Sailpoint Cc Unofficial Documentation

ยท 389 words ยท 2 minute read

Sailpoint CC API unofficial documentation ๐Ÿ”—

/!\ Sailpoint discontinued the CC API functionalities described in this post last updated: 17 Aug /!\

As the companies are always caring for their clients /s there should be a documented way to create applications, search them, update them and so on baked into the official current V3 or Beta documentation of our dear IGA management tool Sailpoint IDN. But of course there is not so I took time to find calls to this API through analyzing network responses and requests (Thanks Burp and Network tab on Chrome/Firefox)

Preparation ๐Ÿ”—

As always you should have your {{base_tenant}} variable which is usually your company name, all the example will be using {{base_tenant}}. For a classic call to the identities on the Beta API the request may present as such

GET https://{{base_tenant}}.api.identitynow.com/beta/identities

Of course you will also need to setup an OAuth2 authorization token (Bearer Token) as you have to do on many applications such as the Beta API of Sailpoint so we will not be covering this part.

API Spec ๐Ÿ”—

Listing applications ๐Ÿ”—

It might seem like the most straightforward thing to do but if you do not know the endpoint it can get quite frustrating very quickly so let’s get into it.

GET https://{{base_tenant}}.api.identitynow.com/cc/api/app/list

This bad boy will retrieve all the applications you have on your Sailpoint. To my knowledge pagination is not implemented, here’s the structure you should receive on a successful request:

{
	"id": "integer",
	"serviceAppId": "integer",
	"externalId": "hash",
	"name": "App Name",
	"description": "App Description",
	"appCenterEnabled": bool,
	"provisionRequestEnabled": bool,
	"appId": "integer",
	"serviceId": "integer",
	"controlType": "string",
	"mobile": bool,
	"privateApp": bool,
	"scriptName": "string",
	"status": "string",
	"icon": "string",
	"health": {
		"status": "string",
		"lastChanged": timestamp,
		"since": integer,
		"healthy": bool
	},
	"enableSso": bool,
	"ssoMethod": "string",
	"added": bool,
	"popularity": integer,
	"hasAccountSource": bool,
	"hasPasswordSource": bool,
	"groups": [
		"string"
	]
}, ...

Also what is fun is that you cannot implement filters at the query level for example to get only the details of myFunApplication

Solution I plan to use for this use case is to retrieve all the applications and catch the JSON block of what I’m looking for with a little bit of Python magic.

Creating an application ๐Ÿ”—

Very straightforward and to the point, you can create an application by supplying only 2 parameters:

POST https://{{base_tenant}}.api.identitynow.com/cc/api/app/create

{
	"name": "My beautiful Application",
	"description": "Isn't it the best?"
}

To be continued…

sailpoint api iam doc