package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"github.com/conductorone/conductorone-sdk-go/pkg/models/operations"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.AppEntitlements.Create(ctx, operations.C1APIAppV1AppEntitlementsCreateRequest{
AppID: "<id>",
})
if err != nil {
log.Fatal(err)
}
if res.CreateAppEntitlementResponse != nil {
// handle response
}
}import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";
const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
security: {
bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
oauth: "<YOUR_OAUTH_HERE>",
},
});
async function run() {
const result = await conductoroneSDKTypescript.appEntitlements.create({
appId: "<id>",
});
console.log(result);
}
run();curl --request POST \
--url https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"displayName": "<string>",
"alias": "<string>",
"annotations": {},
"appEntitlementOwnerIds": [
"<string>"
],
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": [
"<string>"
],
"description": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": true,
"emergencyGrantPolicyId": "<string>",
"expandMask": {
"paths": [
"<string>"
]
},
"grantPolicyId": "<string>",
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": true,
"provisionPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>"
}
'import requests
url = "https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements"
payload = {
"displayName": "<string>",
"alias": "<string>",
"annotations": {},
"appEntitlementOwnerIds": ["<string>"],
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": ["<string>"],
"description": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": True,
"emergencyGrantPolicyId": "<string>",
"expandMask": { "paths": ["<string>"] },
"grantPolicyId": "<string>",
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": True,
"provisionPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": { "vaultIds": ["<string>"] },
"schemaId": "<string>"
},
"defaultBehavior": { "connectorId": "<string>" },
"deleteAccount": { "connectorId": "<string>" }
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": True
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": True,
"fallbackUserIds": ["<string>"]
},
"entitlementOwners": {
"allowReassignment": True,
"fallbackUserIds": ["<string>"]
},
"expression": {
"allowReassignment": True,
"expressions": ["<string>"],
"fallbackUserIds": ["<string>"]
},
"group": {
"allowReassignment": True,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": ["<string>"]
},
"manager": {
"allowReassignment": True,
"fallbackUserIds": ["<string>"]
},
"users": {
"allowReassignment": True,
"userIds": ["<string>"]
}
},
"instructions": "<string>",
"userIds": ["<string>"]
},
"multiStep": { "provisionSteps": "<array>" },
"unconfigured": {},
"webhook": { "webhookId": "<string>" }
},
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
displayName: '<string>',
alias: '<string>',
annotations: {},
appEntitlementOwnerIds: ['<string>'],
appResourceId: '<string>',
appResourceTypeId: '<string>',
certifyPolicyId: '<string>',
complianceFrameworkValueIds: ['<string>'],
description: '<string>',
durationGrant: '<string>',
durationUnset: {},
emergencyGrantEnabled: true,
emergencyGrantPolicyId: '<string>',
expandMask: {paths: ['<string>']},
grantPolicyId: '<string>',
matchBatonId: '<string>',
overrideAccessRequestsDefaults: true,
provisionPolicy: {
action: {
actionName: '<string>',
appId: '<string>',
connectorId: '<string>',
displayName: '<string>'
},
connector: {
account: {
config: {},
connectorId: '<string>',
doNotSave: {},
saveToVault: {vaultIds: ['<string>']},
schemaId: '<string>'
},
defaultBehavior: {connectorId: '<string>'},
deleteAccount: {connectorId: '<string>'}
},
delegated: {appId: '<string>', entitlementId: '<string>', implicit: true},
externalTicket: {
appId: '<string>',
connectorId: '<string>',
externalTicketProvisionerConfigId: '<string>',
instructions: '<string>'
},
manual: {
assignee: {
appOwners: {allowReassignment: true, fallbackUserIds: ['<string>']},
entitlementOwners: {allowReassignment: true, fallbackUserIds: ['<string>']},
expression: {
allowReassignment: true,
expressions: ['<string>'],
fallbackUserIds: ['<string>']
},
group: {
allowReassignment: true,
appGroupId: '<string>',
appId: '<string>',
fallbackUserIds: ['<string>']
},
manager: {allowReassignment: true, fallbackUserIds: ['<string>']},
