package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"github.com/conductorone/conductorone-sdk-go/pkg/models/operations"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.AccessReviewTemplateSetupEntitlement.SetScopeByResourceType(ctx, operations.C1APIAccessreviewV1AccessReviewTemplateSetupEntitlementServiceSetScopeByResourceTypeRequest{
AccessReviewTemplateID: "<id>",
})
if err != nil {
log.Fatal(err)
}
if res.AccessReviewTemplateSetScopeByResourceTypeResponse != nil {
// handle response
}
}import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";
const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
security: {
bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
oauth: "<YOUR_OAUTH_HERE>",
},
});
async function run() {
const result = await conductoroneSDKTypescript.accessReviewTemplateSetupEntitlement.setScopeByResourceType({
accessReviewTemplateId: "<id>",
});
console.log(result);
}
run();curl --request POST \
--url https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"resourceTypeSelections": [
{
"appId": "<string>",
"resourceTypeId": "<string>"
}
],
"scope": {
"accountCelExpression": {
"expression": "<string>"
},
"accountCriteria": {
"accountTypes": [],
"appUserStatuses": [],
"noAccountOwner": true
},
"allAccessConflicts": {},
"allAccounts": {},
"allGrants": {},
"allUsers": {},
"appAccess": {},
"appSelectionCriteria": {
"complianceFrameworkAttributeValueIds": [
"<string>"
],
"riskLevelAttributeValueIds": [
"<string>"
]
},
"celExpression": {
"expression": "<string>"
},
"grantsByCriteria": {
"accessProfileFilter": {
"excludedAccessProfileIds": [
"<string>"
],
"includedAccessProfileIds": [
"<string>"
]
},
"daysSinceAdded": "<string>",
"daysSinceLastUsed": "<string>",
"daysSinceReviewed": "<string>",
"grantsAddedBetween": {
"endDate": "2023-11-07T05:31:56Z",
"startDate": "2023-11-07T05:31:56Z"
}
},
"resourceSelection": {},
"resourceTypeSelections": {},
"selectedUsers": {
"userIds": [
"<string>"
]
},
"specificAccessConflicts": {},
"specificResources": {},
"userCriteria": {
"groupAppEntitlementsRef": [
{
"appId": "<string>",
"id": "<string>"
}
],
"managerUserIds": [
"<string>"
],
"multiUserProfileAttributes": {},
"userStatus": []
}
}
}
'import requests
url = "https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type"
payload = {
"resourceTypeSelections": [
{
"appId": "<string>",
"resourceTypeId": "<string>"
}
],
"scope": {
"accountCelExpression": { "expression": "<string>" },
"accountCriteria": {
"accountTypes": [],
"appUserStatuses": [],
"noAccountOwner": True
},
"allAccessConflicts": {},
"allAccounts": {},
"allGrants": {},
"allUsers": {},
"appAccess": {},
"appSelectionCriteria": {
"complianceFrameworkAttributeValueIds": ["<string>"],
"riskLevelAttributeValueIds": ["<string>"]
},
"celExpression": { "expression": "<string>" },
"grantsByCriteria": {
"accessProfileFilter": {
"excludedAccessProfileIds": ["<string>"],
"includedAccessProfileIds": ["<string>"]
},
"daysSinceAdded": "<string>",
"daysSinceLastUsed": "<string>",
"daysSinceReviewed": "<string>",
"grantsAddedBetween": {
"endDate": "2023-11-07T05:31:56Z",
