Jump to

• Request
• Response
• Examples

Get all results

get

/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning

Request

Query Parameters

• expand: string
  When this parameter is provided, the specified children are included in the resource payload (instead of just a link). The value of this query parameter is "all" or "". More than one child can be specified using comma as a separator. Example: ?expand=Employees,Localizations. Nested children can also be provided following the format "Child.NestedChild" (Example: ?expand=Employees.Managers). If a nested child is provided (Example: Employees.Managers), the missing children will be processed implicitly. For example, "?expand=Employees.Managers" is the same as "?expand=Employees,Employees.Managers" (which will expand Employees and Managers).
• fields: string
  This parameter filters the resource fields. Only the specified fields are returned, which means that if no fields are specified, no fields are returned (useful to get only the links). If an indirect child resource is provided (Example: Employees.Managers), the missing children will be processed implicitly. For example, "?fields=Employees.Managers:Empname" is the same as "?fields=;Employees:;Employees.Managers:Empname" (which will only return the "Empname" field for Managers). the value of this query parameter is a list of resource fields. The attribute can be a direct (Example: Employees) or indirect (Example: Employees.Managers) child. It cannot be combined with expand query parameter. If both are provided, only fields will be considered.
  
  Format: ?fields=Attribute1,Attribute2
  
  Format for fields in child resource: ?fields=Accessor1:Attribute1,Attribute2
• finder: string
  Used as a predefined finder to search the collection.
  
  Format: ?finder=<finderName>;<variableName>=<variableValue>,<variableName2>=<variableValue2>
  
  The following are the available finder names and corresponding finder variables:
  
  

  • PrimaryKey: Finds all user provisioning analysis incidents for a particular provisioning request.
    Finder Variables:
  • getUserProvisioningAnalysisIncidents: Finds all results for a particular provisioning simulation request.
    Finder Variables:
    • requestId; integer; The unique ID for the provisioning simulation request.
• limit: integer
  This parameter restricts the number of resources returned inside the resource collection. If the limit exceeds the resource count then the framework will only return the available resources.
• links: string
  This parameter can be used to show only certain links while accessing a singular resource or a resource collection. The parameter value format is a comma-separated list of : <link_relation>
  
  Example:
  self,canonical
  
• offset: integer
  Used to define the starting position of the resource collection. If offset exceeds the resource count then no resources are returned. Default value is 0.
• onlyData: boolean
  The resource item payload will be filtered in order to contain only data (no links section, for example).
• orderBy: string
  This parameter orders a resource collection based on the specified fields. The parameter value is a comma-separated string of attribute names, each optionally followed by a colon and "asc" or "desc". Specify "asc" for ascending and "desc" for descending. The default value is "asc". For example, ?orderBy=field1:asc,field2:desc
• q: string
  This query parameter defines the where clause. The resource collection will be queried using the provided expressions. The value of this query parameter is one or more expressions. Example: ?q=Deptno>=10 and <= 30;Loc!=NY
  
  Format: ?q=expression1;expression2
  
  You can use these queryable attributes to filter this collection resource using the q query parameter:
  

  • conflictingRole; string; The roles conflicting with the role to be assigned to the user, delimited by a pipe character.
  • controlId; integer; The ID of an access control.
  • controlName; string; The name of the access control.
  • incidentPath; string; The result path, represented as role display names leading to the privilege found to be in conflict with the requested role.
  • incidentPathCode; string; The result path, represented as role codes leading to the privilege found to be in conflict with the requested role.
  • inputRoleCode; string; The code of the role to be assigned to the user.
  • inputRoleName; string; The name of the role to be assigned to the user.
• totalResults: boolean
  The resource collection representation will include the "estimated row count" when "?totalResults=true", otherwise the count is not included. The default value is "false".

Header Parameters

• Metadata-Context:
  If the REST API supports runtime customizations, the shape of the service may change during runtime. The REST client may isolate itself from these changes or choose to interact with the latest version of the API by specifying this header. For example: Metadata-Context:sandbox="TrackEmployeeFeature".
• REST-Framework-Version:
  The protocol version between a REST client and service. If the client does not specify this header in the request the server will pick a default version for the API.

There's no request body for this operation.

Back to Top

Response

Supported Media Types

• application/json

Default Response

The following table describes the default response for this task.

Headers

• Metadata-Context:
  If the REST API supports runtime customizations, the shape of the service may change during runtime. The REST client may isolate itself from these changes or choose to interact with the latest version of the API by specifying this header. For example: Metadata-Context:sandbox="TrackEmployeeFeature".
• REST-Framework-Version:
  The protocol version between a REST client and service. If the client does not specify this header in the request the server will pick a default version for the API.

