Introduction
IBM® OpenPages® is an AI-driven, highly scalable governance, risk and compliance (GRC) solution. The IBM OpenPages® GRC REST API provides access to IBM OpenPages® data and metadata. This data-centric API is specified in terms of resources, their URIs, and actions that can be performed on these URIs.
Endpoint URIs
In the IBM OpenPages model, the metadata it defines, and their corresponding data can be accessed, updated, and created using the REST API. The REST API takes the form of URIs for these resources. The complete set of supported actions, their paths, parameters, and corresponding returned codes are defined. Data sent and returned during these HTTP interactions can either be in the HTTP body or as attachments.
The base URL for IBM OpenPages API endpoints come from your individual service instance. To find the URL, click the service instance in your Resource list and click Environment. Use the value that's listed in the Fixed URL field. For example:
https://21181e99-2f47-4ca8-8594-4b329353810c.us-east-1.aws.openpages.ibm.com
In IBM OpenPages as a Service, the specification of the URI address and the naming of path segments is not arbitrary.
Every URI begins with https://<host:port>/opgrc/api
, which is represented in the cURL examples as ${base_url}
.
For example, you can use the following URI paths for IBM OpenPages REST API V2 for OpenPages as a Service where ${base_url}
is https://example.com:8888/opgrc/api
:
${base_url}/v2/configuration/tags
${base_url}/v2/configuration/currencies/{code}/exchange_rates
${base_url}/v2/scim/Groups/{id}
${base_url}/v2/workflows/definitions/version/{id}
Support for SCIM
The endpoints for Groups, ResourceTypes, Schema, ServiceProviderConfig, and Users are based on the SCIM 2.0 specification. Note that the SCIM ETags feature is not supported.
For more information about SCIM, see System for Cross-domain Identity Management: Protocol.
Authentication
To work with the API, you must use an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API.
You can generate an IAM token for an authenticated user or service ID by using the IAM Identity Services API. IAM tokens are generated by using the user or service ID's API key. For more information, see Generating an IBM Cloud IAM token by using an API key.
To use the API, add a valid IAM token to the HTTP Authorization request header by using the syntax --header "Authorization: Bearer ${iam_token}"
.
To retrieve your access token:
curl -X POST "https://iam.cloud.ibm.com/identity/token" --header 'Content-Type: application/x-www-form-urlencoded' --header 'Accept: application/json' --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' --data-urlencode 'apikey={API_KEY}'
Replace {API_KEY}
with your IAM API key.
Auditing
You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. Whenever an API method is called, an event is generated that you can then track and audit from within Activity Tracker. For entire list of event types, see Auditing events for IBM OpenPages.
Error handling
This API uses standard HTTP response codes to indicate whether a method completed successfully. A 200
response indicates success. A 400
type response indicates a failure, and a 500
type response indicates an internal system error.
HTTP Error Code | Description | Recovery |
---|---|---|
200 |
Success | The request was successful. |
400 |
Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. |
401 |
Unauthorized | You are not authorized to make this request. Log in to IBM Cloud and try again. If this error persists, contact the account owner to check your permissions. |
403 |
Forbidden | The supplied authentication is not authorized to access '{namespace}'. |
404 |
Not Found | The requested resource could not be found. |
408 |
Request Timeout | The connection to the server timed out. Wait a few minutes, then try again. |
409 |
Conflict | The entity is already in the requested state. |
500 |
Internal Server Error | Your request could not be processed. Wait a few minutes and try again. |
Pagination
Some API requests might return many results. To avoid performance issues, these results are returned one page at a time, with a limited number of results on each page. GET requests for the following resources use pagination:
/v2/folders/resources
The default page size is 100 objects. To use a different page size, use the limit
query parameter.
For any request that uses pagination, the response may include following urls to make subsequent requests :
first
: The URL for requesting the first page of results.next
: The URL for requesting the next page of results. The next property is omitted on the last page.previous
: The URL for requesting the previous page of results. The previous property is omitted on the first page.last
: The URL for requesting the last page of results. These URLs retain the samelimit
parameters that were used for the initial request.
Methods
Get Tags
Gets a list of tags. Set the only_enabled query parameter to true to request only enabled tags. If only_enabled is not set or if it is set to false, all tags are returned.
GET /v2/configuration/tags
Request
Query Parameters
If set to true, returns only enabled tags. Default is false.
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/tags"
Response
Defines Tag Types
Collection of Tag type
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "tags": [ { "tag_id": "1", "name": "Tag1da495b22f2d0", "description": "Tag1 description", "enabled": "true", "created_on": "2022-11-23T03:10:03.081-05:00", "created_by": "OpenPagesAdministrator", "modified_date": "2022-11-23T03:10:03.081-05:00", "last_modified_by": "OpenPagesAdministrator" }, { "tag_id": "2", "name": "Tag2da495b22f2d0", "description": "Tag2 description", "enabled": "false", "created_on": "2022-11-23T03:10:03.128-05:00", "created_by": "OpenPagesAdministrator", "modified_date": "2022-11-23T03:10:03.425-05:00", "last_modified_by": "OpenPagesAdministrator" } ] }
Request
Tag Types to create
{
"tags": [
{
"name": "PenTest",
"description": "Tag for pen test"
}
]
}
Collection of Tag type
Possible values: 0 ≤ number of items ≤ 100
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "tags": [ { "name": "PenTest", "description": "Tag for pen test" } ] }' "${base_url}/v2/configuration/tags"
Response
Defines Tag Types
Collection of Tag type
Possible values: 0 ≤ number of items ≤ 100
Status Code
Tags Created
Tag name cannot be null.
201
{ "tags": [ { "tag_id": "1", "name": "Tag1da495b22f2d0", "description": "Tag1 description", "enabled": "true", "created_on": "2022-11-23T03:10:03.081-05:00", "created_by": "OpenPagesAdministrator", "modified_date": "2022-11-23T03:10:03.081-05:00", "last_modified_by": "OpenPagesAdministrator" }, { "tag_id": "2", "name": "Tag2da495b22f2d0", "description": "Tag2 description", "enabled": "false", "created_on": "2022-11-23T03:10:03.128-05:00", "created_by": "OpenPagesAdministrator", "modified_date": "2022-11-23T03:10:03.425-05:00", "last_modified_by": "OpenPagesAdministrator" } ] }
400
{ "status_code": "400", "errors": [ { "code": "-2", "message": "Bad Request - Tag name cannot be null or empty." } ] }
Decrypt using External Key
Decrypts all data, such as OpenPages storage and sensitive information in OpenPages database, using an external key.
PUT /v2/configuration/decrypt_with_external_key
Encrypt using External Key
Encrypts all data, such as OpenPages storage and sensitive information in OpenPages database, using an external key.
PUT /v2/configuration/encrypt_with_external_key
Get Base Currency
Gets the Base Currency information for this system. The Base Currency is typically set at install time.
GET /v2/configuration/currencies/base
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/currencies/base"
Response
Defines Currency Type
Currency ISO Code
Currency name
Currency symbol
Currency ID
Currency precision
Is Base Currency
Is Currency enabled
Status Code
200
200
{ "iso_code": "USD", "name": "United States of America, Dollars", "symbol": "$", "precision": 2, "is_base_currency": true, "is_enabled": true, "id": "10" }
Get Child Settings
Gets values for all child configurations in the specified path.
GET /v2/configuration/settings/all/{setting_path}
Request
Path Parameters
Get the child settings for the specified path. For example,
/OpenPages/Platform/CP4D/Sync/Profiles
. Because the path contains slashes (/), it must be URL-encoded.Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9 /_.-]*
Example:
/OpenPages/Platform/CP4D/Sync/Profiles
Query Parameters
0-based index of the first query result.
Default:
0
Specifies the desired maximum number of results per page.
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/settings/all/${setting_path}"
Response
Collection of Setting Types
Collection of Setting Types
Possible values: 0 ≤ number of items ≤ 1000, 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9 /_.-]*
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "settings": [ { "key": "/OpenPages/Applications/Assistant/Embed Options", "value": "" }, { "key": "/OpenPages/Applications/Assistant/Integration ID", "value": "" }, { "key": "/OpenPages/Applications/Assistant/Assistant URL", "value": "" } ] }
Get Currencies
Gets a list of currencies. Set the only_enabled query parameter to true to request only enabled currencies. If only_enabled is not set or if it is set to false, all currencies are returned.
GET /v2/configuration/currencies
Request
Query Parameters
If set to true, returns only enabled currencies. Default is false.
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/currencies"
Response
Defines collection of Currency Types
Collection of Currency Types
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "currencies": [ { "iso_code": "USD", "name": "United States of America, Dollars", "symbol": "$", "precision": 2, "is_base_currency": true, "is_enabled": true, "id": "10" }, { "iso_code": "CAD", "name": "Canadian Dollar", "symbol": "$", "precision": 2, "is_base_currency": false, "is_enabled": true, "id": "350" } ] }
Get Currency by ISO code
Gets the details about a Currency by specifying an ISO code.
GET /v2/configuration/currencies/{code}
Request
Path Parameters
ISO currency code.
Possible values: 1 ≤ length ≤ 6, Value must match regular expression
[A-Z]*
Example:
USD
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/currencies/${code}"
Response
Defines Currency Type
Currency ISO Code
Currency name
Currency symbol
Currency ID
Currency precision
Is Base Currency
Is Currency enabled
Status Code
200
200
{ "iso_code": "USD", "name": "United States of America, Dollars", "symbol": "$", "precision": 2, "is_base_currency": true, "is_enabled": true, "id": "10" }
Set Currency status
Sets the status of a Currency to be enabled or disabled.
PUT /v2/configuration/currencies/{code}
Request
Path Parameters
ISO currency code.
Possible values: 1 ≤ length ≤ 6, Value must match regular expression
[A-Z]*
Example:
USD
Query Parameters
Status to set on the Currency.
Example:
true
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/configuration/currencies/${code}?enable=true"
Get Current Reporting Period
Gets the Current Reporting Period information. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
GET /v2/configuration/reporting_periods/current
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/reporting_periods/current"
Response
Defines Reporting Period Type
Reporting Period ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Reporting Period label
Reporting Period description
Reporting Period finalized date
Reporting Period creation date
Reporting Period modified date
Status Code
200
200
{ "id": "10", "label": "Current Reporting Period", "description": "Current Reporting Period", "finalizedDate": "2022-09-09T21:58:11.678-04:00", "creationDate": "2022-09-09T21:58:11.000-04:00", "modifiedDate": "2022-09-09T21:58:11.678-04:00" }
Get exchange rates for a Currency
Gets exchange rates for a Currency by specifying an ISO currency code. The default response returns the current exchange rate. To get the exchange rate for a particular date, use the date parameter.
GET /v2/configuration/currencies/{code}/exchange_rates
Request
Path Parameters
ISO currency code.
Possible values: 1 ≤ length ≤ 6, Value must match regular expression
[A-Z]*
Example:
USD
Query Parameters
The date for which to retrieve the exchange rate. The expected date format is ISO 8601 'yyyyMMdd'T'HHmmss'Z''
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
Return all the historical exchange rates for the Currency if the date is not specified.
0-based index of the first query result.
Default:
0
Specifies the desired maximum number of results per page.
Possible values: value ≤ 1000
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/currencies/${code}/exchange_rates?date=20220616T075200-0400"
Response
Defines collection of Exchange Rate Types
Collection of Exchange Rate Types
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "total_count": 1, "offset": 0, "limit": 100, "exchange_rates": [ { "id": "1", "currency_code": "USD", "rate": 1, "start_date": "2022-01-01T00:00:00.000-05:00" } ] }
Sets exchange rate for Currency
Sets an exchange rate for a Currency.
POST /v2/configuration/currencies/{code}/exchange_rates
Request
Path Parameters
ISO currency code.
Possible values: 1 ≤ length ≤ 6, Value must match regular expression
[A-Z]*
Example:
USD
Exchange rate to set.
Set exchange rate
{
"rate": 0.8636,
"start_date": "2015-05-20T00:00:00.000-05:00"
}
Exchange rate ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Currency code
Possible values: 1 ≤ length ≤ 6, Value must match regular expression
[A-Z]*
Exchange rate
Start date
Possible values: 1 ≤ length ≤ 29
End date
Possible values: 1 ≤ length ≤ 29
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "rate": 0.8636, "start_date": "2015-05-20T00:00:00.000-05:00" }' "${base_url}/v2/configuration/currencies/${code}/exchange_rates"
Request
Query Parameters
If set to true, returns only enabled locales. If set to false, returns both enabled and disabled locales. Default is true.
If set to true, returns only locales that have been successfully created. When a user adds a new locale, the creation of the locale doesn't happen instantly. A locale in the process of being created is disabled, and is not returned when the 'created' parameter is set to true. Default is true.
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/locales"
Response
Defines collection of Locales
Collection of Locale Types
Possible values: 0 ≤ number of items ≤ 100
Status Code
List of locales
200
, { "id": "24", "is_created": false, "is_default": false, "is_enabled": false, "is_supplied_by_vendor": false, "iso_language_code": "fi", "iso_territory_code": "FI", "name": "Finnish", "nls_language": "'FINNISH'", "nls_sort": "'FINNISH'", "nls_territory": "fi" } ] }
Get Localized Application Text
Gets the Localized Application Text label for the current user's locale.
GET /v2/configuration/text/{text_key}
Request
Path Parameters
The application text key. For example, "com.label.activityview.detailview".
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 _.-]*
Example:
com.label.activityview.detailview
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/text/${text_key}"
Get All Application Text
Gets all Localized Application Text labels for the current user's locale. Use the categoryFilters parameter to filter application texts by category names. Use the includeLocalizedLabels parameter to include localized labels for all locales.
GET /v2/configuration/text
Request
Query Parameters
Include localized labels for all locales.
Default:
false
Comma-separated category name to filter application texts.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
0-based index of the first query result.
Default:
0
Specifies the desired maximum number of results per page.
Possible values: value ≤ 1000
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/text"
Response
Defines application texts
Collection of application text
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "text": [ { "name": "com.image.alt.File", "category": "Miscellaneous", "localized_label": "File" }, { "name": "instruction.busentity.move.select", "category": "Miscellaneous", "localized_label": "Select the target {0}:" } ] }
Request
Path Parameters
Profile name or ID.
