accessCertificationCampaigns/
Access Certification Campaign Type REST Endpoint
Description
Here we are describing the Access Certification Campaign object type in relation to midPoints REST API. The Access Certification Campaign objects are a part of the REST API web resources.
Operations And Examples
The Access Certification Campaign Type endpoint operations and examples.
In our examples we are authenticating with the credentials, name "administrator" and password "y0uR_P455woR*d" on a localhost instance running on port 8080. |
For some help regarding the REST examples please see this link:
Get Access Certification Campaign Type Objects
Get operation for fetching a single specific object.
curl --user administrator:y0uR_P455woR*d \
-H "Accept: application/json" \
-X GET http://localhost:8080/midpoint/ws/rest/accessCertificationCampaigns/3a0fb4a2-ffbd-4e72-bbff-47327df054c4?options=raw \
-v
The response is an HTTP 200 code in case of success with a response body containing the queried item.
Example Output of "Get Access Certification Campaign Type object" example
The example is simplified, some properties were removed to keep the example output "short". This example does not contain all possible properties of this object type.
{
"accessCertificationCampaign": {
"oid": "3a0fb4a2-ffbd-4e72-bbff-47327df054c4",
"version": "0",
"name": "User's assignemnts according to the manager 1",
"description": "Certifies all users' assignments. Everything is certified by the administrator.",
"iteration": 1,
"definitionRef": {
"oid": "8f37ee15-9945-4872-8b90-8cb75f304b41",
"relation": "org:default",
"type": "c:AccessCertificationDefinitionType"
},
"ownerRef": {
"oid": "00000000-0000-0000-0000-000000000002",
"relation": "org:default",
"type": "c:UserType"
},
"handlerUri": "http://midpoint.evolveum.com/xml/ns/public/certification/handlers-3#direct-assignment",
"scopeDefinition": {
"@type": "c:AccessCertificationAssignmentReviewScopeType",
"objectType": "#UserType",
"searchFilter": {
"org": {
"@ns": "http://prism.evolveum.com/xml/ns/public/query-3",
"path": "parentOrgRef",
"orgRef": {
"oid": "7d1e7065-455c-48d5-a469-1734fd255739",
"scope": "SUBTREE"
}
}
},
"itemSelectionExpression": {
"script": [
{
"code": "\nimport com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType\nlog.info(\"####### assignment: \" + assignment)\nif (assignment.targetRef.type.localPart.equals('RoleType')) \n{log.info(\"#### not a OrgType: \" + assignment.targetRef.type.localPart)\nrole = midpoint.resolveReferenceIfExists(assignment.targetRef)\nlog.info(\"##### role: \" + role)\nlog.info(\"##### role type: \" + role.subtype)\nreturn role != null && role.requestable}\norg = midpoint.resolveReferenceIfExists(assignment.targetRef)\nlog.info(\"##### org: \" + org)\nlog.info(\"##### org type: \" + org.subtype)\nreturn org != null && org.subtype[0] == 'access'\n\n "
}
]
},
"includeRoles": true,
"includeOrgs": true,
"includeResources": false
},
"remediationDefinition": {
"style": "automated"
},
"stageDefinition": {
"@id": 1,
"number": 1,
"name": "Manager's review",
"description": "In this stage, the manager has to review all the assignments of users belonging to his org unit.",
"duration": "P14D",
"notifyBeforeDeadline": [
"PT48H",
"PT12H"
],
"notifyOnlyWhenNoDecision": true,
"reviewerSpecification": {
"useObjectManager": {
"allowSelf": false
}
},
"timedActions": {
"@id": 2,
"time": {
"value": [
"P7D"
]
},
"actions": {
"escalate": {
"approverRef": {
"oid": "00000000-0000-0000-0000-000000000002",
"relation": "org:default",
"type": "c:UserType"
},
"delegationMethod": "addAssignees",
"escalationLevelName": "Level1"
}
}
}
},
"state": "created",
"stageNumber": 0
}
}
Search for Access Certification Campaign Type Objects
Search operation usable for fetching the full list of objects or a list based on filter.
curl --user administrator:y0uR_P455woR*d \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-X POST http://localhost:8080/midpoint/ws/rest/accessCertificationCampaigns/search?options=resolveNames \
-v \
--data-binary @./samples/rest/query-all.json
Show data source example for "Search for all" | GitHub
{
"query" : ""
}
The response is an HTTP 200 code in case of success with a response body containing the queried items.
