Skip to main content
Version: Cloud

Changelog

Version 3.0

  • Updated the API response code for error conditions from Bad request (400) to OK (200) in internal processing errors that previously returned a 400 status code inappropriately.

    note

    Please review your error-handling implementations and adjust any logic that specifically checks for a 400 response in affected API calls.

  • Updated the logic for the Reason field in the access request configuration type from a simple Boolean (required/not required) to a more flexible enum-based configuration with three possible values:

    • Required: Field is shown and validation is enforced.
    • Optional: Field is shown but not validated.
    • Hidden: Field is not shown and not validated.

    To manage this setting, go to: Setup > Forms > Request Access (Submit form) > Design form > Specify a reason.

    To make the field optional, deselect both Requires value and Hidden (clientside). This way, you will be able to submit the form without selecting a reason, introducing an optional state in the access request flow.

    Design of Request access form

  • Before, if a resource assignment had no violations, it was possible to map this value to NoOverride. This has been fixed so that now, if a resource assignment has no violations, it will correctly have NoViolation assigned as its violation status.

  • Updated the isContextRequired field in the access request configuration type form to an enumeration type with three possible values defining access request flow behavior for business context:

    • Required: Field is visible and validated.
    • Optional: Field is visible but not validated (the field is automatically populated, but can be left empty).
    • Hidden: Field is not visible and not validated.

Version 2.14

  • Added new query identityContexts
  • Added new contextID field at the resource level for the accessRequestPolicyCheks query. This new field enables the specification of unique contexts for each resource. If the contextId is not provided for all resources included in the query, the API will automatically attempt to utilize the context field from the root level of the query.

Version 2.13

  • Added new filter eligibilityFilter to query resources
  • Added new field to AccessRequestStatus: AccessApprovalStatusEnum

Version 2.12

  • Added new Query accessAprovalResourceAssignmentIds
  • Added new field to AccessApprovalConfiguration: MassEditEnabled
  • Added new field to PeerReviewAccessPolicyCheckResult ResourceAssignment
  • Added new field to SAPPolicyCheckResult ResourceAssignment
  • Added new field to SoDPolicyCheckResult ResourceAssignment

Version 2.11

  • Added new query accessApprovalWorkflowStepsQuestionCount
  • Added new query accessApprovalReassignmentUsers
  • Added new mutation reassignSurveyQuestions
  • Added new field to SystemCategory: Content
  • Added new field to AccessApprovalConfiguration: ReassignmentEnabled
  • Added new field to CalculatedAssignmentFilterInput identityIds
  • Added new field to ResourceType: autoCreateAccounts
  • Added new field to System: autoCreateAccounts

Version 2.10

We have added a new field to System:

  • SystemCategory

Version 2.9

We have included new fields to AccessRequestStatus:

  • ViolationStatus
  • ViolationStatusText
  • ProvisioningStatus
  • ProvisioningStatusText

Version 2.8

We have included a new query calculatedAssignments. This query is designed to retrieve all calculated assignments data associated with a specific system, based on the provided systemID.

We have enhanced the accessRequests/childAssignments to now include all data points that are available through the calculatedAssignments query.

Version 2.7

We have included the CreateTime field and the CreatedBy object on the following types:

  • Resource
  • Identity
  • System
  • ResourceAssignment
  • Account
  • ResourceFolder
  • ResourceType

Added new policyCheckConfiguration query. This field returns True if any policy and risk checks in the Enterprise Server are configured as active, not hidden in the Access approval survey and the Mode is not set to Calculation.

Added new accessApprovalPolicyChecks query that can be used to execute a policy and risk check for the question assigned to the active user in the Access approval survey. The query comprises three fields:

  • SoDPolicyCheck: contains the results of an SoD (Segregation of Duties) policy check. Returns null if the policy check is disabled.

  • SAPPolicyCheck: contains the result of the SAP GRC policy and risk check. Returns null if the policy check is disabled.

  • PeerReviewAccessPolicyCheck: contains the result of the Peer access analysis policy check. Returns null if the policy check is disabled.

  • accessApprovalPolicyChecks: the query can be used for performing simulated policy checks of assignments pending approval.

  • Version 2.6

    • Added new accessApprovalSurveyConfiguration query
    • Added new filter workflowStep filter in the accessRequestApprovalSurveyQuestions query

  • Version 2.5

New queries under accessRequestComponents:

  • resourceTypes

  • contexts

  • configuration

  • Version 2.4

    • New query accessRequestApprovalSurveyQuestions
    • New mutation SubmitRequestQuestions
    • New riskLevel fields to:
      • ResourceType
      • IdentityType

  • Version 2.3

    • Changed all DateTimes fields to return their values in UTC format
    • New query userSettings

  • Version 2.2

New query extendAccessRequests

  • Version 2.1

New queries under accessRequestComponents:

  • identitiesCanRequestResource
  • extendableResourceAssignments

New mutation extendAccess

All queries which supports pagination and accessRequests have been wrapped into a new type, paginationListType, with new fields:

  • Data
  • Total
  • Pages

New types: identityResourcesInputType

Changes to:

  • accessRequestAsResourcesInputType: reason has been made nullable, added identityResources
  • accessRequestAsTextInputType: reason has been made nullable
  • accessRequestType: validFrom and validTo has been made nullable, added reason and resourceAssignmentId
  • contextType: has been renamed to displayName

New fields to:

  • resourceType: resourceCategory, resourceType, resourceFolder and accountTypes
  • accessRequestConfigurationType: isAccountRequired, isReasonRequired and defaultAccountType

New fields to:

  • IdentityType: IdentityType and accounts

  • ResourceInputType: AccountInfo

  • Version 2.0

  • accessRequest query renamed to accessRequestComponents

New queries:

  • textBasedAccessRequest

  • textBasedAccessRequestsByIds

  • accessRequestsByIds There is a bug in this version when requesting access to a resource that contains child resources. The data is not loading, and an exception is being recorded in the event log.

  • Version 1.1

Added support of Attributes in the Resource type.

  • Version 1.0

Initial release of the API