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 _-]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/profiles/${profile}"
Response
Defines a Profile Type
Profile type ID
Profile type name
Profile type description
Is default Profile type
Is fallback Profile type
Is Profile type enabled
Is Profile type deleted
Status Code
200
200
{ "id": "1", "name": "Default", "description": "Default Profile", "is_default": false, "is_fallback": false, "is_enabled": true, "is_deleted": false }
Get Profile Definition
Gets a full profile definition including object types, fields, and views.
GET /v2/configuration/profiles/{profile}/definition
Request
Path Parameters
Profile name or ID.
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 _-]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/profiles/${profile}/definition"
Response
Defines a Profile Type
Profile type ID
Profile type name
Profile type description
Is default Profile type
Is fallback Profile type
Is Profile type enabled
Is Profile type deleted
Status Code
200
200
{ "name": "Default", "id": "1", "description": "Default Profile", "isDefault": false, "isFallback": false, "isDisabled": false, "isDeleted": false, "objectTypes": { "objectType": [] }, "resourceAssociations": { "resourceAssociation": [ { "resourceType": "DEFAULT_HOME_PAGE_TAB", "tabEnabled": true, "tabOrder": 1, "homePagePanelsConfiguration": "" } ] } }
Get Profile Fields
Gets the definitions of Fields associated with the specified Profile for the specified Object Type. For example, Fields from the SOXBusEntity in the OpenPages Modules Master Profile.
GET /v2/configuration/profiles/fields
Request
Query Parameters
Profile name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 _-]*
Object Type system name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Example:
SOXBusEntity
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/profiles/fields?profile=${profile}&type=SOXBusEntity"
Response
Collection of Profile field definition Types
Collection of Profile field definition types
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "fields": [ { "id": "9104", "name": "Name", "group_name": "System Fields", "localized_label": "Name", "data_type": "STRING_TYPE", "required": true, "display_type": "Text" }, { "id": "9105", "name": "Description", "group_name": "System Fields", "localized_label": "Description", "data_type": "STRING_TYPE", "required": false, "display_type": "Text Area" } ] }
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/profiles"
Response
Collection of Profile Types
Collection of Profile Types
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "profiles": [ { "id": "4", "name": "BCM End User", "description": "Generated by 8.3", "isDefault": false, "isFallback": false, "isEnabled": true, "isDeleted": false }, { "id": "1", "name": "Default", "description": "Default Profile", "isDefault": false, "isFallback": false, "isEnabled": true, "isDeleted": false } ] }
Get Reporting Period by Name
Gets a specific Reporting Period by name. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
GET /v2/configuration/reporting_periods/{reporting_period}
Request
Path Parameters
The name of the Reporting Period.
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 ]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/reporting_periods/${reporting_period}"
Response
Defines Reporting Period Type
Reporting Period ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Reporting Period label
Reporting Period description
Reporting Period finalized date
Reporting Period creation date
Reporting Period modified date
Status Code
200
200
{ "id": "10", "label": "Current Reporting Period", "description": "Current Reporting Period", "finalizedDate": "2022-09-09T21:58:11.678-04:00", "creationDate": "2022-09-09T21:58:11.000-04:00", "modifiedDate": "2022-09-09T21:58:11.678-04:00" }
Get All Reporting Periods
Gets a list of all Reporting Periods. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
GET /v2/configuration/reporting_periods
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/reporting_periods"
Response
Collection of ReportingPeriod Types
Collection of ReportingPeriod Types
Possible values: 0 ≤ number of items ≤ 1000
Status Code
200
200
{ "reporting_periods": [ { "id": "-1", "label": "Current Reporting Period", "description": "Current Reporting Period", "finalizedDate": "2022-09-09T21:58:11.678-04:00", "creationDate": "2022-09-09T21:58:11.000-04:00", "modifiedDate": "2022-09-09T21:58:11.678-04:00" } ] }
Get Setting
Gets the value of the configuration setting by the specified path.
GET /v2/configuration/settings/{setting_path}
Request
Path Parameters
The setting path. For example,
/OpenPages/Applications/GRCM/Audit Trail/Show Audit Trail For Custom Forms
. Because the path contains slashes (/), it must be URL-encoded.Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9 /_.-]*
Example:
/OpenPages/Applications/GRCM/Audit Trail/Show Audit Trail For Custom Forms
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/settings/${setting_path}"
Get System Admin Mode
Gets the status of System Admin Mode. The status can be either true, meaning that System Admin Mode is enabled, or false.
GET /v2/configuration/admin_mode
Set System Admin Mode
Sets the status of System Admin Mode. The status can be either true, meaning that System Admin Mode is enabled, or false. This operation requires System Administration Mode permission.
PUT /v2/configuration/admin_mode
Get Tag
Gets the details about the tag identified by the specified tag_id.
GET /v2/configuration/tags/{tagid}
Request
Path Parameters
Tag ID.
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/configuration/tags/${tagid}"
Response
Defines Tag Type
Tag ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Tag Name
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Tag description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Is Tag enabled
Possible values: [
true
,false
]Date Tag was created on
Possible values: 1 ≤ length ≤ 29
User who created the Tag
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Tag modified date
Possible values: 1 ≤ length ≤ 29
Author of latest tag modification
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Status Code
200
200
{ "tag_id": "1", "name": "Tag1da495b22f2d0", "description": "Tag1 description", "enabled": "true", "created_on": "2022-11-23T03:10:03.081-05:00", "created_by": "user001", "modified_date": "2022-11-23T03:10:03.081-05:00", "last_modified_by": "user001" }
Request
Path Parameters
Tag ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Tag Type to update
Tag ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Tag Name
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Tag description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Is Tag enabled
Allowable values: [
true
,false
]
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{}' "${base_url}/v2/configuration/tags/${tagid}"
Response
Defines Tag Type
Tag ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Tag Name
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Tag description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Is Tag enabled
Possible values: [
true
,false
]Date Tag was created on
Possible values: 1 ≤ length ≤ 29
User who created the Tag
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Tag modified date
Possible values: 1 ≤ length ≤ 29
Author of latest tag modification
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Status Code
Tag updated
200
{ "tag_id": "1", "name": "EntityTag", "description": "Tag to mark entity", "enabled": "true", "created_on": "2022-11-23T03:10:03.081-05:00", "created_by": "user001", "modified_date": "2022-11-23T03:15:03.081-05:00", "last_modified_by": "user001" }
Integrate Cognos Service
Integrates the Cognos Service into OpenPages. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
PUT /v2/configuration/integrate_cognos_service
Set Multiple Exchange Rates
Sets Currency exchange rates with a list of exchange rates for multiple currencies.
POST /v2/configuration/currencies/exchange_rates
Request
List of exchange rates to set for multiple currencies
{
"exchange_rates": [
{
"currency_code": "CAD",
"rate": 0.8637
},
{
"currency_code": "EUR",
"rate": 1.1143,
"start_date": "2015-05-21T00:00:00.000-05:00"
}
]
}
Collection of Exchange Rate Types
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "exchange_rates": [ { "currency_code": "CAD", "rate": 0.8637 }, { "currency_code": "EUR", "rate": 1.1143, "start_date": "2015-05-21T00:00:00.000-05:00" } ] }' "${base_url}/v2/configuration/currencies/exchange_rates"
Update Setting Value
Updates the value of the configuration setting specified by the path.
PUT /v2/configuration/settings
Request
The path that specifies the setting and the key-value pair that specifies the value to update. An example of a path: /OpenPages/Applications/GRCM/Audit Trail/Show Audit Trail For Custom Forms
. Because the path contains slashes (/), it must be URL-encoded.
Setting key
Setting value
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: */*" "${base_url}/v2/configuration/settings"
Enable or Disable Trace Log Options
Enables or disables Trace Log options.
PUT /v2/configuration/traces
Add Child Associations
Adds child associations from one GRC Object to other GRC Objects. Locked parent cannot be associated, except when allowed by registry setting:/OpenPages/Applications/GRCM/Locked Objects/Allowed Associations/*
POST /v2/contents/{id}/associations/children
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
List of child associations to create
{
"associations": [
{
"id": "8196",
"type": "child"
}
]
}
Collection of Association Nodes
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "associations": [ { "id": "8196", "type": "child" } ] }' "${base_url}/v2/contents/${id}/associations/children"
Remove Children Associations
Removes child associations from one GRC Object to other GRC Objects.
DELETE /v2/contents/{id}/associations/children
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Comma-delimited list of child IDs
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[0-9]+(,[0-9]+)*
curl -X DELETE --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/contents/${id}/associations/children"
Add Parent Associations
Adds parent associations from one GRC Object to other GRC Objects. Association can only occur if the child is unlocked. If the parent is locked, the association is permitted only if allowed by the registry setting:/OpenPages/Applications/GRCM/Locked Objects/Allowed Associations/*
POST /v2/contents/{id}/associations/parents
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
List of parent associations to create
{
"associations": [
{
"id": "8174",
"type": "parent"
}
]
}
Collection of Association Nodes
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "associations": [ { "id": "8174", "type": "parent" } ] }' "${base_url}/v2/contents/${id}/associations/parents"
Remove Parent Associations
Removes parent associations from one GRC Object to other GRC Objects.
DELETE /v2/contents/{id}/associations/parents
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Comma-delimited list of parent IDs
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[0-9]+(,[0-9]+)*
curl -X DELETE --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/contents/${id}/associations/parents"
Get GRC Object Tags
Gets a list of all Tags associated with the GRC Object.
GET /v2/contents/{id}/tags
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path. For example,
- ID: 3456
- Relative: Issue/Test 01/Issue 1
- Full Path: /_op_sox/Project/Default/Issue/Test 01/Issue 1.txt
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/tags"
Response
Defines Tag Types
Collection of Tag type
Possible values: 0 ≤ number of items ≤ 100
Status Code
200 OK
200
{ "tags": [ { "tag_id": "1", "name": "HighRisk", "description": "HighRisk", "enabled": "true", "created_on": "2022-06-22T10:18:08.350-0400", "created_by": "OpenPagesAdministrator", "modified_date": "2022-06-22T10:18:08.350-0400", "last_modified_by": "OpenPagesAdministrator" } ] }
Associate Tags
Associates one or more Tags to a Object. In each TagType in the request, set the tagID attribute to be the target of the association.
POST /v2/contents/{id}/tags
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
List of Tags to associate
{
"tags": [
{
"tag_id": "1"
}
]
}
Collection of Tag type
Possible values: 0 ≤ number of items ≤ 100
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "tags": [ { "tag_id": "1" } ] }' "${base_url}/v2/contents/${id}/tags"
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Comma-delimited list of Tag IDs
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[0-9]+(,[0-9]+)*
Example:
21,22
curl -X DELETE --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/contents/${id}/tags?tag_ids=21,22"
Get Object Types a User Can Create
Gets the child object types the current user can create for the parent object specified by the ID. This list returns only the object types specified by the types parameter. The object types a user can create are determined by the current security assigned to the user and any security rules that apply globally. Users can get their own permissions only.
GET /v2/contents/permissions/allowedtocreatetypes
Request
Query Parameters
User name or ID to check permissions for. If this value is null, the operation checks the permissions for the current user. Only Super Administrators or Security Administrators can specify a value for this parameter. Users without permission that specify a value receive a response of Not Authorized.
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
The list of GRC Object Types to check. Specify a comma-separated list of type names or IDs. If this value is null, the operation returns a list of all types in the system.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Example:
SOXTask,Waiver
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/permissions/allowedtocreatetypes?types=SOXTask,Waiver"
Get Child Object Types that the User can Create for a Specified Parent
Gets the child object types that the current user can create for the parent object specified by the ID. This list returns only the object types specified by the types parameter. The object types a user can create are determined by the current security assigned to the user and any security rules that apply globally. Users can get only their own permissions.
GET /v2/contents/{id}/permissions/allowedtocreatetypes
Request
Path Parameters
GRC Object ID or path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
The list of Object Types to check. Specify a comma-separated list of type names or IDs. If this value is null, the operation returns a list of all types in the system.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Example:
SOXTask,Waiver
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/permissions/allowedtocreatetypes?types=SOXTask,Waiver"
Get GRC Object Associations
Gets a list of all GRC Object associations to other GRC Objects.
GET /v2/contents/{id}/associations
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path. Examples:
- ID: 3456
- Relative: Issue/Test 01/Issue 1
- Full Path: /_op_sox/Project/Default/Issue/Test 01/Issue 1.txt
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Filters object associations based on association type. Value can be parent or child.
Allowable values: [
parent
,child
]0-based index of the first query result.
Default:
0
Specifies the desired maximum number of results per page.
Possible values: value ≤ 1000
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/associations"
Response
Defines Association Node Types
Collection of Association Nodes
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "associations": [ { "id": "7821", "type_definition_id": "5", "path": "/_op_sox/Project/Default/BusinessEntity/Global Financial Services/Asia Pac/Agency Services/Agency Services.txt", "association_definition_id": "4", "type": "parent" }, { "id": "13501", "type_definition_id": "7", "path": "/_op_sox/Project/Default/IssueActionItems/Test 01/issue7_ISSUE_ACTION_ITEM_000001.txt", "association_definition_id": "8", "type": "child" } ] }
Add Associations
Adds either parent or child associations from one GRC Object to other GRC Objects. In each AssociationNodeType in the request, set the id attribute to be the object to make associations with.
POST /v2/contents/{id}/associations
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Request body that includes the list of associations to create
{
"associations": [
{
"id": "6045",
"type": "parent"
}
]
}
Collection of Association Nodes
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "associations": [ { "id": "6045", "type": "parent" } ] }' "${base_url}/v2/contents/${id}/associations"
Remove Associations
Removes the associations from one GRC Object to other GRC Objects.
DELETE /v2/contents/{id}/associations
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Comma-delimited list of parent IDs
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[0-9]+(,[0-9]+)*
Default:
Comma-delimited list of child IDs
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[0-9]+(,[0-9]+)*
Default:
curl -X DELETE --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/contents/${id}/associations"
Copy GRC Objects
Copies a list of GRC Objects to a parent object specified by the id parameter. The copied Objects are created as children of the specified parent. The response contains a list of the copies that were made.
