowed Values: [ "SUCCESS", "FAILED", "IN_PROGRESS", "PENDING" ]

  Processing Status.
• timeCreated: string(date-time)
  Creation time of the event.
• timeProcessingEnded: string(date-time)
  Separation Of Duties processing end time.
• timeProcessingStarted: string(date-time)
  Separation Of Duties processing start time.
• violationSummary(required): array violationSummary
  Separation Of Duties Violation Summary.

{
    "type":"object",
    "required":[
        "createdBy",
        "hasViolation",
        "id",
        "provider",
        "requestPayload",
        "status",
        "violationSummary"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Unique identifier that is immutable on creation."
        },
        "status":{
            "type":"string",
            "description":"Processing Status.",
            "enum":[
                "SUCCESS",
                "FAILED",
                "IN_PROGRESS",
                "PENDING"
            ],
            "x-obmcs-top-level-enum":"#/definitions/SeparationOfDutiesEventStatus"
        },
        "createdBy":{
            "type":"string",
            "description":"Who or what created the event."
        },
        "timeCreated":{
            "type":"string",
            "format":"date-time",
            "description":"Creation time of the event."
        },
        "timeProcessingStarted":{
            "type":"string",
            "format":"date-time",
            "description":"Separation Of Duties processing start time."
        },
        "timeProcessingEnded":{
            "type":"string",
            "format":"date-time",
            "description":"Separation Of Duties processing end time."
        },
        "requestPayload":{
            "$ref":"#/definitions/RequestPayload"
        },
        "hasViolation":{
            "type":"boolean",
            "description":"Whether a violation was detected."
        },
        "provider":{
            "type":"string",
            "description":"Separation Of Duties provider."
        },
        "violationSummary":{
            "type":"array",
            "description":"Separation Of Duties Violation Summary.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesViolationSummary"
            }
        }
    },
    "description":"Separation Of Duties Event."
}

Nested Schema : RequestPayload

Type: object

Represents the payload for a request.

Show Source

• accountData: object AccountData
  Information about the user account.
• childAssignmentData: array childAssignmentData
  List of child assignment data.
• requestData: object SeparationOfDutiesAnalysisDetails
  Details for performing Separation of Duties analysis.
• userData: object UserData
  Data of the User associated to a Separation of Duties event.

{
    "type":"object",
    "properties":{
        "requestData":{
            "$ref":"#/definitions/SeparationOfDutiesAnalysisDetails"
        },
        "userData":{
            "$ref":"#/definitions/UserData"
        },
        "accountData":{
            "$ref":"#/definitions/AccountData"
        },
        "childAssignmentData":{
            "type":"array",
            "description":"List of child assignment data.",
            "items":{
                "$ref":"#/definitions/ChildAssignmentData"
            }
        }
    },
    "description":"Represents the payload for a request."
}

Nested Schema : violationSummary

Type: array

Separation Of Duties Violation Summary.

Show Source

• Array of: object SeparationOfDutiesViolationSummary
  A Separation of Duties violation.

{
    "type":"array",
    "description":"Separation Of Duties Violation Summary.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesViolationSummary"
    }
}

Nested Schema : AccountData

Type: object

Information about the user account.

Show Source

• attributes(required): array attributes
  Account attributes.

{
    "type":"object",
    "required":[
        "attributes"
    ],
    "properties":{
        "attributes":{
            "type":"array",
            "description":"Account attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Information about the user account."
}

Nested Schema : childAssignmentData

Type: array

List of child assignment data.

Show Source

• Array of: object ChildAssignmentData
  Entitlement attributes.

{
    "type":"array",
    "description":"List of child assignment data.",
    "items":{
        "$ref":"#/definitions/ChildAssignmentData"
    }
}

Nested Schema : SeparationOfDutiesAnalysisDetails

Type: object

Details for performing Separation of Duties analysis.

Show Source

• accountData: object AccountData
  Information about the user account.
• orchestratedSystemIdentityId: string
  The ID of the Identity on the Orchestrated System.
• permissionAssignments(required): array permissionAssignments
  Permissions to be analyzed along with the account.
• requestedBy(required): string
  The user who requested the analysis.

{
    "type":"object",
    "required":[
        "permissionAssignments",
        "requestedBy"
    ],
    "properties":{
        "orchestratedSystemIdentityId":{
            "type":"string",
            "description":"The ID of the Identity on the Orchestrated System."
        },
        "accountData":{
            "$ref":"#/definitions/AccountData"
        },
        "permissionAssignments":{
            "type":"array",
            "description":"Permissions to be analyzed along with the account.",
            "items":{
                "$ref":"#/definitions/AccountPermission"
            }
        },
        "requestedBy":{
            "type":"string",
            "description":"The user who requested the analysis."
        }
    },
    "description":"Details for performing Separation of Duties analysis."
}

Nested Schema : UserData

Type: object

Data of the User associated to a Separation of Duties event.