users: {allowReassignment: true, userIds: ['<string>']}
},
instructions: '<string>',
userIds: ['<string>']
},
multiStep: {provisionSteps: '<array>'},
unconfigured: {},
webhook: {webhookId: '<string>'}
},
revokePolicyId: '<string>',
riskLevelValueId: '<string>',
slug: '<string>'
})
};
fetch('https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'displayName' => '<string>',
'alias' => '<string>',
'annotations' => [
],
'appEntitlementOwnerIds' => [
'<string>'
],
'appResourceId' => '<string>',
'appResourceTypeId' => '<string>',
'certifyPolicyId' => '<string>',
'complianceFrameworkValueIds' => [
'<string>'
],
'description' => '<string>',
'durationGrant' => '<string>',
'durationUnset' => [
],
'emergencyGrantEnabled' => true,
'emergencyGrantPolicyId' => '<string>',
'expandMask' => [
'paths' => [
'<string>'
]
],
'grantPolicyId' => '<string>',
'matchBatonId' => '<string>',
'overrideAccessRequestsDefaults' => true,
'provisionPolicy' => [
'action' => [
'actionName' => '<string>',
'appId' => '<string>',
'connectorId' => '<string>',
'displayName' => '<string>'
],
'connector' => [
'account' => [
'config' => [
],
'connectorId' => '<string>',
'doNotSave' => [
],
'saveToVault' => [
'vaultIds' => [
'<string>'
]
],
'schemaId' => '<string>'
],
'defaultBehavior' => [
'connectorId' => '<string>'
],
'deleteAccount' => [
'connectorId' => '<string>'
]
],
'delegated' => [
'appId' => '<string>',
'entitlementId' => '<string>',
'implicit' => true
],
'externalTicket' => [
'appId' => '<string>',
'connectorId' => '<string>',
'externalTicketProvisionerConfigId' => '<string>',
'instructions' => '<string>'
],
'manual' => [
'assignee' => [
'appOwners' => [
'allowReassignment' => true,
'fallbackUserIds' => [
'<string>'
]
],
'entitlementOwners' => [
'allowReassignment' => true,
'fallbackUserIds' => [
'<string>'
]
],
'expression' => [
'allowReassignment' => true,
'expressions' => [
'<string>'
],
'fallbackUserIds' => [
'<string>'
]
],
'group' => [
'allowReassignment' => true,
'appGroupId' => '<string>',
'appId' => '<string>',
'fallbackUserIds' => [
'<string>'
]
],
'manager' => [
'allowReassignment' => true,
'fallbackUserIds' => [
'<string>'
]
],
'users' => [
'allowReassignment' => true,
'userIds' => [
'<string>'
]
]
],
'instructions' => '<string>',
'userIds' => [
'<string>'
]
],
'multiStep' => [
'provisionSteps' => '<array>'
],
'unconfigured' => [
],
'webhook' => [
'webhookId' => '<string>'
]
],
'revokePolicyId' => '<string>',
'riskLevelValueId' => '<string>',
'slug' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}HttpResponse<String> response = Unirest.post("https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"displayName\": \"<string>\",\n \"alias\": \"<string>\",\n \"annotations\": {},\n \"appEntitlementOwnerIds\": [\n \"<string>\"\n ],\n \"appResourceId\": \"<string>\",\n \"appResourceTypeId\": \"<string>\",\n \"certifyPolicyId\": \"<string>\",\n \"complianceFrameworkValueIds\": [\n \"<string>\"\n ],\n \"description\": \"<string>\",\n \"durationGrant\": \"<string>\",\n \"durationUnset\": {},\n \"emergencyGrantEnabled\": true,\n \"emergencyGrantPolicyId\": \"<string>\",\n \"expandMask\": {\n \"paths\": [\n \"<string>\"\n ]\n },\n \"grantPolicyId\": \"<string>\",\n \"matchBatonId\": \"<string>\",\n \"overrideAccessRequestsDefaults\": true,\n \"provisionPolicy\": {\n \"action\": {\n \"actionName\": \"<string>\",\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"displayName\": \"<string>\"\n },\n \"connector\": {\n \"account\": {\n \"config\": {},\n \"connectorId\": \"<string>\",\n \"doNotSave\": {},\n \"saveToVault\": {\n \"vaultIds\": [\n \"<string>\"\n ]\n },\n \"schemaId\": \"<string>\"\n },\n \"defaultBehavior\": {\n \"connectorId\": \"<string>\"\n },\n \"deleteAccount\": {\n \"connectorId\": \"<string>\"\n }\n },\n \"delegated\": {\n \"appId\": \"<string>\",\n \"entitlementId\": \"<string>\",\n \"implicit\": true\n },\n \"externalTicket\": {\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"externalTicketProvisionerConfigId\": \"<string>\",\n \"instructions\": \"<string>\"\n },\n \"manual\": {\n \"assignee\": {\n \"appOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"entitlementOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"expression\": {\n \"allowReassignment\": true,\n \"expressions\": [\n \"<string>\"\n ],\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"group\": {\n \"allowReassignment\": true,\n \"appGroupId\": \"<string>\",\n \"appId\": \"<string>\",\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"manager\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"users\": {\n \"allowReassignment\": true,\n \"userIds\": [\n \"<string>\"\n ]\n }\n },\n \"instructions\": \"<string>\",\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"multiStep\": {\n \"provisionSteps\": \"<array>\"\n },\n \"unconfigured\": {},\n \"webhook\": {\n \"webhookId\": \"<string>\"\n }\n },\n \"revokePolicyId\": \"<string>\",\n \"riskLevelValueId\": \"<string>\",\n \"slug\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"displayName\": \"<string>\",\n \"alias\": \"<string>\",\n \"annotations\": {},\n \"appEntitlementOwnerIds\": [\n \"<string>\"\n ],\n \"appResourceId\": \"<string>\",\n \"appResourceTypeId\": \"<string>\",\n \"certifyPolicyId\": \"<string>\",\n \"complianceFrameworkValueIds\": [\n \"<string>\"\n ],\n \"description\": \"<string>\",\n \"durationGrant\": \"<string>\",\n \"durationUnset\": {},\n \"emergencyGrantEnabled\": true,\n \"emergencyGrantPolicyId\": \"<string>\",\n \"expandMask\": {\n \"paths\": [\n \"<string>\"\n ]\n },\n \"grantPolicyId\": \"<string>\",\n \"matchBatonId\": \"<string>\",\n \"overrideAccessRequestsDefaults\": true,\n \"provisionPolicy\": {\n \"action\": {\n \"actionName\": \"<string>\",\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"displayName\": \"<string>\"\n },\n \"connector\": {\n \"account\": {\n \"config\": {},\n \"connectorId\": \"<string>\",\n \"doNotSave\": {},\n \"saveToVault\": {\n \"vaultIds\": [\n \"<string>\"\n ]\n },\n \"schemaId\": \"<string>\"\n },\n \"defaultBehavior\": {\n \"connectorId\": \"<string>\"\n },\n \"deleteAccount\": {\n \"connectorId\": \"<string>\"\n }\n },\n \"delegated\": {\n \"appId\": \"<string>\",\n \"entitlementId\": \"<string>\",\n \"implicit\": true\n },\n \"externalTicket\": {\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"externalTicketProvisionerConfigId\": \"<string>\",\n \"instructions\": \"<string>\"\n },\n \"manual\": {\n \"assignee\": {\n \"appOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"entitlementOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"expression\": {\n \"allowReassignment\": true,\n \"expressions\": [\n \"<string>\"\n ],\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"group\": {\n \"allowReassignment\": true,\n \"appGroupId\": \"<string>\",\n \"appId\": \"<string>\",\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"manager\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"users\": {\n \"allowReassignment\": true,\n \"userIds\": [\n \"<string>\"\n ]\n }\n },\n \"instructions\": \"<string>\",\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"multiStep\": {\n \"provisionSteps\": \"<array>\"\n },\n \"unconfigured\": {},\n \"webhook\": {\n \"webhookId\": \"<string>\"\n }\n },\n \"revokePolicyId\": \"<string>\",\n \"riskLevelValueId\": \"<string>\",\n \"slug\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"appEntitlementView": {
"appEntitlement": {
"alias": "<string>",
"annotations": {},
"appId": "<string>",
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": [
"<string>"
],
"createdAt": "2023-11-07T05:31:56Z",
"defaultValuesApplied": true,
"deletedAt": "2023-11-07T05:31:56Z",
"deprovisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"description": "<string>",
"displayName": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": true,
"emergencyGrantPolicyId": "<string>",
"externalId": "<string>",
"grantCount": "<string>",
"grantPolicyId": "<string>",
"id": "<string>",
"isAutomationEnabled": true,
"isManuallyManaged": true,
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": true,
"provisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"requestSchemaId": "<string>",
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>",
"sourceConnectorIds": {},
"systemBuiltin": true,
"updatedAt": "2023-11-07T05:31:56Z",
"userEditedMask": "<string>"
},
"appPath": "<string>",
"appResourcePath": "<string>",
"appResourceTypePath": "<string>",
"objectPermissions": {
"delete": true,
"edit": true,
"extra": {},
"read": true
}
},
"expanded": [
{
"@type": "<string>"
}
]
}Create
Create a new app entitlement for an app. This is used to define a custom permission, group, or role within the app.