PUT /v2/contents/{id}/action/copy
Request
Path Parameters
Parent GRC Object ID or Path to copy the other objects to.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Request body containing the list of Object IDs to be copied and options for the copy action.
{
"ids": [
"19001"
],
"options": {
"include_children": true,
"conflict_behavior": "createcopyof",
"type_definitions": [
"SOXIssue"
],
"type_associations": [
{
"parent_object_type": "SOXProcess",
"child_object_type": "SOXIssue"
}
],
"auto_name_children": false
}
}
Collection of Object IDs
Possible values: 0 ≤ number of items ≤ 100, 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Defines Action Option Type
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "ids": [ "19001" ], "options": { "include_children": true, "conflict_behavior": "createcopyof", "type_definitions": [ "SOXIssue" ], "type_associations": [ { "parent_object_type": "SOXProcess", "child_object_type": "SOXIssue" } ], "auto_name_children": false } }' "${base_url}/v2/contents/${id}/action/copy"
Response
Collection of GrcObjects
Collection of GrcObjects
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "grcobjects": [ { "fields": [ { "value": "19002", "id": "28", "data_type": "ID_TYPE", "name": "Resource ID", "has_changed": false }, { "value": "newaction", "id": "56", "data_type": "STRING_TYPE", "name": "Description", "has_changed": false }, { "date": "2022-06-26T02:31:32.000-0400", "id": "60", "data_type": "DATE_TYPE", "name": "Last Modification Date", "has_changed": false } ], "type_definition_id": "7", "is_checkout": false, "is_locked": false, "primary_parent_id": "12502", "name": "issue7_ISSUE_ACTION_ITEM_000022", "id": "19002", "path": "/_op_sox/Project/Default/IssueActionItems/issue7_ISSUE_ACTION_ITEM_000022.txt", "description": "New action", "creator": "user001", "creation_date": "2022-06-26T02:31:32.000-0400", "modified_date": "2022-06-26T02:31:32.000-0400", "parent_folder_id": "18", "last_modified_by": "user001" } ] }
Create GRC Object
Creates a new GRC Object instance. Can also create Document types with attachment content. The IDs used for type definitions and file types are available in the /types API.
type_definition_id
could be either an Object Type's ID, such as123
, or its system name, such asSOXIssue
. Object Type labels are not supported.primary_parent_id
can be either another Object Type's ID, such as10101,
or its full path, such as/_op_sox/Project/Default/Issue/Parent-Issue.txt
.- Every field in the
fields
must be identified uniquely by the field's ID attribute, or an id such as"id": "456"
, or a name attribute such as"name": "OPSS-Iss:Status"
.
To create a Document object, set the attachment contents in the content_definition.children
attribute of the payload. For binary file formats, set Base64-encoded file contents in the same attribute.
To convert PDF document to base64, save the pdf file(MyTestPdf.pdf) in a folder. Depending on your operating system, you can use a tool to convert a file to base64. For example on Mac OSX or Linux, open terminal in that folder and use base64 command
base64 -i MyTestPdf.pdf > pdfToBase64
Open the new file(pdfToBase64), copy the contents and set it in the content_definition.children
attribute.
POST /v2/contents
Request
Query Parameters
Flag to create enum if it doesn't exist
Default:
false
Creates a GRC object.
{
"fields": [
{
"id": "141",
"name": "OPLC-Std:LCComment",
"value": "Object comment"
},
{
"name": "OPLC-Std:LCReadOnly",
"value": "true"
},
{
"name": "OPSS-Iss:Identified By Group",
"value": [
{
"name": "Internal Audit"
},
{
"id": "3484"
}
]
},
{
"name": "OPSS-Iss:Status",
"value": {
"name": "Open"
}
}
],
"type_definition_id": "6",
"name": "TestObjectCreate",
"description": "Test GRC Object create V2"
}
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Object Type's ID or System name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Defines a File Type definition
Defined a Content definition type
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Fields in this Object type
Possible values: 0 ≤ number of items ≤ 100
Is Folder
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Is Object checked out
Is Object locked
Another GRC Object's resource ID or full path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "fields": [ { "id": "141", "name": "OPLC-Std:LCComment", "value": "Object comment" }, { "name": "OPLC-Std:LCReadOnly", "value": "true" }, { "name": "OPSS-Iss:Identified By Group", "value": [ { "name": "Internal Audit" }, { "id": "3484" } ] }, { "name": "OPSS-Iss:Status", "value": { "name": "Open" } } ], "type_definition_id": "6", "name": "TestObjectCreate", "description": "Test GRC Object create V2" }' "${base_url}/v2/contents"
Response
GrcObject Type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Collection of Fields defined in this Object type
Possible values: 0 ≤ number of items ≤ 1000
Object Type's ID or System name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
List of workflow process ids.
Possible values: 0 ≤ number of items ≤ 10
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Is Object checked out
Is Object locked
Another GRC Object's resource ID or full path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Status Code
Object Created
201
{ "name": "TestObjectCreate", "id": "13056", "path": "/_op_sox/Project/Default/Issue/TestObjectCreate.txt", "creation_date": "2023-04-20T01:17:26.000-04:00", "modified_date": "2023-04-20T01:17:26.000-04:00", "description": "Test GRC Object create V2", "parent_folder_id": "17", "creator": "OpenPagesAdministrator", "last_modified_by": "OPSystem", "fields": [ { "id": "28", "data_type": "ID_TYPE", "name": "Resource ID", "has_changed": false, "value": "13056" }, { "id": "61", "data_type": "DATE_TYPE", "name": "Creation Date", "has_changed": false, "value": "2023-04-20T01:17:26.000-04:00" }, { "id": "60", "data_type": "STRING_TYPE", "name": "Location", "has_changed": false, "value": "/_op_sox/Project/Default/Issue/TestObjectCreate.txt" }, { "id": "3202", "data_type": "MULTI_VALUE_ENUM", "name": "OPSS-Issue:Domain", "has_changed": false, "values": [ { "id": "8199", "name": "Compliance", "localized_label": "Compliance", "index": 1, "hidden": false } ] }, { "id": "3207", "data_type": "ENUM_TYPE", "name": "OPSS-Issue:Status", "has_changed": false, "value": { "id": "8183", "name": "Open", "localized_label": "Open", "index": 2, "hidden": false } } ], "type_definition_id": "6", "is_checkout": false, "is_locked": false }
Get GRC Object by ID
Gets a GRC Object instance by ID or a relative path. Use optional parameters to control data returned.
GET /v2/contents/{id}
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path. Examples:
- ID: 3456
- Relative: Issue/Test 01/Issue 1
- Full Path: /_op_sox/Project/Default/Issue/Test 01/Issue 1.txt
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
The list of fields to include in response. Comma-delimited list of system names of fields for the Object Type. Default response includes all fields.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Associations to other GRC Objects. Defaults to none for optimal performance.
Allowable values: [
none
,both
,parent
,child
]Default:
none
Include associated workflow information.
Possible values: 1 ≤ length ≤ 5, Value must match regular expression
[A-Za-z]*
Default:
false
If including Associations, specify the list of Object Types to include.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
The Reporting Period name to retrieve the GRC Object from a particular period. Default is from the Current Period.
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 :;#-+_%]*
Default:
Current Reporting Period
Computed fields are not evaluated by default. To include evaluated calculations in the response, set to true.
Possible values: 1 ≤ length ≤ 5, Value must match regular expression
[A-Za-z]*
Default:
false
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}"
Response
GrcObject Type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Collection of Fields defined in this Object type
Possible values: 0 ≤ number of items ≤ 1000
Object Type's ID or System name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
List of workflow process ids.
Possible values: 0 ≤ number of items ≤ 10
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Is Object checked out
Is Object locked
Another GRC Object's resource ID or full path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Status Code
200
200
{ "fields": [ { "value": "11502", "id": "28", "data_type": "ID_TYPE", "name": "Resource ID", "has_changed": false }, { "id": "62", "data_type": "STRING_TYPE", "name": "Comment", "has_changed": false } ], "type_definition_id": "6", "is_checkout": false, "is_locked": false, "primary_parent_id": "6524", "name": "issue2", "id": "11502", "path": "/_op_sox/Project/Default/Issue/Test 01/issue2.txt", "description": "Issue created by user001", "creator": "user001", "creation_date": "2022-06-09T07:19:04.000-0400", "modified_date": "2022-06-10T06:49:28.000-0400", "parent_folder_id": "5444", "last_modified_by": "user001" }
Update GRC Object
Updates an existing GRC Object instance or document. For larger document attachments, use the PUT /v2/contents/{id}/document endpoint.
type_definition_id
could be either an Object Type's ID, such as123
, or its system name, such asSOXIssue
. Object Type labels are not supported.primary_parent_id
could be either another Object Type's ID, such as10101,
or its full path, such as/_op_sox/Project/Default/Issue/Parent-Issue.txt
.- Every Field in the
fields
must be identified uniquely by either the field's id attribute, or an id, such as"id": "456"
, or a name attribute, such as"name": "OPSS-Iss:Status"
. - When updating a Object and setting field types "MEDIUM_STRING_TYPE" and "LARGE_STRING_TYPE" values to null, the values for those fields are an empty String "" instead of NULL.
PUT /v2/contents/{id}
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path. Examples:
- ID: 3456
- Relative: Issue/Test 01/Issue 1
- Full Path: /_op_sox/Project/Default/Issue/Test 01/Issue 1.txt
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Flag to create enum if it doesn't exist
Default:
false
Update GRC object
{
"fields": [
{
"name": "OPSS-Iss:Identified By Group",
"value": [
{
"name": "Compliance Management"
}
]
}
],
"type_definition_id": "6",
"name": "TestObjectCreate",
"description": "New Description GRC Object via Update V2"
}
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Object Type's ID or System name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Defines a File Type definition
Defined a Content definition type
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Fields in this Object type
Possible values: 0 ≤ number of items ≤ 100
Is Folder
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Is Object checked out
Is Object locked
Another GRC Object's resource ID or full path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "fields": [ { "name": "OPSS-Iss:Identified By Group", "value": [ { "name": "Compliance Management" } ] } ], "type_definition_id": "6", "name": "TestObjectCreate", "description": "New Description GRC Object via Update V2" }' "${base_url}/v2/contents/${id}"
Response
GrcObject Type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Collection of Fields defined in this Object type
Possible values: 0 ≤ number of items ≤ 1000
Object Type's ID or System name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
List of workflow process ids.
Possible values: 0 ≤ number of items ≤ 10
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Is Object checked out
Is Object locked
Another GRC Object's resource ID or full path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Status Code
200
200
{ "name": "TestObjectCreate", "id": "13056", "path": "/_op_sox/Project/Default/Issue/TestObjectCreate.txt", "creation_date": "2023-04-20T01:17:26.000-04:00", "modified_date": "2023-04-20T01:17:26.000-04:00", "description": "Test GRC Object create V2", "parent_folder_id": "17", "creator": "OpenPagesAdministrator", "last_modified_by": "OPSystem", "fields": [ { "id": "28", "data_type": "ID_TYPE", "name": "Resource ID", "has_changed": false, "value": "13056" }, { "id": "61", "data_type": "DATE_TYPE", "name": "Creation Date", "has_changed": false, "value": "2023-04-20T01:17:26.000-04:00" }, { "id": "60", "data_type": "STRING_TYPE", "name": "Location", "has_changed": false, "value": "/_op_sox/Project/Default/Issue/TestObjectCreate.txt" }, { "id": "3202", "data_type": "MULTI_VALUE_ENUM", "name": "OPSS-Issue:Domain", "has_changed": false, "values": [ { "id": "8199", "name": "Compliance", "localized_label": "Compliance", "index": 1, "hidden": false } ] }, { "id": "3207", "data_type": "ENUM_TYPE", "name": "OPSS-Issue:Status", "has_changed": false, "value": { "id": "8183", "name": "Open", "localized_label": "Open", "index": 2, "hidden": false } } ], "type_definition_id": "6", "is_checkout": false, "is_locked": false }
Delete Resource
Performs a "soft delete" on a GRC Object instance by ID. Information can be retrieved using the Find Deleted Resources endpoint.
DELETE /v2/contents/{id}
Find Deleted Resources
Finds deleted resources using filters. Can use paging for results. This operation can only be performed by a Super Administrator user. The results from this method can be used in the Purge Resource method.
GET /v2/contents/deletedresources
Request
Query Parameters
A filter to limit deleted resource results. For example,
filter=Description like 'name'
.Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 _@./#&+-]*
Example:
Description like 'name'
Paging start row index
Default:
0
Paging end row index
Default:
0
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/deletedresources?filter=Description like 'name'"
Response
Collection of Deleted ResourceType Objects
Collection of Deleted ResourceTypes
Possible values: 0 ≤ number of items ≤ 100
Status Code
200 OK
200
{ "deleted_resources": [ { "id": "19002", "path": "/_op_sox/Project/Default/IssueActionItems/issue7_ISSUE_ACTION_ITEM_000022.txt", "is_folder": false, "creation_date": "2022-06-26T02:31:32.000-0400", "modified_date": "2022-06-26T03:06:51.000-0400", "description": "newaction", "creator": "6", "last_modified_by": "6", "type_definition_id": "7" } ] }
GRC Object Can Create Child of Type
Determines whether a user is allowed to create a new child Object of the specified parent GRC Object based on Role-based Security and Security Rules.
GET /v2/contents/{id}/permissions/cancreate/{type}
Request
Path Parameters
GRC Object ID or Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
The child Object Type.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Query Parameters
The folder ID to use when checking permissions. If null, use the default folder.
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/permissions/cancreate/${type}"
Get GRC Object Child Association by ID
Gets the details of a GRC Object Child Association by the specified ID.
