Application Role Attributes

Object Type - applicationRole

Schema Attribute Name

Type

Description

id

String

This is the unique identifier for Application Role.

This is the nativeIdentity attribute.

This id is a concatenation of:

resourceId:appRoleId

Where, resourceId is the ID of SPN, and appRoleId is the ID for the appRole within that SPN.

For example, 70b32868-8393-4c4e-99fc-916710f62412:6f445064-b311-4d3e-a869-e024e787d6a9

displayName

String

This is the display name of the Application Role.

Just like id, displayName is a concatenation of:

resource-DisplayName: appRole-DisplayName

For example, if an SPN with displayName TestSPN, has an appRole defined with name Engineer, then the displayName for appRole after concatenation would be TestSPN:Engineer

spn_description

String

This is the description for the SPN.

appRole_description

String

This is the description for the appRole.

allowedMemberTypes

String

Multi

Displays the types of members that this role can be assigned to. For example, Users,Groups,Applications

isEnabled

boolean

Displays whether the appRoles is enabled or disabled.

value

String

 

Use the following JSON request and the IdentityNow REST API to add the ApplicationRole schema to an existing connector:

Note
For more information on IdentityNow APIs, refer to Best Practices: IdentityNow REST API Authentication and IdentityNow REST API - Update Source (Partial) in the SailPoint Developer Community.

Copy 
{
    "nativeObjectType": "applicationRole",
    "name": "applicationRole",
    "identityAttribute": "id",
    "displayAttribute": "displayName",
    "hierarchyAttribute": null,
    "includePermissions": false,
    "features": [],
    "configuration": {},
    "attributes": [
        {
            "name": "id",
            "type": "STRING",
            "schema": null,
            "description": "Unique Identifier for Application Role",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "displayName",
            "type": "STRING",
            "schema": null,
            "description": "Display Name of the Application Role",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "spn_description",
            "type": "STRING",
            "schema": null,
            "description": "This is the description for the Service Principal",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "appRole_description",
            "type": "STRING",
            "schema": null,
            "description": "This is the description for the Application Role",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "allowedMemberTypes",
            "type": "STRING",
            "schema": null,
            "description": "Types of members that this role can be assigned to, for example: Users,Groups,Applications",
            "isMulti": true,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "isEnabled",
            "type": "BOOLEAN",
            "schema": null,
            "description": "Represents whether the Application Role is enabled or disabled.",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        },
        {
            "name": "value",
            "type": "STRING",
            "schema": null,
            "description": "The value of the Application Role.",
            "isMulti": false,
            "isEntitlement": false,
            "isGroup": false
        }
    ]
}