package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"github.com/conductorone/conductorone-sdk-go/pkg/models/operations"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.AppEntitlements.Create(ctx, operations.C1APIAppV1AppEntitlementsCreateRequest{
AppID: "<id>",
})
if err != nil {
log.Fatal(err)
}
if res.CreateAppEntitlementResponse != nil {
// handle response
}
}import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";
const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
security: {
bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
oauth: "<YOUR_OAUTH_HERE>",
},
});
async function run() {
const result = await conductoroneSDKTypescript.appEntitlements.create({
appId: "<id>",
});
console.log(result);
}
run();curl --request POST \
--url https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"displayName": "<string>",
"alias": "<string>",
"annotations": {},
"appEntitlementOwnerIds": [
"<string>"
],
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": [
"<string>"
],
"description": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": true,
"emergencyGrantPolicyId": "<string>",
"expandMask": {
"paths": [
"<string>"
]
},
"grantPolicyId": "<string>",
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": true,
"provisionPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>"
}
'import requests
url = "https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements"
payload = {
"displayName": "<string>",
"alias": "<string>",
"annotations": {},
"appEntitlementOwnerIds": ["<string>"],
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": ["<string>"],
"description": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": True,
"emergencyGrantPolicyId": "<string>",
"expandMask": { "paths": ["<string>"] },
"grantPolicyId": "<string>",
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": True,
"provisionPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": { "vaultIds": ["<string>"] },
"schemaId": "<string>"
},
"defaultBehavior": { "connectorId": "<string>" },
"deleteAccount": { "connectorId": "<string>" }
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": True
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": True,
"fallbackUserIds": ["<string>"]
},
"entitlementOwners": {
"allowReassignment": True,
"fallbackUserIds": ["<string>"]
},
"expression": {
"allowReassignment": True,
"expressions": ["<string>"],
"fallbackUserIds": ["<string>"]
},
"group": {
"allowReassignment": True,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": ["<string>"]
},
"manager": {
"allowReassignment": True,
"fallbackUserIds": ["<string>"]
},
"users": {
"allowReassignment": True,
"userIds": ["<string>"]
}
},
"instructions": "<string>",
"userIds": ["<string>"]
},
"multiStep": { "provisionSteps": "<array>" },
"unconfigured": {},
"webhook": { "webhookId": "<string>" }
},
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
displayName: '<string>',
alias: '<string>',
annotations: {},
appEntitlementOwnerIds: ['<string>'],
appResourceId: '<string>',
appResourceTypeId: '<string>',
certifyPolicyId: '<string>',
complianceFrameworkValueIds: ['<string>'],
description: '<string>',
durationGrant: '<string>',
durationUnset: {},
emergencyGrantEnabled: true,
emergencyGrantPolicyId: '<string>',
expandMask: {paths: ['<string>']},
grantPolicyId: '<string>',
matchBatonId: '<string>',
overrideAccessRequestsDefaults: true,
provisionPolicy: {
action: {
actionName: '<string>',
appId: '<string>',
connectorId: '<string>',
displayName: '<string>'
},
connector: {
account: {
config: {},
connectorId: '<string>',
doNotSave: {},
saveToVault: {vaultIds: ['<string>']},
schemaId: '<string>'
},
defaultBehavior: {connectorId: '<string>'},
deleteAccount: {connectorId: '<string>'}
},
delegated: {appId: '<string>', entitlementId: '<string>', implicit: true},
externalTicket: {
appId: '<string>',
connectorId: '<string>',
externalTicketProvisionerConfigId: '<string>',
instructions: '<string>'
},
manual: {
assignee: {