GET /v2/contents/{id}/associations/children/{child_id}
Request
Path Parameters
The GRC Object ID or path. This path can be either a relative path or a full path. Examples:
- ID: 3456
- Relative: Issue/Test 01/Issue 1
- Full Path: /_op_sox/Project/Default/Issue/Test 01/Issue 1.txt
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
The ID of the child object that is associated with this GRC Object.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/associations/children/${child_id}"
Response
Defines an objects association type
Object ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Association Type
Possible values: [
parent
,child
]Object Type definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Object Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Association Definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Status Code
200
Child ID not found.
200
{ "id": "13501", "type_definition_id": "7", "path": "/_op_sox/Project/Default/IssueActionItems/Test 01/srkissue7_ISSUE_ACTION_ITEM_000001.txt", "association_definition_id": "8", "type": "child" }
404
{ "errors": [ { "code": "-2", "message": "Not Found - childId : 99999 not found." } ], "status_code": "404" }
Get Document Content as Stream
Gets the file contents of a Document as a binary sequence of bytes. The response content type is always a binary stream of content, but the request can specify which MIME type.
GET /v2/contents/{id}/document
Request
Path Parameters
The Document ID or path. Non-document GRC Objects are not supported.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
MIME Type of the content in the response.
Possible values: 1 ≤ length ≤ 50, Value must match regular expression
[A-Za-z0-9 /+-]*
Example:
application/octet-stream
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/octet-stream" "${base_url}/v2/contents/${id}/document?mime_type=application/octet-stream"
Update Document with Stream
Updates an existing Document attachment instance by sending the content as a raw binary stream. This method is more efficient than encoding the attachment in Base64. To update PDF file, execute below command curl -X PUT --location --header "Authorization: Basic ${basic auth}" --header "Content-Type: application/pdf" https://my-op-server:10111/opgrc/api/v2/contents/${id}/document --data-binary @path/MyTest.pdf where {id} is the id of the original pdf file, MyTest is the pdf with updated content and path is the actual path to MyTest.pdf(Do NOT remove @)
PUT /v2/contents/{id}/document
Request
Custom Headers
The MIME type that corresponds to the document content
The length of the document content in bytes
Path Parameters
The Document ID or path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
New contents of the file attachment. Contains the raw bytes of the file with no Base64 encoding.
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Content-Length: ${content_length}" --header "Content-Type: application/octet-stream" "${base_url}/v2/contents/${id}/document"
GRC Object Effective Permissions
Get the effective permissions for a user on a GRC Object resource. Users can get their own permissions. A Super Administrator or a Security Administrator can get the permissions for other users using the id parameter.
GET /v2/contents/{id}/permissions/effective
Request
Path Parameters
GRC Object ID or Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
User name or ID to check permissions for. If not specified, defaults to the current user from the session. Only Super Administrators or Security Administrators can specify a value for this parameter. Users without permission that specify a value receive a response of Not Authorized.
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/permissions/effective"
Response
Defines a Resource Permission Type Object
Folder ID
Security Principal
Indicate if principal can read resource
Indicate if principal can write resource
Indicate if principal can delete resource
Indicate if principal can associate resources
Status Code
200 OK
200
{ "folder_id": "7815", "security_principal": "user001", "can_read": true, "can_write": true, "can_delete": true, "can_associate": true }
Get New GRC Object Template
Gets an empty GRC Object template that can be used to create an Object instance. The response body can be used to construct the request body for the POST /contents operation to create a new object.
GET /v2/contents/template
Request
Query Parameters
Object Type system name or ID for the new template.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
For document attachments, specify a file type ID for the File content type. The SOXDocument object type in OpenPages has a set of file types that are allowed to be uploaded. These file types are formats such as MS Word, MS Excel, plain text, and PDF. To get a file type ID for a document object type, the listing of file types and their system IDs can be retrieved by calling GET /v2/types/SOXDocument.
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/template?type_id=${type_id}"
Response
GrcObject Type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Collection of Fields defined in this Object type
Possible values: 0 ≤ number of items ≤ 1000
Object Type's ID or System name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
List of workflow process ids.
Possible values: 0 ≤ number of items ≤ 10
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Is Object checked out
Is Object locked
Another GRC Object's resource ID or full path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Status Code
200
200
{ "fields": [ { "id": "139", "data_type": "STRING_TYPE", "name": "OPLC-Std:LCAssignee" }, { "id": "141", "data_type": "STRING_TYPE", "name": "OPLC-Std:LCComment" }, { "id": "142", "data_type": "DATE_TYPE", "name": "OPLC-Std:LCDueDate" }, { "id": "3107", "data_type": "ENUM_TYPE", "name": "OPSS-Issue:Status", "enum_value": { "id": "8709", "name": "Open", "localized_label": "Open", "index": 2, "hidden": false } } ], "name": "type name", "type_definition_id": "6" }
Get GRC Object Parent Association by ID
Gets the details of a GRC Object Parent Association.
GET /v2/contents/{id}/associations/parents/{parent_id}
Request
Path Parameters
The Object ID or path. This path can be either a relative path or a full path. Examples:
- ID: 3456
- Relative: Issue/Test 01/Issue 1
- Full Path: /_op_sox/Project/Default/Issue/Test 01/Issue 1.txt
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
The ID of the parent object that is associated with this GRC Object.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/associations/parents/${parent_id}"
Response
Defines an objects association type
Object ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Association Type
Possible values: [
parent
,child
]Object Type definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Object Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Association Definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Status Code
200
200
{ "id": "7821", "type_definition_id": "5", "path": "/_op_sox/Project/Default/BusinessEntity/Global Financial Services/Asia Pac/Agency Services/Agency Services.txt", "association_definition_id": "4", "type": "parent" }
Get Report Fragment
Invokes a Cognos report fragment for a GRC Object by the field name of the fragment. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
GET /v2/contents/{id}/report/{field_name}
Request
Path Parameters
GRC Object ID or Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
System name of the report fragment field.
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/report/${field_name}"
Response
Defines a String Field type
String field value
Field ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Field Data Type
Possible values: 1 ≤ length ≤ 64, Value must match regular expression
[A-Za-z0-9 _.-]*
Field name
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9]*
Has field value changed
Status Code
200 OK
200
{ "id": "62", "data_type": "STRING_TYPE", "name": "Comment", "has_changed": false, "value": "" }
Get Association Audit Logs
Gets a list of AssociationAuditLogs for the GRC Object specified by the id parameter. If no filter is specified, then all association logs are retrieved. Use the association_filters parameter to specify filters.
GET /v2/contents/{id}/associations/auditlogs
Request
Path Parameters
GRC Object ID or Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
A comma-delimited list of type names. Use to determine which object types to retrieve from associations.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Start of date range in audit logs. Accepts ISO8601 date format. "yyyMMdd'T'HHmmssZ"
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
End of date range in audit logs. Accepts ISO8601 date format. "yyyMMdd'T'HHmmssZ"
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/associations/auditlogs?startdate=20220616T075200-0400&enddate=20220616T075200-0400"
Response
Defines Association Audit Log Types
Collection of Association Audit Logs
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "auditlogs": [ { "id": "13501", "name": "issue7_ISSUE_ACTION_ITEM_000001.txt", "associated_object_type": "SOXTask", "modified_by": "user001", "modified_date": "2022-06-14T00:28:16.000-0400", "status": "ADDED" }, { "id": "13501", "name": "issue7_ISSUE_ACTION_ITEM_000001.txt", "associated_object_type": "SOXTask", "modified_by": "user001", "modified_date": "2022-06-14T00:28:16.000-0400", "status": "ADDED_PRIMARY" } ] }
Get fields Audit Log
Gets a list of FieldAuditLogs for the GRC Object specified by the id parameter. If no filter is specified, then all field logs are retrieved. Use the field_filters parameter to specify the filters.
GET /v2/contents/{id}/fields/auditlogs
Request
Path Parameters
GRC Object ID or Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
A comma-delimited list of field system names. Use to determine which field logs to retrieve.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 _@./#&+-]+(,[A-Za-z0-9 _@./#&+-]+)*
Start of date range in audit logs. Accepts ISO8601 date format. "yyyMMdd'T'HHmmssZ"
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
End of date range in audit logs. Accepts ISO8601 date format. "yyyMMdd'T'HHmmssZ"
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/contents/${id}/fields/auditlogs?start_date=20220616T075200-0400&end_date=20220616T075200-0400"
Response
Collection of Field Audit Log Types
Collection of Field Audit Logs
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "auditlogs": [ { "id": "1104", "name": "Assignee", "modified_by": "user001", "modified_date": "2022-06-10T06:49:28.000-0400", "old_value": "", "new_value": "jdoe" } ] }
Move GRC Objects
Moves a list of GRC Objects to a parent object specified by the id parameter. The moved Objects are created as children of the specified parent.
PUT /v2/contents/{id}/action/move
Request
Path Parameters
Parent GRC Object ID or Path to move the Objects to
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Request body containing the list of Object IDs to be moved and options for the move action
{
"ids": [
"19001"
],
"options": {
"include_children": true,
"conflict_behavior": "overwrite",
"type_definitions": [
"SOXIssue"
],
"type_associations": [
{
"parent_object_type": "SOXProcess",
"child_object_type": "SOXIssue"
}
],
"auto_name_children": false
}
}
Collection of Object IDs
Possible values: 0 ≤ number of items ≤ 100, 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Defines Action Option Type
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Content-Type: application/json" --data '{ "ids": [ "19001" ], "options": { "include_children": true, "conflict_behavior": "overwrite", "type_definitions": [ "SOXIssue" ], "type_associations": [ { "parent_object_type": "SOXProcess", "child_object_type": "SOXIssue" } ], "auto_name_children": false } }' "${base_url}/v2/contents/${id}/action/move"
Overwrite Field Values
Overwrites text fields of a object with a specific value and also overwrites references to those fields on the Activity Tab. This operation can only be performed by a Super Administrator and cannot be undone. Limitations:
- The data type of the fields to be overwritten must be string or long string.
- The display type of the fields in any profile must be one of text, text area, rich text, on demand, on demand rich text, or automatic.
- For system fields, only the description field and the comment field are allowed.
- Encrypted fields are not allowed.
- The new value cannot be null or empty.
PUT /v2/contents/{id}/action/overwriteproperties
Request
Path Parameters
GRC Object ID
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Query Parameters
Comma-delimited list of field definition IDs for the fields to be overwritten.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[0-9]+(,[0-9]+)*
Example:
21,22
New value to replace the existing value. Must not be empty.
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 _@./#&+-]*
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/contents/${id}/action/overwriteproperties?fields=21,22&value=${value}"
Purge Resource
Purges a resource to fully remove all references to the object from the system, including past versions, audit trail, OpenPages storage, and records from reporting periods. This operation can only be performed by a Super Administrator user and cannot be undone. Run this operation sequentially when purging multiple resources. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
DELETE /v2/contents/{id}/action/purge
Remove All Locks
Removes all locks from the specified GRC Object and from the hierarchy below the specified GRC Object.
DELETE /v2/contents/{id}/action/remove_all_locks
Request
Query Parameters
The XLSX file name, including the .xlsx extension.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
If User name is a numeric value then isName should be true.
Allowable values: [
true
,false
]Default:
false
The contents of the XLSX FastMap template.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/octet-stream" "${base_url}/v2/fastmap/import"
Request
Query Parameters
The XLSX file name, including the .xlsx extension.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
The contents of the XLSX FastMap template.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/octet-stream" "${base_url}/v2/fastmap/validate"
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/folders"
Response
Collection of FolderType Objects
Collection of FolderTypes
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "folders": [ { "name": "/", "id": "1", "path": "/", "is_folder": true, "creation_date": "2022-04-18T22:11:05.000-0400", "modified_date": "2022-04-18T22:11:05.000-0400", "parent_folder_id": "1", "description": "The root storage folder" } ] }
Create New Folder
Creates a Folder. To use a template folder to construct the request body, see the GET /folders/template operation.
POST /v2/folders
Request
Create a Folder.
{
"name": "testFolder",
"path": "testFolder",
"description": "TestFolder",
"parent_folder_id": "1"
}
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "name": "testFolder", "path": "testFolder", "description": "TestFolder", "parent_folder_id": "1" }' "${base_url}/v2/folders"
Response
Defines an Folder type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Status Code
Created Folder
201
{ "name": "ActionsFolder", "id": "18501", "path": "/_op_sox/Project/Default/ActionsFolder", "is_folder": true, "creation_date": "2022-06-23T01:42:22.000-0400", "modified_date": "2022-06-23T01:42:22.000-0400", "description": "All actions in this Folder", "parent_folder_id": "13", "creator": "user01", "last_modified_by": "user01" }
Request
Path Parameters
Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/folders/${folder_id}"
Response
Defines an Folder type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Status Code
200
200
{ "name": "Default", "id": "13", "path": "/_op_sox/Project/Default", "is_folder": true, "creation_date": "2022-04-18T22:12:56.000-0400", "modified_date": "2022-04-18T22:12:56.000-0400", "description": "Application Folder", "parent_folder_id": "12", "creator": "OPSystem", "last_modified_by": "OPSystem" }
Request
Path Parameters
ID of Folder to be updated
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Update an existing Folder
{
"id": "12595",
"name": "testFolder",
"path": "testFolder",
"description": "TestFolder updated description",
"parent_folder_id": "1"
}
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "id": "12595", "name": "testFolder", "path": "testFolder", "description": "TestFolder updated description", "parent_folder_id": "1" }' "${base_url}/v2/folders/${folder_id}"
Response
Defines an Folder type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Status Code
200
200
{ "name": "ActionsFolder", "id": "18501", "path": "/_op_sox/Project/Default/ActionsFolder", "is_folder": true, "creation_date": "2022-06-23T01:42:22.000-0400", "modified_date": "2022-06-23T01:46:45.000-0400", "description": "All department actions in this Folder", "parent_folder_id": "13", "creator": "user01", "last_modified_by": "user01" }
Delete Folder
Deletes a Folder and all of its contents. Cannot be undone.
DELETE /v2/folders/{folder_id}
Get Effective Permissions
Gets the effective permissions (ACL) for a user on a GRC Object resource.
Example path for GET request: /folders/1234/effectivePermissions?user=bill
GET /v2/folders/{folder_id}/permissions/effective
Request
Path Parameters
ID of Folder to get permissions from.
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Query Parameters
User name or ID. If a value is not specified, the effective permissions for the current user are retrieved.