Body ()

Root Schema : advancedControlsRolesProvisioning

Type: object

Show Source

• count(required): integer
  The number of resource instances returned in the current range.
• hasMore(required): boolean
  Indicates whether more resources are available on the server than the subset returned in the response. If the value is true, then there are more resources to retrieve from the server. The default value is false.
• items: array Items
  Title: Items

  The items in the collection.
• limit(required): integer
  The actual paging size used by the server.
• links(required): array Links
  Title: Links

  The link relations associated with the resource instance.
• offset(required): integer
  The offset value used in the current page.
• totalResults: integer
  The estimated row count when "?totalResults=true", otherwise the count is not included.

{
    "required":[
        "count",
        "hasMore",
        "limit",
        "links",
        "offset"
    ],
    "type":"object",
    "properties":{
        "totalResults":{
            "type":"integer",
            "description":"The estimated row count when \"?totalResults=true\", otherwise the count is not included."
        },
        "offset":{
            "type":"integer",
            "description":"The offset value used in the current page."
        },
        "count":{
            "type":"integer",
            "description":"The number of resource instances returned in the current range."
        },
        "hasMore":{
            "type":"boolean",
            "description":"Indicates whether more resources are available on the server than the subset returned in the response. If the value is true, then there are more resources to retrieve from the server. The default value is false."
        },
        "limit":{
            "type":"integer",
            "description":"The actual paging size used by the server."
        },
        "links":{
            "title":"Links",
            "type":"array",
            "description":"The link relations associated with the resource instance.",
            "items":{
                "$ref":"#/components/schemas/link"
            }
        },
        "items":{
            "title":"Items",
            "type":"array",
            "description":"The items in the collection.",
            "items":{
                "$ref":"#/components/schemas/advancedControlsRolesProvisioning-item-response"
            }
        }
    },
    "x-hints":{
        "usage":"BusinessObject"
    }
}

Nested Schema : Items

Type: array

Title: Items

The items in the collection.

Show Source

• Array of: object advancedControlsRolesProvisioning-item-response

{
    "title":"Items",
    "type":"array",
    "description":"The items in the collection.",
    "items":{
        "$ref":"#/components/schemas/advancedControlsRolesProvisioning-item-response"
    }
}

Nested Schema : Links

Type: array

Title: Links

The link relations associated with the resource instance.

Show Source

• Array of: object link

{
    "title":"Links",
    "type":"array",
    "description":"The link relations associated with the resource instance.",
    "items":{
        "$ref":"#/components/schemas/link"
    }
}

Nested Schema : advancedControlsRolesProvisioning-item-response

Type: object

Show Source

• conflictingRole: string
  Read Only: true

  Maximum Length: 256

  The roles conflicting with the role to be assigned to the user, delimited by a pipe character.
• controlId: integer (int64)
  Read Only: true

  The ID of an access control.
• controlName: string
  Read Only: true

  Maximum Length: 256

  The name of the access control.
• incidentPath: string
  Read Only: true

  Maximum Length: 256

  The result path, represented as role display names leading to the privilege found to be in conflict with the requested role.
• incidentPathCode: string
  Read Only: true

  Maximum Length: 256

  The result path, represented as role codes leading to the privilege found to be in conflict with the requested role.
• inputRoleCode: string
  Read Only: true

  Maximum Length: 256

  The code of the role to be assigned to the user.
• inputRoleName: string
  Read Only: true

  Maximum Length: 256

  The name of the role to be assigned to the user.
• links: array Links
  Title: Links

  The link relations associated with the resource instance.

{
    "type":"object",
    "properties":{
        "incidentPathCode":{
            "maxLength":"256",
            "type":"string",
            "description":"The result path, represented as role codes leading to the privilege found to be in conflict with the requested role.",
            "nullable":false,
            "readOnly":true,
            "x-queryable":true
        },
        "incidentPath":{
            "maxLength":"256",
            "type":"string",
            "description":"The result path, represented as role display names leading to the privilege found to be in conflict with the requested role.",
            "nullable":false,
            "readOnly":true,
            "x-queryable":true
        },
        "controlName":{
            "maxLength":"256",
            "type":"string",
            "description":"The name of the access control.",
            "nullable":true,
            "readOnly":true,
            "x-queryable":true
        },
        "links":{
            "title":"Links",
            "type":"array",
            "description":"The link relations associated with the resource instance.",
            "items":{
                "$ref":"#/components/schemas/link"
            }
        },
        "controlId":{
            "type":"integer",
            "description":"The ID of an access control.",
            "format":"int64",
            "nullable":false,
            "readOnly":true,
            "x-hints":{
                "precision":"19"
            },
            "x-queryable":true
        },
        "inputRoleName":{
            "maxLength":"256",
            "type":"string",
            "description":"The name of the role to be assigned to the user.",
            "nullable":false,
            "readOnly":true,
            "x-queryable":true
        },
        "inputRoleCode":{
            "maxLength":"256",
            "type":"string",
            "description":"The code of the role to be assigned to the user.",
            "nullable":false,
            "readOnly":true,
            "x-queryable":true
        },
        "conflictingRole":{
            "maxLength":"256",
            "type":"string",
            "description":"The roles conflicting with the role to be assigned to the user, delimited by a pipe character.",
            "nullable":false,
            "readOnly":true,
            "x-queryable":true
        }
    }
}

Nested Schema : Links

Type: array

Title: Links

The link relations associated with the resource instance.