appOwners: {allowReassignment: true, fallbackUserIds: ['<string>']},
entitlementOwners: {allowReassignment: true, fallbackUserIds: ['<string>']},
expression: {
allowReassignment: true,
expressions: ['<string>'],
fallbackUserIds: ['<string>']
},
group: {
allowReassignment: true,
appGroupId: '<string>',
appId: '<string>',
fallbackUserIds: ['<string>']
},
manager: {allowReassignment: true, fallbackUserIds: ['<string>']},
users: {allowReassignment: true, userIds: ['<string>']}
},
instructions: '<string>',
userIds: ['<string>']
},
multiStep: {provisionSteps: '<array>'},
unconfigured: {},
webhook: {webhookId: '<string>'}
},
revokePolicyId: '<string>',
riskLevelValueId: '<string>',
slug: '<string>'
})
};
fetch('https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'displayName' => '<string>',
'alias' => '<string>',
'annotations' => [
],
'appEntitlementOwnerIds' => [
'<string>'
],
'appResourceId' => '<string>',
'appResourceTypeId' => '<string>',
'certifyPolicyId' => '<string>',
'complianceFrameworkValueIds' => [
'<string>'
],
'description' => '<string>',
'durationGrant' => '<string>',
'durationUnset' => [
],
'emergencyGrantEnabled' => true,
'emergencyGrantPolicyId' => '<string>',
'expandMask' => [
'paths' => [
'<string>'
]
],
'grantPolicyId' => '<string>',
'matchBatonId' => '<string>',
'overrideAccessRequestsDefaults' => true,
'provisionPolicy' => [
'action' => [
'actionName' => '<string>',
'appId' => '<string>',
'connectorId' => '<string>',
'displayName' => '<string>'
],
'connector' => [
'account' => [
'config' => [
],
'connectorId' => '<string>',
'doNotSave' => [
],
'saveToVault' => [
'vaultIds' => [
'<string>'
]
],
'schemaId' => '<string>'
],
'defaultBehavior' => [
'connectorId' => '<string>'
],
'deleteAccount' => [
'connectorId' => '<string>'
]
],
'delegated' => [
'appId' => '<string>',
'entitlementId' => '<string>',
'implicit' => true
],
'externalTicket' => [
'appId' => '<string>',
'connectorId' => '<string>',
'externalTicketProvisionerConfigId' => '<string>',
'instructions' => '<string>'
],
'manual' => [
'assignee' => [
'appOwners' => [
'allowReassignment' => true,
'fallbackUserIds' => [
'<string>'
]
],
'entitlementOwners' => [
'allowReassignment' => true,
'fallbackUserIds' => [
'<string>'
]
],
'expression' => [
'allowReassignment' => true,
'expressions' => [
'<string>'
],
'fallbackUserIds' => [
'<string>'
]
],
'group' => [
'allowReassignment' => true,
'appGroupId' => '<string>',
'appId' => '<string>',
'fallbackUserIds' => [
'<string>'
]
],
'manager' => [
'allowReassignment' => true,
'fallbackUserIds' => [
'<string>'
]
],
'users' => [
'allowReassignment' => true,
'userIds' => [
'<string>'
]
]
],
'instructions' => '<string>',
'userIds' => [
'<string>'
]
],
'multiStep' => [
'provisionSteps' => '<array>'
],
'unconfigured' => [
],
'webhook' => [
'webhookId' => '<string>'
]
],
'revokePolicyId' => '<string>',
'riskLevelValueId' => '<string>',
'slug' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}HttpResponse<String> response = Unirest.post("https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"displayName\": \"<string>\",\n \"alias\": \"<string>\",\n \"annotations\": {},\n \"appEntitlementOwnerIds\": [\n \"<string>\"\n ],\n \"appResourceId\": \"<string>\",\n \"appResourceTypeId\": \"<string>\",\n \"certifyPolicyId\": \"<string>\",\n \"complianceFrameworkValueIds\": [\n \"<string>\"\n ],\n \"description\": \"<string>\",\n \"durationGrant\": \"<string>\",\n \"durationUnset\": {},\n \"emergencyGrantEnabled\": true,\n \"emergencyGrantPolicyId\": \"<string>\",\n \"expandMask\": {\n \"paths\": [\n \"<string>\"\n ]\n },\n \"grantPolicyId\": \"<string>\",\n \"matchBatonId\": \"<string>\",\n \"overrideAccessRequestsDefaults\": true,\n \"provisionPolicy\": {\n \"action\": {\n \"actionName\": \"<string>\",\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"displayName\": \"<string>\"\n },\n \"connector\": {\n \"account\": {\n \"config\": {},\n \"connectorId\": \"<string>\",\n \"doNotSave\": {},\n \"saveToVault\": {\n \"vaultIds\": [\n \"<string>\"\n ]\n },\n \"schemaId\": \"<string>\"\n },\n \"defaultBehavior\": {\n \"connectorId\": \"<string>\"\n },\n \"deleteAccount\": {\n \"connectorId\": \"<string>\"\n }\n },\n \"delegated\": {\n \"appId\": \"<string>\",\n \"entitlementId\": \"<string>\",\n \"implicit\": true\n },\n \"externalTicket\": {\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"externalTicketProvisionerConfigId\": \"<string>\",\n \"instructions\": \"<string>\"\n },\n \"manual\": {\n \"assignee\": {\n \"appOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"entitlementOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"expression\": {\n \"allowReassignment\": true,\n \"expressions\": [\n \"<string>\"\n ],\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"group\": {\n \"allowReassignment\": true,\n \"appGroupId\": \"<string>\",\n \"appId\": \"<string>\",\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"manager\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"users\": {\n \"allowReassignment\": true,\n \"userIds\": [\n \"<string>\"\n ]\n }\n },\n \"instructions\": \"<string>\",\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"multiStep\": {\n \"provisionSteps\": \"<array>\"\n },\n \"unconfigured\": {},\n \"webhook\": {\n \"webhookId\": \"<string>\"\n }\n },\n \"revokePolicyId\": \"<string>\",\n \"riskLevelValueId\": \"<string>\",\n \"slug\": \"<string>\"\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenantDomain}.conductor.one/api/v1/apps/{app_id}/entitlements")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"displayName\": \"<string>\",\n \"alias\": \"<string>\",\n \"annotations\": {},\n \"appEntitlementOwnerIds\": [\n \"<string>\"\n ],\n \"appResourceId\": \"<string>\",\n \"appResourceTypeId\": \"<string>\",\n \"certifyPolicyId\": \"<string>\",\n \"complianceFrameworkValueIds\": [\n \"<string>\"\n ],\n \"description\": \"<string>\",\n \"durationGrant\": \"<string>\",\n \"durationUnset\": {},\n \"emergencyGrantEnabled\": true,\n \"emergencyGrantPolicyId\": \"<string>\",\n \"expandMask\": {\n \"paths\": [\n \"<string>\"\n ]\n },\n \"grantPolicyId\": \"<string>\",\n \"matchBatonId\": \"<string>\",\n \"overrideAccessRequestsDefaults\": true,\n \"provisionPolicy\": {\n \"action\": {\n \"actionName\": \"<string>\",\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"displayName\": \"<string>\"\n },\n \"connector\": {\n \"account\": {\n \"config\": {},\n \"connectorId\": \"<string>\",\n \"doNotSave\": {},\n \"saveToVault\": {\n \"vaultIds\": [\n \"<string>\"\n ]\n },\n \"schemaId\": \"<string>\"\n },\n \"defaultBehavior\": {\n \"connectorId\": \"<string>\"\n },\n \"deleteAccount\": {\n \"connectorId\": \"<string>\"\n }\n },\n \"delegated\": {\n \"appId\": \"<string>\",\n \"entitlementId\": \"<string>\",\n \"implicit\": true\n },\n \"externalTicket\": {\n \"appId\": \"<string>\",\n \"connectorId\": \"<string>\",\n \"externalTicketProvisionerConfigId\": \"<string>\",\n \"instructions\": \"<string>\"\n },\n \"manual\": {\n \"assignee\": {\n \"appOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"entitlementOwners\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"expression\": {\n \"allowReassignment\": true,\n \"expressions\": [\n \"<string>\"\n ],\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"group\": {\n \"allowReassignment\": true,\n \"appGroupId\": \"<string>\",\n \"appId\": \"<string>\",\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"manager\": {\n \"allowReassignment\": true,\n \"fallbackUserIds\": [\n \"<string>\"\n ]\n },\n \"users\": {\n \"allowReassignment\": true,\n \"userIds\": [\n \"<string>\"\n ]\n }\n },\n \"instructions\": \"<string>\",\n \"userIds\": [\n \"<string>\"\n ]\n },\n \"multiStep\": {\n \"provisionSteps\": \"<array>\"\n },\n \"unconfigured\": {},\n \"webhook\": {\n \"webhookId\": \"<string>\"\n }\n },\n \"revokePolicyId\": \"<string>\",\n \"riskLevelValueId\": \"<string>\",\n \"slug\": \"<string>\"\n}"