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/folders/${folder_id}/permissions/effective"
Response
Defines a Resource Permission Type Object
Folder ID
Security Principal
Indicate if principal can read resource
Indicate if principal can write resource
Indicate if principal can delete resource
Indicate if principal can associate resources
Status Code
200
200
{ "folder_id": "13", "security_principal": "user01", "can_read": true, "can_write": true, "can_delete": true, "can_associate": true }
Get New Folder Template
Gets an empty Folder template that can be used to create a new folder. The response body can be used to construct the request body for a new folder for the POST /v2/folders endpoint.
GET /v2/folders/template
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/folders/template"
Response
Defines an Folder type
Resource Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource Title
Possible values: 1 ≤ length ≤ 4096, Value must match regular expression
[A-Za-z0-9 /_.-]*
Resource ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Path
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]*
Is Folder
Creation Date
Possible values: 1 ≤ length ≤ 29
Modified Date
Possible values: 1 ≤ length ≤ 29
Description
Possible values: 1 ≤ length ≤ 2048, Value must match regular expression
[A-Za-z0-9]*
Parent Folder ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Resource Creator
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
Resource last modified by
Status Code
200
200
{ "name": "foldername", "id": "-1", "is_folder": true, "parent_folder_id": "1" }
Get Folder Resources
Gets all resources contained in a folder. Results can be either GRC Object content or other Folders.
GET /v2/folders/{folder_id}/resources
Request
Path Parameters
ID of Folder to get contained resources from.
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Query Parameters
Which types of contained resources to return.
Allowable values: [
folder
,grcobject
,both
]Default:
both
0-based index of the first query result.
Default:
0
Specifies the desired maximum number of results per page.
Possible values: value ≤ 1000
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/folders/${folder_id}/resources"
Response
Collection of ResourceType Objects
Collection of ResourceType Objects
Possible values: 0 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "resources": [ { "name": "BusinessEntity", "id": "14", "path": "/_op_sox/Project/Default/BusinessEntity", "is_folder": true, "creation_date": "2022-04-19T02:12:56.000Z", "modified_date": "2022-05-03T11:12:34.000-0400", "description": "Application Folder", "parent_folder_id": "13", "creator": "OPSystem", "last_modified_by": "OpenPagesAdministrator" }, { "name": "ICDocumentation", "id": "15", "path": "/_op_sox/Project/Default/ICDocumentation", "is_folder": true, "creation_date": "2022-04-19T02:12:57.000Z", "modified_date": "2022-05-03T11:12:50.000-0400", "description": "Application Folder", "parent_folder_id": "13", "creator": "OPSystem", "last_modified_by": "OpenPagesAdministrator" }, { "name": "Issue", "id": "17", "path": "/_op_sox/Project/Default/Issue", "is_folder": true, "creation_date": "2022-04-19T02:12:57.000Z", "modified_date": "2022-04-18T22:12:57.000-0400", "description": "Application Folder", "parent_folder_id": "13", "creator": "OPSystem", "last_modified_by": "OPSystem" } ] }
Get Contents of Log Zip File
Gets the contents of the file containing the logs. The contents are returned as a octet-stream.
GET /v2/logs/collector/download/{zip_object_id}
Get subprocess Details for a process.
Gets the process details for the logs.
GET /v2/logs/collect/{process_id}
Request
Path Parameters
Used to fetch the subprocess.
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/logs/collect/${process_id}"
Response
Collection of log subprocess
Collection of log Subprocess
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
[ { "process_id": 2062, "zip_object_id": 13002, "process_type_id": 410, "name": "LogCollector_2024_04_28_11_14_41_opapp-OPNode1Server1.zip", "created_on": "2024-04-28T11:14:41.698-04:00", "formatted_created_on_date": "Apr 28, 2024 11:14:41 AM EDT", "is_finished": false, "percent_complete": 0, "description": "[LogCollector] Application \& Database Logs", "status": 0, "status_name": "Pending", "parent_process_name": "Launch Clustered LogCollectors", "parent_process_id": 2518, "create_by": "OpenPagesAdministrator", "modify_date": "Apr 28, 2024 11:14:41 AM EDT", "is_downloadable": true, "file_size": 10 } ]
Start Logging Process
Starts the log collecting process by specifying the type of logs to be included, such as db, app, or all.
POST /v2/logs/collect
Request
Query Parameters
Set the type of logs to be collected. Must be app, db, or all.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/logs/collect?include=${include}"
Response
Status Code
200
200
{ "process_id": 2519, "zip_object_id": 12307, "process_type_id": 290, "name": "Logs on Servers", "created_on": "2024-06-04T08:46:27.421-04:00", "formatted_created_on_date": "Jun 4, 2024 8:46:27 AM EDT", "is_finished": true, "percent_complete": 100, "description": "[LogCollector] Application \& Database Logs", "status": 16, "status_name": "Completed Successfully", "create_by": "OpenPagesAdministrator", "modify_date": "Jun 4, 2024 8:46:27 AM EDT", "is_downloadable": false }
Get Latest Process for Type
Gets the latest specific Process instance information by Process Type ID.
GET /v2/processes/latest/{process_type_id}
Request
Path Parameters
Process Type ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/processes/latest/${process_type_id}"
Response
Defines a Process Info type
Process ID
Process name
Process description
Process Type ID
Process created date
Process created by
Process status
Possible values: [
status_update_error
,status_pending
,status_queued
,status_started
,status_running
,status_warning
,status_finished_error
,status_terminated_system
,status_terminated_user
,status_finished_success
,status_finished_warning
,status_finished_partial_success
]Lists child processes
Possible values: 0 ≤ number of items ≤ 100
Flag to indicate if process finished
Parent process id
Describes process percentage completion
Status Code
200
200
{ "process_id": "2410", "name": "Start workflows in bulk", "description": " ", "process_type_id": "280", "finished": true, "created_on": "2022-06-23T00:00:01.007-0400", "created_by": "OPSystem", "status": "status_finished_success", "percent_complete": 100, "child_processes": [] }
Request
Path Parameters
Process instance ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Query Parameters
Specifies whether the response should include child processes
Default:
true
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/processes/${process_id}"
Response
Defines a Process Info type
Process ID
Process name
Process description
Process Type ID
Process created date
Process created by
Process status
Possible values: [
status_update_error
,status_pending
,status_queued
,status_started
,status_running
,status_warning
,status_finished_error
,status_terminated_system
,status_terminated_user
,status_finished_success
,status_finished_warning
,status_finished_partial_success
]Lists child processes
Possible values: 0 ≤ number of items ≤ 100
Flag to indicate if process finished
Parent process id
Describes process percentage completion
Status Code
200
200
{ "process_id": "1", "name": "OpenPagesAdministrator-1650335156093", "description": "Import Migration File", "process_type_id": "120", "finished": true, "created_on": "2022-04-18T22:26:00.074-0400", "created_by": "OpenPagesAdministrator", "status": "status_finished_success", "percent_complete": 100, "child_processes": [] }
Terminate a Process
Terminates a Process instance. Stops the process instance execution and cannot be undone.
PUT /v2/processes/{process_id}
Request
Path Parameters
Process instance ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Query Parameters
The terminate action to perform
Allowable values: [
terminate
]
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" "${base_url}/v2/processes/${process_id}?action=terminate"
Get Process Logs
Gets the Process Logs for a Process instance. Up to 1,000 process logs can be returned in one request. Use paging parameters to retrieve more logs.
GET /v2/processes/{process_id}/logs
Request
Path Parameters
Process instance ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Query Parameters
Specifies whether the response should include localized status labels
Default:
false
Number of log records to skip
Default:
0
Page size
Possible values: value ≤ 1000
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/processes/${process_id}/logs"
Response
Collection of ProcessLogType Objects
Collection of ProcessLogType
Possible values: 0 ≤ number of items ≤ 1000
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "process_logs": [ { "process_log_id": "3346", "process_id": "1", "status": "status_finished_success", "status_message": "Import Migration File: Completed", "end_time": "2022-04-18T23:08:07.516-0400", "error_message_id": "", "localized_status": "" }, { "process_log_id": "3345", "process_id": "1", "status": "status_running", "status_message": "Import Migration File: [user01-1650335156093] : Finished the import process...", "start_time": "2022-04-18T23:08:07.447-0400", "error_message_id": "", "localized_status": "" } ] }
Get all Process Types
Gets all Process Types in the Long Running Process Framework (LRPF).
GET /v2/processes/processtypes
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/processes/processtypes"
Response
Collection of ProcessTypeType Objects
Collection of ProcessTypeType Objects
Possible values: 0 ≤ number of items ≤ 100
Status Code
All Process Types
200
{ "processtypes": [ { "process_type_id": "230", "name": "Global Search", "description": "Global Search", "default_time_seconds": 3600, "is_multiple_instance": false, "is_terminate_upon_start": true }, { "process_type_id": "48", "name": "Associated Object Move", "description": "Associated Object Move", "default_time_seconds": 900, "is_multiple_instance": true, "is_terminate_upon_start": true }, { "process_type_id": "350", "name": "Encrypt With External Key", "description": "Encrypt With External Key", "default_time_seconds": 18000, "is_multiple_instance": false, "is_terminate_upon_start": true } ] }
Request
Query Parameters
Process instance ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
The parent Process ID of queried processes
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
The Process type id of queried processes
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
The Process status of queried processes in a comma-separated list
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z_-]*
To define a range of dates when the processes were created, specify a start date and time for the range. Use the XMLGregorianCalendar pattern "yyyyMMdd'T'HHmmssZ".
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
To define a range of dates when the processes were created, specify an end date and time for the range. Use the XMLGregorianCalendar pattern "yyyyMMdd'T'HHmmssZ".
Possible values: length = 20, Value must match regular expression
[0-9]{4}[0-9]{2}[0-9]{2}[T][0-9]{2}[0-9]{2}[0-9]{2}[+|-][0-9]{4}
Example:
20220616T075200-0400
The user who created the queried processes
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/processes?created_on_begin=20220616T075200-0400&created_on_end=20220616T075200-0400"
Response
Collection of ProcessTypeType
Collection of ProcessInfoType
Possible values: 0 ≤ number of items ≤ 100
Status Code
200
200
{ "processes": [ { "process_id": "2410", "name": "Start workflows in bulk", "description": " ", "process_type_id": "280", "finished": true, "created_on": "2022-06-23T00:00:01.007-0400", "created_by": "OPSystem", "status": "status_finished_success", "percent_complete": 100, "child_processes": [] }, { "process_id": "2409", "name": "Start workflows in bulk", "description": " ", "process_type_id": "280", "finished": true, "created_on": "2022-06-23T00:00:00.978-0400", "created_by": "OPSystem", "status": "status_finished_success", "percent_complete": 100, "child_processes": [] } ] }
Query Service - Get
Gets the results of a query on content based on SQL-like syntax with parameters passed by query. Paging of results is supported. The default page size is 50. The default page size can be modified with the /OpenPages/Platform/API/Query/Default PageSize registry setting. Results honor the current user's security permissions including role-based and security rules. To support proper pagination, results for unordered queries are ordered by the first column specified. This allows consistent pagination with repeated executions of the same query. Important: When there are fields on the object type that are excluded by the reporting schema, define the select statements using explicit column names that return the subset of fields that you require. Do not use select * because it is not supported.When querying data with single quote (') in a LIKE condition, make sure to escape the single quote with backslash (\).
GET /v2/query
Request
Query Parameters
Query statement. Is required and must follow Query-Service syntax.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 /_.-]
Example:
SELECT [Name] FROM [SOXBusEntity]
Number of results to be skipped. Used for paging.
Default:
0
Specify if string comparisons should be case-insensitive. Applies to all comparisons in WHERE clause.
Default:
false
Number of results to return, starting from offset.
Maximum number of results the query service retrieves from the database. Use 0 for all rows.
Default:
0
If JOIN syntax is used between Object Types, specifies whether to restrict to only include primary associations.
Default:
false
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/query?q=SELECT [Name] FROM [SOXBusEntity]"
Response
Defines query result type
Collection of results field definitions
Possible values: 1 ≤ number of items ≤ 100
Collection of result rows
Possible values: 1 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "definitions": [ { "id": "28", "name": "Resource ID", "data_type": "ID_TYPE" } ], "rows": [ { "fields": [ { "name": "Resource ID", "value": "48" } ] }, { "fields": [ { "name": "Resource ID", "value": "8002" } ] } ] }
Query Service - Post
Service to query content based on SQL-like syntax using POST method. Can use when query statement is lengthy or cannot be encoded. Paging of results is supported. The default page size is 50. The default page size can be modified with the /OpenPages/Platform/API/Query/Default PageSize registry setting. Results honor the current user's security permissions including role-based and security rules. To support proper pagination, results for unordered queries are ordered by the first column specified. This allows consistent pagination with repeated executions of the same query.
Important: When there are fields on the object type that are excluded by the reporting schema, define the select statements using explicit column names that return the subset of fields that you require. Do not use select * because it is not supported.When querying data with single quote (') in a LIKE condition, make sure to escape the single quote with backslash (\).Example: With python code use \\'
, while with curl command or any other API test tools the single quotes needs to be escaped with three backslash.
POST /v2/query
Request
Defines a query type
{
"statement": " SELECT [Resource ID] FROM [SOXDocument] ",
"offset": 0,
"max_rows": 2,
"limit": 50,
"case_insensitive": false,
"honor_primary": false
}
Query statement
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Specifies the starting result row
Total number of rows returned by the query
To set string-type conditions case-insensitive, default is false.