Example Output is a list of objects.
The example is simplified, some parts were removed for the purpose of this example.
{
"@ns": "http://prism.evolveum.com/xml/ns/public/types-3",
"object": {
"@type": "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3#ObjectListType",
"object": [
{
"@type": "c:AccessCertificationCampaignType",
"oid": "3a0fb4a2-ffbd-4e72-bbff-47327df054c4",
"version": "0",
"name": "User's assignemnts according to the manager 1",
"description": "Certifies all users' assignments. Everything is certified by the administrator.",
"iteration": 1,
"definitionRef": {
"oid": "8f37ee15-9945-4872-8b90-8cb75f304b41",
"relation": "org:default",
"type": "c:AccessCertificationDefinitionType",
"targetName": "User's assignemnts according to the manager"
},
"ownerRef": {
"oid": "00000000-0000-0000-0000-000000000002",
"relation": "org:default",
"type": "c:UserType",
"targetName": "administrator"
},
"handlerUri": "http://midpoint.evolveum.com/xml/ns/public/certification/handlers-3#direct-assignment",
"scopeDefinition": {
"@type": "c:AccessCertificationAssignmentReviewScopeType",
"objectType": "#UserType",
"searchFilter": {
"org": {
"@ns": "http://prism.evolveum.com/xml/ns/public/query-3",
"path": "parentOrgRef",
"orgRef": {
"oid": "7d1e7065-455c-48d5-a469-1734fd255739",
"scope": "SUBTREE"
}
}
},
"itemSelectionExpression": {
"script": []
},
"includeRoles": true,
"includeOrgs": true,
"includeResources": false
},
"remediationDefinition": {
"style": "automated"
},
"stageDefinition": {
"@id": 1,
"number": 1,
"name": "Manager's review",
"description": "In this stage, the manager has to review all the assignments of users belonging to his org unit.",
"duration": "P14D",
"notifyBeforeDeadline": [
"PT48H",
"PT12H"
],
"notifyOnlyWhenNoDecision": true,
"reviewerSpecification": {
"useObjectManager": {
"allowSelf": false
}
},
"timedActions": {
"@id": 2,
"time": {
"value": [
"P7D"
]
},
"actions": {
"escalate": {
"approverRef": {
"oid": "00000000-0000-0000-0000-000000000002",
"relation": "org:default",
"type": "c:UserType",
"targetName": "administrator"
},
"delegationMethod": "addAssignees",
"escalationLevelName": "Level1"
}
}
}
},
"state": "created",
"stageNumber": 0
}
]
}
}
Show data source example for "Search for all" | GitHub
{
"query" : ""
}
The response is an HTTP 200 code in case of success with a response body containing the queried items.
Example Output is a list of objects.