Show Source

• Array of: object link

{
    "title":"Links",
    "type":"array",
    "description":"The link relations associated with the resource instance.",
    "items":{
        "$ref":"#/components/schemas/link"
    }
}

Nested Schema : link

Type: object

Show Source

• href: string
  Title: hyperlink reference

  The URI to the related resource.
• kind: string
  Title: kind

  Allowed Values: [ "collection", "item", "describe", "other" ]

  The kind of the related resource.
• name: string
  Title: name

  The name of the link to the related resource.
• properties: object properties
• rel: string
  Title: relation

  Allowed Values: [ "self", "lov", "parent", "canonical", "child", "enclosure", "action", "custom" ]

  The name of the relation to the resource instance. Example: self.

{
    "type":"object",
    "properties":{
        "kind":{
            "title":"kind",
            "type":"string",
            "description":"The kind of the related resource.",
            "enum":[
                "collection",
                "item",
                "describe",
                "other"
            ]
        },
        "rel":{
            "title":"relation",
            "type":"string",
            "description":"The name of the relation to the resource instance.  Example: self.",
            "enum":[
                "self",
                "lov",
                "parent",
                "canonical",
                "child",
                "enclosure",
                "action",
                "custom"
            ]
        },
        "name":{
            "title":"name",
            "type":"string",
            "description":"The name of the link to the related resource."
        },
        "href":{
            "title":"hyperlink reference",
            "type":"string",
            "description":"The URI to the related resource."
        },
        "properties":{
            "type":"object",
            "properties":{
                "changeIndicator":{
                    "type":"string",
                    "description":"Change indicator or the ETag value of the resource instance."
                }
            }
        }
    }
}

Nested Schema : properties

Type: object

Show Source

• changeIndicator: string
  Change indicator or the ETag value of the resource instance.

{
    "type":"object",
    "properties":{
        "changeIndicator":{
            "type":"string",
            "description":"Change indicator or the ETag value of the resource instance."
        }
    }
}

Links

getRequestStatus

Operation: /fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/action/getRequestStatus

Returns the status of the provisioning simulation request. When the status is Completed, call the Get all results action. This returns conflicts a user will have if the requested roles and data are granted. Results include the control ID and control name, the requested role and its incident path, as well as the roles it conflicts with.

runUserProvisioningAnalysis

Operation: /fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/action/runUserProvisioningAnalysis

Use this action to initiate a simulation of active access controls. No incidents are created from the use of this REST resource. The results produced by this resource are only a simulation.

Back to Top

Examples

The following example shows how to retrieve all the results by submitting a GET request on the REST resource using cURL.

curl -i -u "<username>:<password>" -H "Content-Type: application/vnd.oracle.adf.resourcecollection+json" -X GET https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning?finder=getUserProvisioningAnalysisIncidents;requestId=1

Example Response Body

The following example shows the contents of the response body in JSON format:

{
    "items": [
        {
            "controlId": 86731,
            "controlName": "Enter journal and view risk",
            "inputRoleCode": "PROV_TEST_ROLE2",
            "inputRoleName": "Prov Test Role2",
            "incidentPath": "Enter Journal By Spreadsheet",
            "conflictingRole": "Prov Test Role1",
            "links": [
                {
                    "rel": "self",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/14",
                    "name": "advancedControlsRolesProvisioning",
                    "kind": "item"
                },
                {
                    "rel": "canonical",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/14",
                    "name": "advancedControlsRolesProvisioning",
                    "kind": "item"
                }
            ]
        },
        {
            "controlId": 86731,
            "controlName": "Enter journal and view risk",
            "inputRoleCode": "PROV_TEST_ROLE2",
            "inputRoleName": "Prov Test Role2",
            "incidentPath": "Enter Journal By Spreadsheet",
            "conflictingRole": "Prov Test Role1|Prov Test Role4",
            "links": [
                {
                    "rel": "self",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/13",
                    "name": "advancedControlsRolesProvisioning",
                    "kind": "item"
                },
                {
                    "rel": "canonical",
                    "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/13",
                    "name": "advancedControlsRolesProvisioning",
                    "kind": "item"
                }
            ]
        },
        ...
    ],

    "count": 25,
    "hasMore": true,
    "limit": 25,
    "offset": 0,
    "links": [
        {
            "rel": "self",
            "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning",
            "name": "advancedControlsRolesProvisioning",
            "kind": "collection"
        },
        {
            "rel": "action",
            "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/action/getRequestStatus",
            "name": "getRequestStatus",
            "kind": "other"
        },
        {
            "rel": "action",
            "href": "https://servername.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05/advancedControlsRolesProvisioning/action/runUserProvisioningAnalysis",
            "name": "runUserProvisioningAnalysis",
            "kind": "other"
        }
    ]
}

Back to Top