Number of rows per page
Only include primary associations
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "statement": " SELECT [Resource ID] FROM [SOXDocument] ", "offset": 0, "max_rows": 2, "limit": 50, "case_insensitive": false, "honor_primary": false }' "${base_url}/v2/query"
Response
Defines query result type
Collection of results field definitions
Possible values: 1 ≤ number of items ≤ 100
Collection of result rows
Possible values: 1 ≤ number of items ≤ 100
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "definitions": [ { "id": "28", "name": "Resource ID", "data_type": "ID_TYPE" } ], "rows": [ { "fields": [ { "name": "Resource ID", "value": "48" } ] }, { "fields": [ { "name": "Resource ID", "value": "8002" } ] } ] }
Get Results from Global Search
Gets the results of a Global Search of all GRC content. The search is performed by matching search terms across any field in the current user's profile and returns a list of results based on a search ranking. The results are sorted with the most relevant first. A specific range can be requested, and separate requests are used to retrieve subsequent ranges. The results are limited to the setting 'Platform / Search / Request / Result Cache Size'. Ranges beyond this size are not allowed. The search can be scoped by a list of Types, or all Types if not specified. Results honor the current user's security permissions including role-based and security rules.
Provides a REST end-point that can be compatible with a Dojo JsonRestStore client. The JsonRestStore follows RFC 2616 whenever possible to define interaction with server. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
GET /v2/search
Request
Custom Headers
For paging a client may include a HTTP Range header with an items range unit specifying the range. Example:
items=0-24
Possible values: 9 ≤ length ≤ 20, Value must match regular expression
items=([0-9]+)-([0-9]+)
Query Parameters
Search terms
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 _@./#&+-]*
Range of search results to return. If present, uses the value from the HTTP Range header. Otherwise, uses the value of this parameter. Format of range is
start#-end#
Possible values: 3 ≤ length ≤ 6, Value must match regular expression
[0-9 -]*
Default:
0-9
Object Types to include in search. All possible types are included if not specified. Format of types is a comma-delimited list of Object Type names or IDs. Deprecated in 7.3, Instead use 'fot' parameter.
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Example:
SOXRisk,SOXProcess,SOXControll
Global Search mode. Reserved for future use.
Allowable values: [
normal
]Default:
normal
Faceted Search by Object Types. All possible types are included if not specified. Format of types is comma-delimited list of Object Type names or IDs. If both 'fot' and 'types' are present, then types is ignored.
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Example:
SOXRisk,SOXProcess,SOXControll
Faceted Search by Users. Use a semicolon to represent more than one user facet to search on. Syntax:
{!T A}[DATA];{!T A}[DATA]
- !T = Type of user facet
- !c = creator
- !l = last modified by
- !o = user selected in fields
- A = Action on user facet
- m = me
- o = others, specify in DATA
- DATA = Data of user facet (comma-delimited list of user names or IDs)
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9 {}\[\]!,;]*
Example:
{!c m}[orm];{!l o}[alaudit,sueaudit,charlieaudit]
- !T = Type of user facet
Faceted Search by Date. Use a semicolon to represent more than one date facet. Syntax:
{!T A}[DATA];{!T A}[DATA]
- !T = Type of date facet
- !c = creation date
- !l = last modified date
- !o = date in fields
- A = Action on date facet
- o = on date
- r = date range
- p = previous days
- n = next days
- DATA = Data of date facet
- YYYY-MM-DD = a specific date
- YYYY-MM-DD TO YYYY-MM-DD = a date range
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9 {}\[\]!-;]*
Example:
{!c o}[2015-06-01];{!l r}[2016-01-01 TO 2016-06-31];{!o n}[7]
- !T = Type of date facet
Faceted Search by Folder Path. Use relative paths starting from below the Object type root folder.
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9 /;]*
Example:
/BE1/L1/Issue 84
Faceted Search by MIME type. Applies to file attachment search. Comma-delimited list of MIME Media types.
Possible values: 1 ≤ length ≤ 50, Value must match regular expression
[A-Za-z0-9 /-;]*
Example:
application/pdf
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/search?q=${q}&types=SOXRisk,SOXProcess,SOXControll&fot=SOXRisk,SOXProcess,SOXControll&fur={!c m}[orm];{!l o}[alaudit,sueaudit,charlieaudit]&fdt={!c o}[2015-06-01];{!l r}[2016-01-01 TO 2016-06-31];{!o n}[7]&ffp=/BE1/L1/Issue 84&fmt=application/pdf"
Response
Defines a Search Response Type
Collection of Search results
Possible values: 0 ≤ number of items ≤ 100
Search ID
Estimated results size
Status Code
Search results
Search parameters not provided in request body
200
{ "estimated_results": 10, "result_list": [ { "id": "7704", "name": "Issue Action Item 8", "description": "This is an example of free text.", "path": "Test 21 / Test 22 / Issue Action Item 8", "title": "Example title", "object_type_id": "7", "object_type_name": "SOXTask", "object_type_label": "Action Item", "parent_folder_id": "6192", "custom_display_fields": [ { "field_label": "Additional Description", "display_type_id": 8, "value": "This is an example of free text." } ] }, { "id": "7707", "name": "Issue Action Item 11", "description": "This is an example of free text.", "path": "Test 31 / Test 32 / Issue Action Item 11", "title": "Another example title", "object_type_id": "7", "object_type_name": "SOXTask", "object_type_label": "Action Item", "parent_folder_id": "6291", "custom_display_fields": [ { "field_label": "Additional Description", "display_type_id": 8, "value": "This is an example of free text." } ] } ] }
400
{ "status_code": "400", "errors": [ { "code": "-24007", "text": "java.lang.IllegalArgumentException: Search parameter 'q' is required and cannot be empty", "message": "OP-24007: Please enter valid search terms. [VLGB93UGYELA]", "status": "Bad Request" } ] }
Global Search - Post
Global Search of all GRC data. The search is performed by matching search terms across any field in the current user's profile and returns a list of results based on a search ranking (most relevant first). A specific range can be requested, and separate requests are used to retrieve subsequent ranges. The results are limited to the setting 'Platform / Search / Request / Result Cache Size'. Ranges beyond this size are not allowed. The search can be scoped by a list of Types, or all Types if not specified. Results honor the current user's security permissions including role-based and security rules. This operation is available only for OpenPages (on premise), OpenPages on Cloud, and OpenPages for Cloud Pak for Data. It is not available for OpenPages as a Service.
POST /v2/search
Request
Search parameters
{
"q": "Issue Actions",
"page_size": 10
}
Search string
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9 _@./#&+-]*
Page size
Search id
Possible values: 1 ≤ length ≤ 30, Value must match regular expression
[0-9]*
Object Types to include in search
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Global Search mode
Allowable values: [
normal
]Page
Faceted Search by Object Types
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Faceted Search by Users
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9 {}\[\]!,;]*
Faceted Search by Date
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9 {}\[\]!-;]*
Faceted Search by Folder Path
Possible values: 1 ≤ length ≤ 512, Value must match regular expression
[A-Za-z0-9 /;]*
Search fmt to specify MIME Media types
Possible values: 1 ≤ length ≤ 50, Value must match regular expression
[A-Za-z0-9 /-;]*
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "q": "Issue Actions", "page_size": 10 }' "${base_url}/v2/search"
Response
Defines a Search Response Type
Collection of Search results
Possible values: 0 ≤ number of items ≤ 100
Search ID
Estimated results size
Status Code
Search results
Search parameters not provided in request body
200
{ "estimated_results": 10, "result_list": [ { "id": "7704", "name": "Issue Action Item 8", "description": "This is an example of free text.", "path": "Test 21 / Test 22 / Issue Action Item 8", "title": "Example title", "object_type_id": "7", "object_type_name": "SOXTask", "object_type_label": "Action Item", "parent_folder_id": "6192", "custom_display_fields": [ { "field_label": "Additional Description", "display_type_id": 8, "value": "This is an example of free text." } ] }, { "id": "7707", "name": "Issue Action Item 11", "description": "This is an example of free text.", "path": "Test 31 / Test 32 / Issue Action Item 11", "title": "Another example title", "object_type_id": "7", "object_type_name": "SOXTask", "object_type_label": "Action Item", "parent_folder_id": "6291", "custom_display_fields": [ { "field_label": "Additional Description", "display_type_id": 8, "value": "This is an example of free text." } ] } ] }
400
{ "status_code": "400", "errors": [ { "code": "-24007", "text": "java.lang.IllegalArgumentException: The request body must contain the search parameters for POST method.", "message": "OP-24007: Please enter valid search terms. [VLGD15A6XQ4Z]", "status": "Bad Request" } ] }
Run routing rules for given object IDs
Runs any defined regulatory events routing rules that might apply to the given object IDs. If there are no rules applicable for an object, it's still considered successful.
POST /v2/rules/run
Request
{
"object_ids": [
"12068",
"134537",
"/_op_sox/Project/Default/ICDocumentation/Regulatory Events/Library/RCM/RegEvents/TRRIRegEvents/I7D8E68203DD311EAA9C9B7A1807E26E0.txt",
"12069"
]
}
Object IDs
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "object_ids": [ "12068", "134537", "/_op_sox/Project/Default/ICDocumentation/Regulatory Events/Library/RCM/RegEvents/TRRIRegEvents/I7D8E68203DD311EAA9C9B7A1807E26E0.txt", "12069" ] }' "${base_url}/v2/rules/run"
Response
List of successful Object IDs
List of failed Object IDs
Status Code
200
200
{ "successful_objects": [ "12068", "12069" ], "failed_objects": [ { "object_id": "134537", "failure_reason": "OP-03100: Resource 134537 was not found. [V0L6DV3F7QJZ]" }, { "object_id": "/_op_sox/Project/Default/ICDocumentation/Regulatory Events/Library/RCM/RegEvents/TRRIRegEvents/I7D8E68203DD311EAA9C9B7A1807E26E0.txt", "failure_reason": "OP-03100: Resource /_op_sox/Project/Default/ICDocumentation/Regulatory Events/Library/RCM/RegEvents/TRRIRegEvents/I7D8E68203DD311EAA9C9B7A1807E26E0.txt was not found. [V0L6DV3L646E]" } ] }
Get Association Definition by ID
Gets an association definition for an Object Type by the association's ID.
GET /v2/types/{type_id}/associations/{association_id}
Request
Path Parameters
Object Type ID or Object Type system name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Association definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Query Parameters
Include Labels for all Locales or only the labels for current user's locale
Default:
false
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/types/${type_id}/associations/${association_id}"
Response
Defines an association definition type
Association definition type ID
Association definition type name
Association definition type localized label
Collection of Localized Label
Possible values: 0 ≤ number of items ≤ 100
localized plural label
Collection of Localized Plural Label
Possible values: 0 ≤ number of items ≤ 100
Association definition id
Relationship type
Maximum number of associations
Minimum number of associations
Is enabled
Status Code
200 OK
Object Type not found
200
{ "id": "2", "name": "SOXProject", "localized_label": "SOXProject", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "SOXProject" }, { "locale_iso_code": "en_US", "localized_label": "SOXProject" } ], "localized_plural_label": "SOXProject", "localized_plural_labels": [ { "locale_iso_code": "es_ES", "localized_label": "SOXProject" }, { "locale_iso_code": "en_US", "localized_label": "SOXProject" } ], "association_definition_id": "2", "max": 2147483647, "min": 1, "is_enabled": true, "relationship": "Parent", "enabled": true }
404
{ "status_code": "404", "errors": [ { "code": "-2", "message": "Not Found - associationId : 1021 not found." } ] }
Get all Non provisioned Solutions Usage
Gets all Non provisioned Solutions Usage.
GET /v2/types/usages/unclaimed
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/types/usages/unclaimed"
Response
Collection of Solution usage
Collection of NonProvisionSolutionAssetUsage
Possible values: 0 ≤ number of items ≤ 100
Status Code
200 OK
Solution usage not found
200
{ "solution_usages": [ { "solution_name": "Custom Object", "asset_types": [ { "name": "LevelTwo", "labels": { "de_DE": "LevelTwo", "en_CA": "LevelTwo", "en_GB": "LevelTwo", "en_US": "Level Two", "es_ES": "LevelTwo", "fr_FR": "LevelTwo", "it_IT": "LevelTwo", "ja_JP": "LevelTwo", "pt_BR": "LevelTwo", "zh_CN": "LevelTwo", "zh_TW": "LevelTwo" } }, { "name": "LevelOne", "labels": { "de_DE": "LevelOne", "en_CA": "LevelOne", "en_GB": "LevelOne", "en_US": "Level One", "es_ES": "LevelOne", "fr_FR": "LevelOne", "it_IT": "LevelOne", "ja_JP": "LevelOne", "pt_BR": "LevelOne", "zh_CN": "LevelOne", "zh_TW": "LevelOne" } } ] } ] }
404
{ "status_code": "404", "errors": [ { "code": "-1024", "message": "Not Found - Solution Usage Not found." } ] }
Get an Object Type by ID
Gets an Object Type. Use optional parameters to control what data is returned.
GET /v2/types/{type_id}
Request
Path Parameters
Object Type ID or Object Type system name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Query Parameters
Include Field definitions
Default:
true
Include Labels for all Locales or only the labels for current user's locale
Default:
false
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/types/${type_id}"
Response
Defines a TypeDefinition type
Type definition ID
Type name
Localized label on this type
Collection of Localized Label
Possible values: 0 ≤ number of items ≤ 100
Localized Plural label on this type
Collection of Localized Plural Label
Possible values: 0 ≤ number of items ≤ 100
JSP path to render this type
Path of the Root Folder
Resource ID of the Root Folder
List of fields under this type
Possible values: 0 ≤ number of items ≤ 100
Collection of File Type
Possible values: 0 ≤ number of items ≤ 100
Type description
Status Code
200 OK
Object Type not found
200
{ "id": "6", "name": "SOXIssue", "localized_label": "Issue", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Problema" }, { "locale_iso_code": "en_US", "localized_label": "Issue" } ], "localized_plural_label": "Issues", "localized_plural_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Problemas" }, { "locale_iso_code": "en_US", "localized_label": "Issues" } ], "description": "OpenPages GRC Object Type", "jsp_path": "/propertyForm/renderProperties.jsp", "root_folder_path": "/_op_sox/Project/Default/Issue", "root_folder_id": "17", "field_definitions": [ { "id": "28", "name": "Resource ID", "localized_label": "Resource ID", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Resource ID" }, { "locale_iso_code": "en_US", "localized_label": "Resource ID" } ], "localized_guidance": "Resource ID", "localized_guidances": [ { "locale_iso_code": "es_ES", "localized_label": "Resource ID" }, { "locale_iso_code": "en_US", "localized_label": "Resource ID" } ], "data_type": "ID_TYPE", "required": true, "description": "Resource ID", "computed": false, "read_only": true, "dependencies": [], "enum_values": [], "is_hierarchical": false }, { "id": "62", "name": "Comment", "localized_label": "Comment", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Comentario" }, { "locale_iso_code": "en_US", "localized_label": "Comment" } ], "localized_guidance": "Comment", "localized_guidances": [ { "locale_iso_code": "es_ES", "localized_label": "Comentario" }, { "locale_iso_code": "en_US", "localized_label": "Comment" } ], "data_type": "STRING_TYPE", "required": false, "description": "Version Comment", "computed": false, "read_only": false, "dependencies": [], "enum_values": [], "is_hierarchical": false } ], "file_types": [] }
404
{ "status_code": "404", "errors": [ { "code": "-1024", "message": "Not Found - OP-01024: The requested Object Type was not found. [VV5GJGMFW3SQ]" } ] }
Get Object Type Associations
Gets all Object Type association definitions for a GRC Object Type in the schema. Use the association_type parameter to retrieve only parent or child association definitions.