"startDate": "2023-11-07T05:31:56Z"
}
},
"resourceSelection": {},
"resourceTypeSelections": {},
"selectedUsers": { "userIds": ["<string>"] },
"specificAccessConflicts": {},
"specificResources": {},
"userCriteria": {
"groupAppEntitlementsRef": [
{
"appId": "<string>",
"id": "<string>"
}
],
"managerUserIds": ["<string>"],
"multiUserProfileAttributes": {},
"userStatus": []
}
}
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
resourceTypeSelections: [{appId: '<string>', resourceTypeId: '<string>'}],
scope: {
accountCelExpression: {expression: '<string>'},
accountCriteria: {accountTypes: [], appUserStatuses: [], noAccountOwner: true},
allAccessConflicts: {},
allAccounts: {},
allGrants: {},
allUsers: {},
appAccess: {},
appSelectionCriteria: {
complianceFrameworkAttributeValueIds: ['<string>'],
riskLevelAttributeValueIds: ['<string>']
},
celExpression: {expression: '<string>'},
grantsByCriteria: {
accessProfileFilter: {excludedAccessProfileIds: ['<string>'], includedAccessProfileIds: ['<string>']},
daysSinceAdded: '<string>',
daysSinceLastUsed: '<string>',
daysSinceReviewed: '<string>',
grantsAddedBetween: {endDate: '2023-11-07T05:31:56Z', startDate: '2023-11-07T05:31:56Z'}
},
resourceSelection: {},
resourceTypeSelections: {},
selectedUsers: {userIds: ['<string>']},
specificAccessConflicts: {},
specificResources: {},
userCriteria: {
groupAppEntitlementsRef: [{appId: '<string>', id: '<string>'}],
managerUserIds: ['<string>'],
multiUserProfileAttributes: {},
userStatus: []
}
}
})
};
fetch('https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'resourceTypeSelections' => [
[
'appId' => '<string>',
'resourceTypeId' => '<string>'
]
],
'scope' => [
'accountCelExpression' => [
'expression' => '<string>'
],
'accountCriteria' => [
'accountTypes' => [
],
'appUserStatuses' => [
],
'noAccountOwner' => true
],
'allAccessConflicts' => [
],
'allAccounts' => [
],
'allGrants' => [
],
'allUsers' => [
],
'appAccess' => [
],
'appSelectionCriteria' => [
'complianceFrameworkAttributeValueIds' => [
'<string>'
],
'riskLevelAttributeValueIds' => [
'<string>'
]
],
'celExpression' => [
'expression' => '<string>'
],
'grantsByCriteria' => [
'accessProfileFilter' => [
'excludedAccessProfileIds' => [
'<string>'
],
'includedAccessProfileIds' => [
'<string>'
]
],
'daysSinceAdded' => '<string>',
'daysSinceLastUsed' => '<string>',
'daysSinceReviewed' => '<string>',
'grantsAddedBetween' => [
'endDate' => '2023-11-07T05:31:56Z',
'startDate' => '2023-11-07T05:31:56Z'
]
],
'resourceSelection' => [
],
'resourceTypeSelections' => [
],
'selectedUsers' => [
'userIds' => [
'<string>'
]
],
'specificAccessConflicts' => [
],
'specificResources' => [
],
'userCriteria' => [
'groupAppEntitlementsRef' => [
[
'appId' => '<string>',
'id' => '<string>'
]
],
'managerUserIds' => [
'<string>'
],
'multiUserProfileAttributes' => [
],
'userStatus' => [
]