Show Source

• attributes(required): array attributes
  User attributes.

{
    "type":"object",
    "required":[
        "attributes"
    ],
    "properties":{
        "attributes":{
            "type":"array",
            "description":"User attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Data of the User associated to a Separation of Duties event."
}

Nested Schema : attributes

Type: array

Account attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Account attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : Attribute

Type: object

Attribute of the account.

Show Source

• action: string
  Allowed Values: [ "ADD", "UPDATE" ]

  Operation to be done on the attribute.
• additionalAttributes: array additionalAttributes
  Additional attributes.
• attributes: array attributes
  Attributes.
• displayName: string
  Display Name of the attribute.
• name(required): string
  Name of the attribute.
• value: array value
  Value of the attribute.

{
    "type":"object",
    "required":[
        "name"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the attribute."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the attribute."
        },
        "value":{
            "type":"array",
            "description":"Value of the attribute.",
            "items":{
                "type":"string"
            }
        },
        "action":{
            "type":"string",
            "description":"Operation to be done on the attribute.",
            "enum":[
                "ADD",
                "UPDATE"
            ],
            "x-obmcs-top-level-enum":"#/definitions/AttributeAction"
        },
        "additionalAttributes":{
            "type":"array",
            "description":"Additional attributes.",
            "items":{
                "$ref":"#/definitions/AdditionalAttribute"
            }
        },
        "attributes":{
            "type":"array",
            "description":"Attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Attribute of the account."
}

Nested Schema : additionalAttributes

Type: array

Additional attributes.

Show Source

• Array of: object AdditionalAttribute
  Additional Attribute.

{
    "type":"array",
    "description":"Additional attributes.",
    "items":{
        "$ref":"#/definitions/AdditionalAttribute"
    }
}

Nested Schema : attributes

Type: array

Attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : value

Type: array

Value of the attribute.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Value of the attribute.",
    "items":{
        "type":"string"
    }
}

Nested Schema : AdditionalAttribute

Type: object

Additional Attribute.

Show Source

• name(required): string
  Name of the attribute.
• value(required): array value
  Value of the attribute.

{
    "type":"object",
    "required":[
        "name",
        "value"
    ],
    "properties":{
        "name":{
            "type":"string",
            "description":"Name of the attribute."
        },
        "value":{
            "type":"array",
            "description":"Value of the attribute.",
            "items":{
                "type":"string"
            }
        }
    },
    "description":"Additional Attribute."
}

Nested Schema : value

Type: array

Value of the attribute.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Value of the attribute.",
    "items":{
        "type":"string"
    }
}

Nested Schema : ChildAssignmentData

Type: object

Entitlement attributes.

Show Source

• attributes(required): array attributes
  Entitlement attributes.

{
    "type":"object",
    "required":[
        "attributes"
    ],
    "properties":{
        "attributes":{
            "type":"array",
            "description":"Entitlement attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Entitlement attributes."
}

Nested Schema : attributes

Type: array

Entitlement attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Entitlement attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : permissionAssignments

Type: array

Permissions to be analyzed along with the account.

Show Source

• Array of: object AccountPermission
  Permission to be scanned.

{
    "type":"array",
    "description":"Permissions to be analyzed along with the account.",
    "items":{
        "$ref":"#/definitions/AccountPermission"
    }
}

Nested Schema : AccountPermission

Type: object

Permission to be scanned.

Show Source

• action(required): string
  Allowed Values: [ "ADD", "UPDATE" ]

  Action on the permission.
• attributes(required): array attributes
  Account attributes.
• id(required): string
  Permission ID.

{
    "type":"object",
    "required":[
        "action",
        "attributes",
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"Permission ID."
        },
        "action":{
            "type":"string",
            "description":"Action on the permission.",
            "enum":[
                "ADD",
                "UPDATE"
            ],
            "x-obmcs-top-level-enum":"#/definitions/AttributeAction"
        },
        "attributes":{
            "type":"array",
            "description":"Account attributes.",
            "items":{
                "$ref":"#/definitions/Attribute"
            }
        }
    },
    "description":"Permission to be scanned."
}

Nested Schema : attributes

Type: array

Account attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"Account attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : attributes

Type: array

User attributes.

Show Source

• Array of: object Attribute
  Attribute of the account.

{
    "type":"array",
    "description":"User attributes.",
    "items":{
        "$ref":"#/definitions/Attribute"
    }
}

Nested Schema : SeparationOfDutiesViolationSummary

Type: object

A Separation of Duties violation.

Show Source

• controlName: string
  Control name.
• existingRoles: array existingRoles
  Roles already granted to an identity.
• requestedRoles: array requestedRoles
  Roles requested for an identity.

