SailPoint · Schema
AccessProfile
An access profile groups entitlements that represent access rights on sources. Access profiles are used in provisioning, certifications, access requests, and roles.
Access GovernanceComplianceIAMIdentity ManagementIdentity SecuritySecurity
Properties
| Name | Type | Description |
|---|---|---|
| id | string | The access profile ID. |
| name | string | The access profile name. |
| description | stringnull | The access profile description. Maximum supported length is 2000 characters. |
| created | string | Date and time the access profile was created. |
| modified | string | Date and time the access profile was last modified. |
| enabled | boolean | Whether the access profile is enabled. If enabled, you must include at least one entitlement. |
| owner | object | |
| source | object | |
| entitlements | arraynull | List of entitlements associated with the access profile. If enabled is false, this can be empty. Otherwise, it must contain at least one entitlement. |
| requestable | boolean | Whether the access profile is requestable via access requests. |
| accessRequestConfig | object | |
| revocationRequestConfig | object | |
| segments | arraynull | List of segment IDs the access profile is assigned to. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/AccessProfile",
"title": "AccessProfile",
"type": "object",
"description": "An access profile groups entitlements that represent access rights on sources. Access profiles are used in provisioning, certifications, access requests, and roles.",
"required": [
"name",
"owner",
"source"
],
"properties": {
"id": {
"type": "string",
"description": "The access profile ID.",
"readOnly": true,
"examples": [
"2c91808a7190d06e01719938fcd20792"
]
},
"name": {
"type": "string",
"description": "The access profile name.",
"examples": [
"Employee-database-read-write"
]
},
"description": {
"type": [
"string",
"null"
],
"description": "The access profile description. Maximum supported length is 2000 characters.",
"maxLength": 2000,
"examples": [
"Collection of entitlements to read/write the employee database"
]
},
"created": {
"type": "string",
"format": "date-time",
"description": "Date and time the access profile was created.",
"readOnly": true,
"examples": [
"2021-03-01T22:32:58.104Z"
]
},
"modified": {
"type": "string",
"format": "date-time",
"description": "Date and time the access profile was last modified.",
"readOnly": true,
"examples": [
"2021-03-02T20:22:28.104Z"
]
},
"enabled": {
"type": "boolean",
"default": false,
"description": "Whether the access profile is enabled. If enabled, you must include at least one entitlement.",
"examples": [
true
]
},
"owner": {
"$ref": "#/components/schemas/OwnerReference"
},
"source": {
"$ref": "#/components/schemas/AccessProfileSourceRef"
},
"entitlements": {
"type": [
"array",
"null"
],
"description": "List of entitlements associated with the access profile. If enabled is false, this can be empty. Otherwise, it must contain at least one entitlement.",
"items": {
"$ref": "#/components/schemas/EntitlementRef"
}
},
"requestable": {
"type": "boolean",
"default": true,
"description": "Whether the access profile is requestable via access requests.",
"examples": [
true
]
},
"accessRequestConfig": {
"$ref": "#/components/schemas/Requestability"
},
"revocationRequestConfig": {
"$ref": "#/components/schemas/Revocability"
},
"segments": {
"type": [
"array",
"null"
],
"description": "List of segment IDs the access profile is assigned to.",
"items": {
"type": "string"
},
"examples": [
[
"f7b1b8a3-5fed-4fd4-ad29-82014e137e19",
"29cb6c06-1da8-43ea-8be4-b3125f248f2a"
]
]
}
}
}