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}HttpResponse<String> response = Unirest.post("https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"resourceTypeSelections\": [\n {\n \"appId\": \"<string>\",\n \"resourceTypeId\": \"<string>\"\n }\n ],\n \"scope\": {\n \"accountCelExpression\": {\n \"expression\": \"<string>\"\n },\n \"accountCriteria\": {\n \"accountTypes\": [],\n \"appUserStatuses\": [],\n \"noAccountOwner\": true\n },\n \"allAccessConflicts\": {},\n \"allAccounts\": {},\n \"allGrants\": {},\n \"allUsers\": {},\n \"appAccess\": {},\n \"appSelectionCriteria\": {\n \"complianceFrameworkAttributeValueIds\": [\n \"<string>\"\n ],\n \"riskLevelAttributeValueIds\": [\n \"<string>\"\n ]\n },\n \"celExpression\": {\n \"expression\": \"<string>\"\n },\n \"grantsByCriteria\": {\n \"accessProfileFilter\": {\n \"excludedAccessProfileIds\": [\n \"<string>\"\n ],\n \"includedAccessProfileIds\": [\n \"<string>\"\n ]\n },\n \"daysSinceAdded\": \"<string>\",\n \"daysSinceLastUsed\": \"<string>\",\n \"daysSinceReviewed\": \"<string>\",\n \"grantsAddedBetween\": {\n \"endDate\": \"2023-11-07T05:31:56Z\",\n \"startDate\": \"2023-11-07T05:31:56Z\"\n }\n },\n \"resourceSelection\": {},\n \"resourceTypeSelections\": {},\n \"selectedUsers\": {\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"specificAccessConflicts\": {},\n \"specificResources\": {},\n \"userCriteria\": {\n \"groupAppEntitlementsRef\": [\n {\n \"appId\": \"<string>\",\n \"id\": \"<string>\"\n }\n ],\n \"managerUserIds\": [\n \"<string>\"\n ],\n \"multiUserProfileAttributes\": {},\n \"userStatus\": []\n }\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"resourceTypeSelections\": [\n {\n \"appId\": \"<string>\",\n \"resourceTypeId\": \"<string>\"\n }\n ],\n \"scope\": {\n \"accountCelExpression\": {\n \"expression\": \"<string>\"\n },\n \"accountCriteria\": {\n \"accountTypes\": [],\n \"appUserStatuses\": [],\n \"noAccountOwner\": true\n },\n \"allAccessConflicts\": {},\n \"allAccounts\": {},\n \"allGrants\": {},\n \"allUsers\": {},\n \"appAccess\": {},\n \"appSelectionCriteria\": {\n \"complianceFrameworkAttributeValueIds\": [\n \"<string>\"\n ],\n \"riskLevelAttributeValueIds\": [\n \"<string>\"\n ]\n },\n \"celExpression\": {\n \"expression\": \"<string>\"\n },\n \"grantsByCriteria\": {\n \"accessProfileFilter\": {\n \"excludedAccessProfileIds\": [\n \"<string>\"\n ],\n \"includedAccessProfileIds\": [\n \"<string>\"\n ]\n },\n \"daysSinceAdded\": \"<string>\",\n \"daysSinceLastUsed\": \"<string>\",\n \"daysSinceReviewed\": \"<string>\",\n \"grantsAddedBetween\": {\n \"endDate\": \"2023-11-07T05:31:56Z\",\n \"startDate\": \"2023-11-07T05:31:56Z\"\n }\n },\n \"resourceSelection\": {},\n \"resourceTypeSelections\": {},\n \"selectedUsers\": {\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"specificAccessConflicts\": {},\n \"specificResources\": {},\n \"userCriteria\": {\n \"groupAppEntitlementsRef\": [\n {\n \"appId\": \"<string>\",\n \"id\": \"<string>\"\n }\n ],\n \"managerUserIds\": [\n \"<string>\"\n ],\n \"multiUserProfileAttributes\": {},\n \"userStatus\": []\n }\n }\n}"
response = http.request(request)
puts response.read_body{}Set Scope By Resource Type
SetScopeByResourceType sets the template scope by selecting specific resource types to include in campaigns created from this template.