GET /v2/types/{type_id}/associations
Request
Path Parameters
GRC Object Type ID or GRC Object Type system name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Query Parameters
Include Labels for all Locales or only the labels for current user's locale
Default:
false
Filters object associations based on association type. Value can be parent or child.
Allowable values: [
parent
,child
]
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/types/${type_id}/associations"
Response
Defines Association Definition Types
Collection of Association Definition Type
Possible values: 0 ≤ number of items ≤ 100
Status Code
200 OK
Object Type not found
200
{ "associations": [ { "id": "2", "name": "SOXProject", "localized_label": "SOXProject", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "SOXProject" }, { "locale_iso_code": "en_US", "localized_label": "SOXProject" } ], "localized_plural_label": "SOXProject", "localized_plural_labels": [ { "locale_iso_code": "es_ES", "localized_label": "SOXProject" }, { "locale_iso_code": "en_US", "localized_label": "SOXProject" } ], "association_definition_id": "2", "max": 2147483647, "min": 1, "is_enabled": true, "relationship": "Parent", "enabled": true }, { "id": "5", "name": "SOXBusEntity", "localized_label": "Business Entity", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Entidad de negocios" }, { "locale_iso_code": "en_US", "localized_label": "Business Entity" } ], "localized_plural_label": "Business Entities", "localized_plural_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Entidades de negocios" }, { "locale_iso_code": "en_US", "localized_label": "Business Entities" } ], "association_definition_id": "4", "max": 2147483647, "min": 1, "is_enabled": true, "relationship": "Parent", "enabled": true } ] }
404
{ "status_code": "404", "errors": [ { "code": "-1024", "message": "Not Found - OP-01024: The requested Object Type was not found. [VV5GSZHSKA5T]" } ] }
Get all Object Types
Gets a list of all GRC Object Types. Use optional parameters to control data returned.
GET /v2/types
Request
Query Parameters
Include Field definitions
Default:
false
Include Labels for all Locales or only the labels for current user's locale
Default:
false
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/types"
Response
Collection of TypeDefinition Types
Collection of TypeDefinitions
Possible values: 0 ≤ number of items ≤ 100
Status Code
List all Object Types.
200
{ "types": [ { "id": "23", "name": "Assertion", "localized_label": "Assertion", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Problema" }, { "locale_iso_code": "de_DE", "localized_label": "Problem" } ], "localized_plural_label": "Assertions", "localized_plural_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Problemas" }, { "locale_iso_code": "de_DE", "localized_label": "Probleme" } ], "description": "Unified Object Type", "jsp_path": "/propertyForm/renderProperties.jsp", "root_folder_path": "/_op_sox/Project/Default/ICDocumentation/Assertions", "root_folder_id": "502", "field_definitions": [ { "id": "28", "name": "Resource ID", "localized_label": "Resource ID", "localized_guidance": "Resource ID", "localized_guidances": [], "data_type": "ID_TYPE", "required": true, "description": "Resource ID", "computed": false, "read_only": true, "dependencies": [], "enum_values": [], "is_hierarchical": false }, { "id": "62", "name": "Comment", "localized_label": "Comment", "localized_guidance": "Comment", "localized_guidances": [], "data_type": "STRING_TYPE", "required": false, "description": "Version Comment", "computed": false, "read_only": false, "dependencies": [], "enum_values": [], "is_hierarchical": false } ], "file_types": [] }, { "id": "24", "name": "Attestation", "localized_label": "Attestation", "localized_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Problema" }, { "locale_iso_code": "de_DE", "localized_label": "Problem" } ], "localized_plural_label": "Attestations", "localized_plural_labels": [ { "locale_iso_code": "es_ES", "localized_label": "Problemas" }, { "locale_iso_code": "de_DE", "localized_label": "Probleme" } ], "description": "Unified Object Type", "jsp_path": "/propertyForm/renderProperties.jsp", "root_folder_path": "/_op_sox/Project/Default/ICDocumentation/Attestations", "root_folder_id": "503", "field_definitions": [ { "id": "28", "name": "Resource ID", "localized_label": "Resource ID", "localized_guidance": "Resource ID", "localized_guidances": [], "data_type": "ID_TYPE", "required": true, "description": "Resource ID", "computed": false, "read_only": true, "dependencies": [], "enum_values": [], "is_hierarchical": false }, { "id": "62", "name": "Comment", "localized_label": "Comment", "localized_guidance": "Comment", "localized_guidances": [], "data_type": "STRING_TYPE", "required": false, "description": "Version Comment", "computed": false, "read_only": false, "dependencies": [], "enum_values": [], "is_hierarchical": false } ], "file_types": [] } ] }
Request
Processes a bulk request.
List of URIs that are used to indicate the namespaces of the SCIM schemas
A complex attribute containing resource metadata
Number of errors before halting processing.
List of bulk operations.
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "schemas": [] }' "${base_url}/v2/scim/Bulk"
Get top level groups
Gets the top-level groups in the system. Only Security Administrators can view groups. Use filters and response attributes to limit the list of users to return. Pagination and Sort parameters can be specified in the Query URL. For filter syntax, refer https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.2 . Following attribute operators are supported 'eq', 'ne', 'co', 'sw', 'ew', 'gt', 'ge', 'lt', 'le'. 'pr' is not supported currently. All Logical operators are supported. Query filter can be defined on following group core attributes - 'id', 'displayName'. Following group extension attributes can also be used in defining filters - 'description'. Extension attributes MUST be prefixed with extenstion URN when used in filters. Examples:-
filter=displayName eq "bjensen"
filter=displayName co "doe" and urn:ietf:params:scim:schemas:extension:openpages:GroupExtension:description eq "Group created through onboarding module"
To select resource attributes to be returned, use 'attributes' query parameter. For 'attributes' notation, refer https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.5 This query parameter is a multi-valued list of strings. 'excludedAttributes' is not supported. While listing group extension attributes in the 'attributes' parameter, schema URN can be omitted. Examples :-
attributes=displayName,description
attributes=displayName,members,description
To sort the query results, specify 'sortBy' and 'sortOrder' query parameters. In 'sortBy' parameter, the same list of attributes as in query filters are supported. Examples:-
sortBy=displayName&sortOrder=descending
sortBy=urn:ietf:params:scim:schemas:extension:openpages:GroupExtension:description&sortOrder=ascending
To page through large number of results, use pagination parameters of 'startIndex' and 'count'. refer https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.4
GET /v2/scim/Groups
Request
Query Parameters
Filter expression used to request a subset of resources
Example:
filter=displayName eq "bjensen"
Comma-separated list of resource attribute names to be returned in response
Default:
Example:
attributes=displayName,description
Specifies sort order. Values are 'ascending' or 'descending'.
Default:
ascending
Resource attribute name to sort on.
1-based index of the first query result
Default:
1
Specifies the desired maximum number of results per page
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/Groups?filter=filter=displayName eq \"bjensen\"&attributes=attributes=displayName,description"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
Status Code
200 OK
200
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 5, "startIndex": 1, "itemsPerPage": 100, "Resources": [ { "id": "3057", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "Rest_Test_Group_Filter-982a82cab59b-00a1", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "isEditable": true, "adminLevel": 0 } }, { "id": "3058", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "Rest_Test_Group_Filter-982a82cab59b-00a2", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "isEditable": true, "adminLevel": 0 } } ] }
Request
Create a group.
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group",
"urn:ietf:params:scim:schemas:extension:openpages:GroupExtension"
],
"displayName": "group_1007",
"members": [
{
"value": "1319",
"type": "User"
}
],
"urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": {
"description": "group_1007",
"parentId": "1608",
"roleAssignments": [
{
"roleName": "BC Manager",
"folder": "/_op_sox/Project/Default/BusinessEntity/Test 11"
}
]
}
}
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "group_1007", "members": [ { "value": "1319", "type": "User" } ], "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "description": "group_1007", "parentId": "1608", "roleAssignments": [ { "roleName": "BC Manager", "folder": "/_op_sox/Project/Default/BusinessEntity/Test 11" } ] } }' "${base_url}/v2/scim/Groups"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
Status Code
200
200
{ "id": "2110", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "group_1007", "members": [ { "value": "1319", "display": "bfrank", "type": "User" } ], "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "description": "group_1007", "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "roleAssignments": [ { "roleName": "BC Manager", "objectTypeName": "SOXBusEntity", "id": "1", "role": "510", "folder": "/_op_sox/Project/Default/BusinessEntity/Test 11", "objectType": "5", "securityPrincipal": "2110" } ], "isEnabled": true } }
Request
Path Parameters
Group name or ID.
Query Parameters
Comma separated list of resource attribute names to be returned in response
Example:
attributes=displayName,description
If Group name is a numeric value then isName should be true.
Default:
false
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/Groups/${id}?attributes=attributes=displayName,description"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
Status Code
200 OK
Requested object not found
200
{ "id": "1622", "meta": { "resourceType": "Group", "location": "https://localhost/opgrc/api/v2/scim/Groups/1622" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "Group001", "members": [ { "value": "1620", "display": "Group002", "type": "Group" }, { "value": "1621", "display": "User001", "type": "User" } ], "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "description": "SCIM test groups", "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "isEnabled": true } }
404
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:Error" ], "status": "404", "detail": "Not Found - OP-05064: The requested group was not found. [VOG1C9S54CJK]" }
Request
Path Parameters
Group name or ID.
Query Parameters
If Group name is a numeric value, set isName to true.
Default:
false
Replace all attributes of an existing group with the request payload
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group",
"urn:ietf:params:scim:schemas:extension:openpages:GroupExtension"
],
"displayName": "Group 001",
"urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": {
"description": "Group updated for division D001"
}
}
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "Group 001", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "description": "Group updated for division D001" }, "members": "[]" }' "${base_url}/v2/scim/Groups/${id}"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
Status Code
200
200
{ "id": "1635", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "Group 001", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "description": "Group updated for division D001", "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "adminPermissions": [], "isEnabled": true } }
Request
Path Parameters
Group name or ID.
Query Parameters
Comma-separated list of resource attribute names to be returned in response
Example:
attributes=displayName,description
If Group name is a numeric value then isName should be true.
Default:
false
Update one or more attributes of an existing group. For more details on form of the patch request, refer https://www.rfc-editor.org/rfc/rfc7644#section-3.5.2
{
"Operations": [
{
"op": "add",
"path": "members",
"value": {
"value": "1620",
"type": "Group"
}
}
]
}
curl -X PATCH --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "Operations": [ { "op": "add", "path": "members", "value": { "value": "1620", "type": "Group" } } ] }' "${base_url}/v2/scim/Groups/${id}?attributes=attributes=displayName,description"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A human-readable name for the Group
A list of members of the Group
A complex attribute containing resource metadata
Status Code
200
200
{ "id": "1635", "meta": { "resourceType": "Group", "location": "https://localhost/opgrc/api/v2/scim/Groups/1635" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension" ], "displayName": "Group 001", "members": [ { "value": "1620", "display": "Group-cd670aa6-d824-48a6-972c-6af2d56ca3ba", "type": "Group" } ], "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension": { "description": "Group created for division 001", "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "isEnabled": true } }
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/ResourceTypes"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A complex attribute containing resource metadata
Status Code
200 OK
200
{ "totalResults": 2, "itemsPerPage": 10, "startIndex": 1, "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "Resources": [ { "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ResourceType" ], "id": "User", "name": "User", "endpoint": "/Users", "description": "User Account", "schema": "urn:ietf:params:scim:schemas:core:2.0:User", "schemaExtensions": [ { "schema": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "required": true } ], "meta": { "location": "https://example.com/v2/ResourceTypes/User", "resourceType": "ResourceType" } } ] }
Get resource type by name
Gets a specific resource type by name.
GET /v2/scim/ResourceTypes/{resource_name}
Request
Path Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/ResourceTypes/${resource_name}"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A complex attribute containing resource metadata
Status Code
200 OK
Requested Resource type not found
200
{ "id": "User", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ResourceType" ], "name": "User", "description": "OpenPages Users", "endpoint": "/Users", "schema": "urn:ietf:params:scim:schemas:core:2.0:User", "schemaExtensions": [ { "schema": "urn:ietf:params:scim:schemas:extension:openpages:UserExtension", "required": true } ] }
404
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:Error" ], "status": "400", "detail": "Bad Request - ResourceType 'Employee' is not supported." }
Get schema by id
Gets a schema by the schema URI of the schema definition.