response = http.request(request)
puts response.read_body{
"appEntitlementView": {
"appEntitlement": {
"alias": "<string>",
"annotations": {},
"appId": "<string>",
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": [
"<string>"
],
"createdAt": "2023-11-07T05:31:56Z",
"defaultValuesApplied": true,
"deletedAt": "2023-11-07T05:31:56Z",
"deprovisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"description": "<string>",
"displayName": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": true,
"emergencyGrantPolicyId": "<string>",
"externalId": "<string>",
"grantCount": "<string>",
"grantPolicyId": "<string>",
"id": "<string>",
"isAutomationEnabled": true,
"isManuallyManaged": true,
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": true,
"provisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"requestSchemaId": "<string>",
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>",
"sourceConnectorIds": {},
"systemBuiltin": true,
"updatedAt": "2023-11-07T05:31:56Z",
"userEditedMask": "<string>"
},
"appPath": "<string>",
"appResourcePath": "<string>",
"appResourceTypePath": "<string>",
"objectPermissions": {
"delete": true,
"edit": true,
"extra": {},
"read": true
}
},
"expanded": [
{
"@type": "<string>"
}
]
}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.
Path Parameters
The ID of the app to create the entitlement in.
Body
The CreateAppEntitlementRequest message.
This message contains a oneof named max_grant_duration. Only a single field of the following list may be set at a time:
- durationUnset
- durationGrant
The display name of the new entitlement.
A unique alias for the entitlement, used for programmatic lookups and Cone.
Bounded key/value metadata bag for IaC marking and customer tags.
See .rfcs/object-annotations.md §2. Limits: ≤16 entries; keys 1–128
chars matching ^[A-Za-z][A-Za-z0-9._/-]{0,127}$; values 0–256 chars
matching URL-safe ASCII; total serialized ≤4096 bytes. Keys starting
with c1/ are reserved for server-managed use and rejected on write.
Well-known keys: managed_by, iac_workspace,
iac_resource_address, iac_tool_version.
Show child attributes
Show child attributes
The IDs of users to set as owners of this entitlement.
The ID of the resource that this entitlement belongs to.
The ID of the resource type that this entitlement belongs to.
The ID of the policy to use for certification tasks.
The IDs of compliance frameworks to associate with this entitlement (e.g., SOX, HIPAA).
The description of the new entitlement.
Whether emergency grant requests are enabled for this entitlement.
The ID of the policy to use for emergency grant tasks. Required if emergency_grant_enabled is true.
The app entitlement expand mask allows the user to get additional information when getting responses containing app entitlement views.
Show child attributes
Show child attributes
The ID of the policy to use for grant request tasks.
If supplied, it's implied that the entitlement is created before sync and needs to be merged with connector entitlement.
Whether to override the app-level access request defaults for this entitlement.
ProvisionPolicy is a oneOf that indicates how a provision step should be processed.
This message contains a oneof named typ. Only a single field of the following list may be set at a time:
- connector
- manual
- delegated
- webhook
- multiStep
- externalTicket
- unconfigured
- action
Show child attributes
Show child attributes
The purpose of the entitlement (e.g., assignment, permission, ownership).
APP_ENTITLEMENT_PURPOSE_VALUE_UNSPECIFIED, APP_ENTITLEMENT_PURPOSE_VALUE_ASSIGNMENT, APP_ENTITLEMENT_PURPOSE_VALUE_PERMISSION, APP_ENTITLEMENT_PURPOSE_VALUE_OWNERSHIP The ID of the policy to use for revoke request tasks.
The ID of the risk level to assign to this entitlement.
A short label describing the permission the entitlement grants (e.g., "Admin", "Read").
Response
Successful response
The CreateAppEntitlementResponse message.
Was this page helpful?