package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"github.com/conductorone/conductorone-sdk-go/pkg/models/operations"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.AccessReviewTemplateSetupEntitlement.SetScopeByResourceType(ctx, operations.C1APIAccessreviewV1AccessReviewTemplateSetupEntitlementServiceSetScopeByResourceTypeRequest{
AccessReviewTemplateID: "<id>",
})
if err != nil {
log.Fatal(err)
}
if res.AccessReviewTemplateSetScopeByResourceTypeResponse != nil {
// handle response
}
}import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";
const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
security: {
bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
oauth: "<YOUR_OAUTH_HERE>",
},
});
async function run() {
const result = await conductoroneSDKTypescript.accessReviewTemplateSetupEntitlement.setScopeByResourceType({
accessReviewTemplateId: "<id>",
});
console.log(result);
}
run();curl --request POST \
--url https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"resourceTypeSelections": [
{
"appId": "<string>",
"resourceTypeId": "<string>"
}
],
"scope": {
"accountCelExpression": {
"expression": "<string>"
},
"accountCriteria": {
"accountTypes": [],
"appUserStatuses": [],
"noAccountOwner": true
},
"allAccessConflicts": {},
"allAccounts": {},
"allGrants": {},
"allUsers": {},
"appAccess": {},
"appSelectionCriteria": {
"complianceFrameworkAttributeValueIds": [
"<string>"
],
"riskLevelAttributeValueIds": [
"<string>"
]
},
"celExpression": {
"expression": "<string>"
},
"grantsByCriteria": {
"accessProfileFilter": {
"excludedAccessProfileIds": [
"<string>"
],
"includedAccessProfileIds": [
"<string>"
]
},
"daysSinceAdded": "<string>",
"daysSinceLastUsed": "<string>",
"daysSinceReviewed": "<string>",
"grantsAddedBetween": {
"endDate": "2023-11-07T05:31:56Z",
"startDate": "2023-11-07T05:31:56Z"
}
},
"resourceSelection": {},
"resourceTypeSelections": {},
"selectedUsers": {
"userIds": [
"<string>"
]
},
"specificAccessConflicts": {},
"specificResources": {},
"userCriteria": {
"groupAppEntitlementsRef": [
{
"appId": "<string>",
"id": "<string>"
}
],
"managerUserIds": [
"<string>"
],
"multiUserProfileAttributes": {},
"userStatus": []
}
}
}
'import requests
url = "https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type"
payload = {
"resourceTypeSelections": [
{
"appId": "<string>",
"resourceTypeId": "<string>"
}
],
"scope": {
"accountCelExpression": { "expression": "<string>" },
"accountCriteria": {
"accountTypes": [],
"appUserStatuses": [],
"noAccountOwner": True
},
"allAccessConflicts": {},
"allAccounts": {},
"allGrants": {},
"allUsers": {},
"appAccess": {},
"appSelectionCriteria": {
"complianceFrameworkAttributeValueIds": ["<string>"],
"riskLevelAttributeValueIds": ["<string>"]
},
"celExpression": { "expression": "<string>" },
"grantsByCriteria": {
"accessProfileFilter": {
"excludedAccessProfileIds": ["<string>"],
"includedAccessProfileIds": ["<string>"]
},
"daysSinceAdded": "<string>",
"daysSinceLastUsed": "<string>",
"daysSinceReviewed": "<string>",
"grantsAddedBetween": {
"endDate": "2023-11-07T05:31:56Z",
"startDate": "2023-11-07T05:31:56Z"
}
},
"resourceSelection": {},
"resourceTypeSelections": {},
"selectedUsers": { "userIds": ["<string>"] },
"specificAccessConflicts": {},
"specificResources": {},
"userCriteria": {
"groupAppEntitlementsRef": [
{
"appId": "<string>",
"id": "<string>"
}
],
"managerUserIds": ["<string>"],
"multiUserProfileAttributes": {},
"userStatus": []
}
}
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
resourceTypeSelections: [{appId: '<string>', resourceTypeId: '<string>'}],