{
    "type":"object",
    "properties":{
        "controlName":{
            "type":"string",
            "description":"Control name."
        },
        "existingRoles":{
            "type":"array",
            "description":"Roles already granted to an identity.",
            "items":{
                "$ref":"#/definitions/RoleInfo"
            }
        },
        "requestedRoles":{
            "type":"array",
            "description":"Roles requested for an identity.",
            "items":{
                "$ref":"#/definitions/RoleInfo"
            }
        }
    },
    "description":"A Separation of Duties violation."
}

Nested Schema : existingRoles

Type: array

Roles already granted to an identity.

Show Source

• Array of: object RoleInfo
  Identifying information for a role.

{
    "type":"array",
    "description":"Roles already granted to an identity.",
    "items":{
        "$ref":"#/definitions/RoleInfo"
    }
}

Nested Schema : requestedRoles

Type: array

Roles requested for an identity.

Show Source

• Array of: object RoleInfo
  Identifying information for a role.

{
    "type":"array",
    "description":"Roles requested for an identity.",
    "items":{
        "$ref":"#/definitions/RoleInfo"
    }
}

Nested Schema : RoleInfo

Type: object

Identifying information for a role.

Show Source

• accessPoints: array accessPoints
  Access points of the role.
• displayName: string
  The display name of the role.
• id: string
  The id of the role.
• name: string
  The name of the role.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"The id of the role."
        },
        "name":{
            "type":"string",
            "description":"The name of the role."
        },
        "displayName":{
            "type":"string",
            "description":"The display name of the role."
        },
        "accessPoints":{
            "type":"array",
            "description":"Access points of the role.",
            "items":{
                "type":"string"
            }
        }
    },
    "description":"Identifying information for a role."
}

Nested Schema : accessPoints

Type: array

Access points of the role.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Access points of the role.",
    "items":{
        "type":"string"
    }
}

400 Response

Bad Request

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

401 Response

Unauthorized

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

404 Response

Not Found

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

409 Response

Conflict

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

412 Response

Precondition failed

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

429 Response

Too Many Requests

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

500 Response

Internal Server Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Default Response

Unknown Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Back to Top

Examples

The following example shows how to check status of SoD flagged requests.

cURL Request Example

curl -i -X POST \
   -H "Authorization:Bearer <your-access-token>" \
   -H "Content-Type:application/json" \
   -d \
'{
    "requestIds": [
        "001673a9955b43fc97aedcdxxx71e14f2",
        "f334fbba4e1b41b1a2fc21345xxd73e729"
    ]
}'\
 '<${service-instance-url}/access-governance/access-controls/${versionId}/separationOfDuties/actions/status>'

Example Request Payload

{
    "requestIds": [
        "001673a9955b43fc97aedcdxxx71e14f2",
        "f334fbba4e1b41b1a2fc21345xxd73e729"
    ]
}

Example of the Response Code

You'll receive 200 OK response along with the following response body:

{
    "items": [
        {
            "requestId": "001673a9955b43fc97aedc93571e14f2",
            "requestStatus": "SUCCESS",
            "timeRequested": "2025-11-12T16:51:55.000Z",
            "timeRequestCompletion": "2025-11-12T16:55:01.227Z",
            "requestedBy": "88b9690ece344653953570480031e7d0",
            "sodEvents": [
                {
                    "id": "b582216225204201b011a09d59df46e0",
                    "status": "SUCCESS",
                    "createdBy": "88b9690ece344653953570480031e7d0",
                    "timeCreated": "2025-11-12T16:51:55.000Z",
                    "timeProcessingStarted": "2025-11-12T16:51:57.282Z",
                    "timeProcessingEnded": "2025-11-12T16:55:01.227Z",
                    "hasConflict": true,
                    "provider": "FA_RMCS",
                    "violations": [
                        {
                            "controlName": "10103: Sensitive Joint Venture Stakeholder Privileges",
                            "violation": [
                                {
                                    "conflictingRole": "Application Implementation Consultant",
                                    "accessPoint": "Manage Joint Venture Definition"
                                }
                            ]
                        }
                    ]
                }
            ]
        },
        {
            "requestId": "f334fbba4e1b41b1a2fc2135cd73e729",
            "requestStatus": "FAILED",
            "timeRequested": "2025-11-12T16:51:57.000Z",
            "timeRequestCompletion": "2025-11-12T16:52:37.853Z",
            "requestedBy": "88b9690ece344653953570480031e7d0",
            "sodEvents": [
                {
                    "id": "20b2884487674888960c83320212bdd2",
                    "status": "FAILED",
                    "createdBy": "88b9690ece344653953570480031e7d0",
                    "timeCreated": "2025-11-12T16:51:57.000Z",
                    "timeProcessingStarted": "2025-11-12T16:52:18.772Z",
                    "timeProcessingEnded": "2025-11-12T16:52:37.853Z",
                    "hasConflict": false,
                    "provider": "FA_RMCS",
                    "violations": []
                }
            ]
        }
    ]
}

Back to Top