{
"@ns" : "http://prism.evolveum.com/xml/ns/public/types-3",
"object" : {
"@type" : "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3#ObjectListType",
"object" : [ {
"@type" : "",
"oid" : "",
"version" : "",
"name" : "",
"metadata" : {},
"operationExecution": {},
"indestructible": ,
"iteration" : ,
"iterationToken" : "",
"archetypeRef": {},
"roleMembershipRef": {},
"activation": {}
}, {
"@type" : "",
"oid" : "",
"version" : "",
"name" : "",
"metadata" : {},
"operationExecution": {},
"indestructible": ,
"iteration" : ,
"iterationToken" : "",
"archetypeRef": {},
"roleMembershipRef": {},
"activation": {}
} ]
}
}
Modify Access Certification Campaign Type Objects
curl --user administrator:y0uR_P455woR*d \
-H "Content-Type: application/json" \
-X PATCH http://localhost:8080/midpoint/ws/rest/accessCertificationCampaigns/3a0fb4a2-ffbd-4e72-bbff-47327df054c4 \
-v \
--data-binary @./samples/rest/modify-attribute-gen.json
Delete Access Certification Campaign Type Objects
curl --user administrator:y0uR_P455woR*d \
-v \
-X DELETE http://localhost:8080/midpoint/ws/rest/accessCertificationCampaigns/3a0fb4a2-ffbd-4e72-bbff-47327df054c4
The response is an HTTP 204 code in case of success without a response body.
Generate and Validate Operations for Access Certification Campaign Type Objects
Operations to generate or validate values.
JSON Example
Example output of information regarding a specific Access Certification Campaign object. Metadata is usually a part of the output, yet it was removed for the purpose of the example.
Show JSON Example
{
"accessCertificationCampaign": {
"oid": "3a0fb4a2-ffbd-4e72-bbff-47327df054c4",
"version": "0",
"name": "User's assignemnts according to the manager 1",
"description": "Certifies all users' assignments. Everything is certified by the administrator.",
"iteration": 1,
"definitionRef": {
"oid": "8f37ee15-9945-4872-8b90-8cb75f304b41",
"relation": "org:default",
"type": "c:AccessCertificationDefinitionType"
},
"ownerRef": {
"oid": "00000000-0000-0000-0000-000000000002",
"relation": "org:default",
"type": "c:UserType"
},
"handlerUri": "http://midpoint.evolveum.com/xml/ns/public/certification/handlers-3#direct-assignment",
"scopeDefinition": {
"@type": "c:AccessCertificationAssignmentReviewScopeType",
"objectType": "#UserType",
"searchFilter": {
"org": {
"@ns": "http://prism.evolveum.com/xml/ns/public/query-3",
"path": "parentOrgRef",
"orgRef": {
"oid": "7d1e7065-455c-48d5-a469-1734fd255739",
"scope": "SUBTREE"
}
}
},
"itemSelectionExpression": {
"script": [
{
"code": "\nimport com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType\nlog.info(\"####### assignment: \" + assignment)\nif (assignment.targetRef.type.localPart.equals('RoleType')) \n{log.info(\"#### not a OrgType: \" + assignment.targetRef.type.localPart)\nrole = midpoint.resolveReferenceIfExists(assignment.targetRef)\nlog.info(\"##### role: \" + role)\nlog.info(\"##### role type: \" + role.subtype)\nreturn role != null && role.requestable}\norg = midpoint.resolveReferenceIfExists(assignment.targetRef)\nlog.info(\"##### org: \" + org)\nlog.info(\"##### org type: \" + org.subtype)\nreturn org != null && org.subtype[0] == 'access'\n\n "
}
]
},
"includeRoles": true,
"includeOrgs": true,
"includeResources": false
},
"remediationDefinition": {
"style": "automated"
},
"stageDefinition": {
"@id": 1,
"number": 1,
"name": "Manager's review",
"description": "In this stage, the manager has to review all the assignments of users belonging to his org unit.",
"duration": "P14D",
"notifyBeforeDeadline": [
"PT48H",
"PT12H"
],
"notifyOnlyWhenNoDecision": true,
"reviewerSpecification": {
"useObjectManager": {
"allowSelf": false
}
},
"timedActions": {
"@id": 2,
"time": {
"value": [
"P7D"
]
},
"actions": {
"escalate": {
"approverRef": {
"oid": "00000000-0000-0000-0000-000000000002",
"relation": "org:default",
"type": "c:UserType"
},
"delegationMethod": "addAssignees",
"escalationLevelName": "Level1"
}
}
}
},
"state": "created",
"stageNumber": 0
}
}