scope: {
accountCelExpression: {expression: '<string>'},
accountCriteria: {accountTypes: [], appUserStatuses: [], noAccountOwner: true},
allAccessConflicts: {},
allAccounts: {},
allGrants: {},
allUsers: {},
appAccess: {},
appSelectionCriteria: {
complianceFrameworkAttributeValueIds: ['<string>'],
riskLevelAttributeValueIds: ['<string>']
},
celExpression: {expression: '<string>'},
grantsByCriteria: {
accessProfileFilter: {excludedAccessProfileIds: ['<string>'], includedAccessProfileIds: ['<string>']},
daysSinceAdded: '<string>',
daysSinceLastUsed: '<string>',
daysSinceReviewed: '<string>',
grantsAddedBetween: {endDate: '2023-11-07T05:31:56Z', startDate: '2023-11-07T05:31:56Z'}
},
resourceSelection: {},
resourceTypeSelections: {},
selectedUsers: {userIds: ['<string>']},
specificAccessConflicts: {},
specificResources: {},
userCriteria: {
groupAppEntitlementsRef: [{appId: '<string>', id: '<string>'}],
managerUserIds: ['<string>'],
multiUserProfileAttributes: {},
userStatus: []
}
}
})
};
fetch('https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'resourceTypeSelections' => [
[
'appId' => '<string>',
'resourceTypeId' => '<string>'
]
],
'scope' => [
'accountCelExpression' => [
'expression' => '<string>'
],
'accountCriteria' => [
'accountTypes' => [
],
'appUserStatuses' => [
],
'noAccountOwner' => true
],
'allAccessConflicts' => [
],
'allAccounts' => [
],
'allGrants' => [
],
'allUsers' => [
],
'appAccess' => [
],
'appSelectionCriteria' => [
'complianceFrameworkAttributeValueIds' => [
'<string>'
],
'riskLevelAttributeValueIds' => [
'<string>'
]
],
'celExpression' => [
'expression' => '<string>'
],
'grantsByCriteria' => [
'accessProfileFilter' => [
'excludedAccessProfileIds' => [
'<string>'
],
'includedAccessProfileIds' => [
'<string>'
]
],
'daysSinceAdded' => '<string>',
'daysSinceLastUsed' => '<string>',
'daysSinceReviewed' => '<string>',
'grantsAddedBetween' => [
'endDate' => '2023-11-07T05:31:56Z',
'startDate' => '2023-11-07T05:31:56Z'
]
],
'resourceSelection' => [
],
'resourceTypeSelections' => [
],
'selectedUsers' => [
'userIds' => [
'<string>'
]
],
'specificAccessConflicts' => [
],
'specificResources' => [
],
'userCriteria' => [
'groupAppEntitlementsRef' => [
[
'appId' => '<string>',
'id' => '<string>'
]
],
'managerUserIds' => [
'<string>'
],
'multiUserProfileAttributes' => [
],
'userStatus' => [
]
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}HttpResponse<String> response = Unirest.post("https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"resourceTypeSelections\": [\n {\n \"appId\": \"<string>\",\n \"resourceTypeId\": \"<string>\"\n }\n ],\n \"scope\": {\n \"accountCelExpression\": {\n \"expression\": \"<string>\"\n },\n \"accountCriteria\": {\n \"accountTypes\": [],\n \"appUserStatuses\": [],\n \"noAccountOwner\": true\n },\n \"allAccessConflicts\": {},\n \"allAccounts\": {},\n \"allGrants\": {},\n \"allUsers\": {},\n \"appAccess\": {},\n \"appSelectionCriteria\": {\n \"complianceFrameworkAttributeValueIds\": [\n \"<string>\"\n ],\n \"riskLevelAttributeValueIds\": [\n \"<string>\"\n ]\n },\n \"celExpression\": {\n \"expression\": \"<string>\"\n },\n \"grantsByCriteria\": {\n \"accessProfileFilter\": {\n \"excludedAccessProfileIds\": [\n \"<string>\"\n ],\n \"includedAccessProfileIds\": [\n \"<string>\"\n ]\n },\n \"daysSinceAdded\": \"<string>\",\n \"daysSinceLastUsed\": \"<string>\",\n \"daysSinceReviewed\": \"<string>\",\n \"grantsAddedBetween\": {\n \"endDate\": \"2023-11-07T05:31:56Z\",\n \"startDate\": \"2023-11-07T05:31:56Z\"\n }\n },\n \"resourceSelection\": {},\n \"resourceTypeSelections\": {},\n \"selectedUsers\": {\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"specificAccessConflicts\": {},\n \"specificResources\": {},\n \"userCriteria\": {\n \"groupAppEntitlementsRef\": [\n {\n \"appId\": \"<string>\",\n \"id\": \"<string>\"\n }\n ],\n \"managerUserIds\": [\n \"<string>\"\n ],\n \"multiUserProfileAttributes\": {},\n \"userStatus\": []\n }\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenantDomain}.conductor.one/api/v1/access_review_template/{access_review_template_id}/scope_by_resource_type")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"resourceTypeSelections\": [\n {\n \"appId\": \"<string>\",\n \"resourceTypeId\": \"<string>\"\n }\n ],\n \"scope\": {\n \"accountCelExpression\": {\n \"expression\": \"<string>\"\n },\n \"accountCriteria\": {\n \"accountTypes\": [],\n \"appUserStatuses\": [],\n \"noAccountOwner\": true\n },\n \"allAccessConflicts\": {},\n \"allAccounts\": {},\n \"allGrants\": {},\n \"allUsers\": {},\n \"appAccess\": {},\n \"appSelectionCriteria\": {\n \"complianceFrameworkAttributeValueIds\": [\n \"<string>\"\n ],\n \"riskLevelAttributeValueIds\": [\n \"<string>\"\n ]\n },\n \"celExpression\": {\n \"expression\": \"<string>\"\n },\n \"grantsByCriteria\": {\n \"accessProfileFilter\": {\n \"excludedAccessProfileIds\": [\n \"<string>\"\n ],\n \"includedAccessProfileIds\": [\n \"<string>\"\n ]\n },\n \"daysSinceAdded\": \"<string>\",\n \"daysSinceLastUsed\": \"<string>\",\n \"daysSinceReviewed\": \"<string>\",\n \"grantsAddedBetween\": {\n \"endDate\": \"2023-11-07T05:31:56Z\",\n \"startDate\": \"2023-11-07T05:31:56Z\"\n }\n },\n \"resourceSelection\": {},\n \"resourceTypeSelections\": {},\n \"selectedUsers\": {\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"specificAccessConflicts\": {},\n \"specificResources\": {},\n \"userCriteria\": {\n \"groupAppEntitlementsRef\": [\n {\n \"appId\": \"<string>\",\n \"id\": \"<string>\"\n }\n ],\n \"managerUserIds\": [\n \"<string>\"\n ],\n \"multiUserProfileAttributes\": {},\n \"userStatus\": []\n }\n }\n}"
response = http.request(request)
puts response.read_body{}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.
Path Parameters
The ID of the access review template to configure.
Body
The AccessReviewTemplateSetScopeByResourceTypeRequest message.
The resource types to include in the template scope. Replaces all previously selected resource types.
Show child attributes
Show child attributes
The AccessReviewScopeV2 message.
This message contains a oneof named apps_and_resources_scope. Only a single field of the following list may be set at a time:
- appAccess
- specificResources
- appSelectionCriteria
- resourceTypeSelections
This message contains a oneof named users_scope. Only a single field of the following list may be set at a time:
- allUsers
- selectedUsers
- userCriteria
- celExpression
This message contains a oneof named accounts_scope. Only a single field of the following list may be set at a time:
- allAccounts
- accountCriteria
- accountCelExpression
This message contains a oneof named grants_scope. Only a single field of the following list may be set at a time:
- allGrants
- grantsByCriteria
This message contains a oneof named access_conflicts_scope. Only a single field of the following list may be set at a time:
- allAccessConflicts
- specificAccessConflicts
This message contains a oneof named resource_scope. Only a single field of the following list may be set at a time:
- resourceSelection
Show child attributes
Show child attributes
Response
Successful response
The AccessReviewTemplateSetScopeByResourceTypeResponse message.
Was this page helpful?