GET /v2/scim/Schemas/{schema_id}
Request
Path Parameters
Schema URI of Individual schema definitions
Example:
urn:ietf:params:scim:schemas:core:2.0:User
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/Schemas/${schema_id}"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A complex attribute containing resource metadata
Status Code
200 OK
200
{ "id": "urn:ietf:params:scim:schemas:core:2.0:User", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "User", "description": "OpenPages Users", "attributes": [ { "name": "userName", "type": "string", "description": "Unique identifier for the User", "uniqueness": "NONE" }, { "name": "name", "type": "complex", "multiValued": false, "subAttributes": [ { "name": "formatted", "type": "string", "description": "The full name", "required": false, "mutability": "READ_WRITE", "returned": "DEFAULT" }, { "name": "familyName", "type": "string", "description": "The family name of the User.", "mutability": "READ_WRITE", "returned": "DEFAULT", "uniqueness": "NONE" }, { "name": "givenName", "type": "string", "description": "The given name of the User.", "mutability": "READ_WRITE", "returned": "DEFAULT", "uniqueness": "NONE" }, { "name": "middleName", "type": "string", "description": "The middle name(s) of the User.", "mutability": "READ_WRITE", "returned": "DEFAULT", "uniqueness": "NONE" } ] }, { "name": "displayName", "type": "string", "description": "The name of the User, suitable for display to end-users.", "mutability": "READ_ONLY", "returned": "DEFAULT", "uniqueness": "NONE" } ] }
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/Schemas"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A complex attribute containing resource metadata
Status Code
200 OK
200
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "itemsPerPage": 100, "Resources": [ { "id": "urn:ietf:params:scim:schemas:core:2.0:Group", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Group", "description": "Top level Scim Group", "attributes": [ { "name": "displayName", "type": "string", "mutability": "READ_WRITE", "returned": "DEFAULT", "uniqueness": "NONE" } ] }, { "id": "urn:ietf:params:scim:schemas:extension:openpages:GroupExtension", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Group", "description": "Group Schema extension to define OpenPages Group attributes.", "attributes": [ { "name": "isEnabled", "type": "boolean", "mutability": "READ_WRITE", "returned": "DEFAULT", "uniqueness": "NONE" } ] }, { "id": "urn:ietf:params:scim:schemas:extension:openpages:UserExtension", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "User", "description": "User Schema extension to define OpenPages specific User attributes.", "attributes": [ { "name": "passwordCreationDate", "type": "dateTime", "mutability": "READ_ONLY", "returned": "DEFAULT", "uniqueness": "NONE" } ] }, { "id": "urn:ietf:params:scim:schemas:core:2.0:User", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "User", "description": "OpenPages Users", "attributes": [ { "name": "userName", "type": "string", "mutability": "READ_WRITE", "returned": "DEFAULT", "uniqueness": "NONE" } ] } ] }
Get service provider configuration
Gets a JSON structure that describes the SCIM specification features available on service provider.
GET /v2/scim/ServiceProviderConfig
Request
No Request Parameters
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/ServiceProviderConfig"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
A complex attribute containing resource metadata
Status Code
200 OK
200
{ "meta": { "resourceType": "ServiceProviderConfig" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig" ], "documentationUrl": "", "patch": { "supported": true }, "bulk": { "supported": false }, "filter": { "supported": true, "maxResults": 1000 }, "changePassword": { "supported": true }, "sort": { "supported": true }, "etag": { "supported": false }, "authenticationSchemes": [ { "type": "HTTP_BASIC", "name": "HTTP Basic", "description": "Authentication scheme using the HTTP Basic Standard" }, { "type": "OAUTH_BEARER", "name": "OAuth Bearer Token", "description": "Authentication scheme using the OAuth Bearer Token Standard" } ] }
List users
Lists the users defined in the OpenPages system. Use filters and response attributes to limit the list of users to return. Specify Pagination and Sort parameters in the Query URL. For filter syntax, refer https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.2 . Following attribute operators are supported 'eq', 'ne', 'co', 'sw', 'ew', 'gt', 'ge', 'lt', 'le'. 'pr' is not supported currently. All Logical operators are supported. Query filter can be defined on following user core attributes - 'ID', 'givenName', 'familyName', 'emails', 'userName', 'displayName'. Following user extension attributes can also be used in defining filters - 'description'. Extension attributes MUST be prefixed with extenstion URN when used in filters. Examples:-
filter=userName eq "bjensen"
filter=name.familyName eq "doe" and urn:ietf:params:scim:schemas:extension:openpages:UserExtension:description eq "User created through onboarding module"
To select resource attributes to be returned, use 'attributes' query parameter. For 'attributes' notation, refer https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.5 . This query parameter is a multi-valued list of strings. 'excludedAttributes' is not supported. While listing user extension attributes in the 'attributes' parameter, schema URN can be omitted. Examples :-
attributes=displayName,description
attributes=name.familyName,groups,description,preferredProfileName
To sort the query results, specify 'sortBy' and 'sortOrder' query parameters. In 'sortBy' parameter, the same list of attributes as in query filters are supported. Examples :-
sortBy=userName&sortOrder=descending
sortBy=urn:ietf:params:scim:schemas:extension:openpages:GroupExtension:description&sortOrder=ascending
To page through large number of results, use pagination parameters of 'startIndex' and 'count'. refer https://www.rfc-editor.org/rfc/rfc7644#section-3.4.2.4
GET /v2/scim/Users
Request
Query Parameters
Filter string used to request a subset of resources
Example:
filter=userName eq "bjensen"
Comma separated list of resource attribute names to be returned in response
Default:
Example:
attributes=name,groups,description,preferredProfileName
Specifies sort order. Values are 'ascending' or 'descending'
Default:
ascending
Resource attribute name to sort on.
1-based index of the first query result
Default:
1
Specifies the desired maximum number of results per page
Default:
100
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/Users?filter=filter=userName eq \"bjensen\"&attributes=attributes=name,groups,description,preferredProfileName"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
Unique identifier for the User
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9 _-]*
A complex attribute containing resource metadata
The components of the user's name
Used to indicate the User's default location
Indicates user's administrative status
Email addresses for the User
Groups this user is part of
Status Code
200 OK
200
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "itemsPerPage": 100, "Resources": [ { "id": "609", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "alaudit", "name": { "familyName": "Audit", "givenName": "Al" }, "displayName": "Al Audit - alaudit@localhost.com - alaudit", "locale": "en_US", "active": true, "emails": [ { "value": "alaudit@localhost.com" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "isLocked": false, "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "passwordCreationDate": "2023-04-28T03:06:46.216-04:00", "passwordExpiresInDays": 0, "canChangePassword": true, "isPasswordChangeFromAdmin": false, "isSecurityAdministrator": false } }, { "id": "610", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "annaudit", "name": { "familyName": "Audit", "givenName": "Ann" }, "displayName": "Ann Audit - annaudit@localhost.com - annaudit", "locale": "en_US", "active": true, "emails": [ { "value": "annaudit@localhost.com" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "isLocked": false, "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "passwordCreationDate": "2023-04-28T03:06:46.416-04:00", "passwordExpiresInDays": 0, "canChangePassword": true, "isPasswordChangeFromAdmin": false, "isSecurityAdministrator": false } } ] }
Request
Creates a user.
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:openpages:UserExtension"
],
"userName": "user001",
"name": {
"familyName": "John",
"givenName": "Doe"
},
"emails": [
{
"value": "johndoe@test.com"
}
],
"password": "something",
"locale": "en_US",
"urn:ietf:params:scim:schemas:extension:openpages:UserExtension": {
"description": "created through scim api"
}
}
List of URIs that are used to indicate the namespaces of the SCIM schemas
Unique identifier for the User
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9 _-]*
A complex attribute containing resource metadata
The components of the user's name
Used to indicate the User's default location
Indicates user's administrative status
Email addresses for the User
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "user001", "name": { "familyName": "John", "givenName": "Doe" }, "emails": [ { "value": "johndoe@test.com" } ], "password": "something", "locale": "en_US", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "description": "created through scim api" } }' "${base_url}/v2/scim/Users"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
Unique identifier for the User
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9 _-]*
A complex attribute containing resource metadata
The components of the user's name
Used to indicate the User's default location
Indicates user's administrative status
Email addresses for the User
Groups this user is part of
Status Code
200 OK
200
{ "id": "1636", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "user001", "name": { "familyName": "John", "givenName": "Doe" }, "displayName": "Doe John - johndoe@test.com - user001", "locale": "en_US", "active": true, "emails": [ { "value": "johndoe@test.com" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "description": "created through scim api", "isSecurityAdministrator": false, "preferredProfileName": "Testing" } }
Request
Path Parameters
User name or ID.
Query Parameters
If User name is a numeric value then isName should be true.
Default:
false
Comma separated list of resource attribute names to be returned in response
Example:
attributes=name,groups,description,preferredProfileName
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/scim/Users/${id}?attributes=attributes=name,groups,description,preferredProfileName"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
Unique identifier for the User
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9 _-]*
A complex attribute containing resource metadata
The components of the user's name
Used to indicate the User's default location
Indicates user's administrative status
Email addresses for the User
Groups this user is part of
Status Code
200 OK
Requested object not found
200
{ "id": "1311", "meta": { "resourceType": "User", "location": "https://localhost/opgrc/api/v2/scim/Users/1311" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "aburr", "name": { "familyName": "Burr", "givenName": "Aaron" }, "displayName": "Aaron Burr - aaron.burr@test.com - aburr", "locale": "en_US", "active": true, "emails": [ { "value": "aaron.burr@test.com" } ], "groups": [ { "value": "3", "display": "OpenPages", "type": "Group" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "description": "Aaron Burr user from division 1", "isLocked": false, "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "roleAssignments": [ { "roleName": "DevApiCreateIssue", "objectTypeName": "SOXBusEntity", "id": "1", "role": "1294", "folder": "/_op_sox/Project/Default/BusinessEntity/Test 11", "objectType": "5", "securityPrincipal": "1311" } ], "passwordCreationDate": "2023-03-17T04:14:02.721-04:00", "passwordExpiresInDays": 0, "canChangePassword": true, "isPasswordChangeFromAdmin": false, "isSecurityAdministrator": false, "availableProfileNames": [ "Testing" ], "preferredProfileName": "Testing" } }
404
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:Error" ], "status": "404", "detail": "Not Found - OP-05062: The requested user was not found. [VOGZG0WWWBY0]" }
Request
Path Parameters
User name or ID.
Query Parameters
If User name is a numeric value then isName should be true.
Default:
false
Replace all attributes of an existing user with the request payload
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:openpages:UserExtension"
],
"userName": "user001",
"name": {
"familyName": "Johnn",
"givenName": "Doe"
},
"emails": [
{
"value": "johnndoe2@test.com"
}
],
"password": "passw0rd",
"locale": "en_US",
"urn:ietf:params:scim:schemas:extension:openpages:UserExtension": {
"description": "Updated through scim api"
}
}
List of URIs that are used to indicate the namespaces of the SCIM schemas
Unique identifier for the User
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9 _-]*
A complex attribute containing resource metadata
The components of the user's name
Used to indicate the User's default location
Indicates user's administrative status
Email addresses for the User
curl -X PUT --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "user001", "name": { "familyName": "Johnn", "givenName": "Doe" }, "emails": [ { "value": "johnndoe2@test.com" } ], "password": "passw0rd", "locale": "en_US", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "description": "Updated through scim api" } }' "${base_url}/v2/scim/Users/${id}"
Response
A unique identifier for a SCIM resource
Possible values: 1 ≤ length ≤ 31
List of URIs that are used to indicate the namespaces of the SCIM schemas
Unique identifier for the User
Possible values: 1 ≤ length ≤ 320, Value must match regular expression
[A-Za-z0-9 _-]*
A complex attribute containing resource metadata
The components of the user's name
Used to indicate the User's default location
Indicates user's administrative status
Email addresses for the User
Groups this user is part of
Status Code
200 OK
200
{ "id": "1636", "meta": { "resourceType": "User", "location": "https://localhost/opgrc/api/v2/scim/Users/1636" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "user001", "name": { "familyName": "Johnn", "givenName": "Doe" }, "displayName": "Doe Johnn - johnndoe@test.com - user001", "locale": "en_US", "active": true, "emails": [ { "value": "johnndoe@test.com" } ], "groups": [ { "value": "3", "display": "OpenPages", "type": "Group" }, { "value": "4", "display": "Standalone Users and Groups", "type": "Group" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "description": "Updated through scim api", "isSecurityAdministrator": false, "preferredProfileName": "Testing" } }
Patch User
Updates the attributes of an existing user. Can be used to update roles for a user. For more details on the format of the patch request, refer https://www.rfc-editor.org/rfc/rfc7644#section-3.5.2
PATCH /v2/scim/Users/{id}
Request
Path Parameters
User name or ID
Query Parameters
If User name is a numeric value then isName should be true.
Default:
false
Comma separated list of resource attribute names to be returned in response
Example:
attributes=name,groups,description,preferredProfileName
Patches an existing user
Example of User update
userUpdate
{
"Operations": [
{
"op": "replace",
"path": "name",
"value": {
"familyName": "New_familyName",
"givenName": "NewGivenName"
}
}
]
}
Example of role assignments
roleAssignmentsExample
{
"Operations": [
{
"op": "replace",
"path": "urn:ietf:params:scim:schemas:extension:openpages:UserExtension:roleAssignments",
"value": [
{
"role": "507",
"folder": "/_op_sox/Project/Default/BusinessEntity",
"securityPrincipal": "1029",
"grcObjectType": "SOXBusEntity"
},
{
"role": "509",
"folder": "/_op_sox/Project/Default/BusinessEntity",
"securityPrincipal": "1029",
"grcObjectType": "SOXBusEntity"
}
]
}
]
}
curl -X PATCH --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: application/json" --data '{ "Operations": [ { "op": "replace", "path": "name", "value": { "familyName": "New_familyName", "givenName": "NewGivenName" } } ] }' "${base_url}/v2/scim/Users/${id}?attributes=attributes=name,groups,description,preferredProfileName"
Response
Status Code
200
200
{ "id": "1636", "meta": { "resourceType": "User", "location": "https://localhost/opgrc/api/v2/scim/Users/1636" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "user001", "name": { "familyName": "New_familyName", "givenName": "NewGivenName" }, "displayName": "NewGivenName New_familyName - johnndoe@test.com - user001", "locale": "en_US", "active": true, "emails": [ { "value": "johnndoe@test.com" } ], "groups": [ { "value": "3", "display": "OpenPages", "type": "Group" }, { "value": "4", "display": "Standalone Users and Groups", "type": "Group" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "description": "created through scim api", "isSecurityAdministrator": false } }
200-roleAssignments
{ "id": "1029", "meta": { "resourceType": "User", "location": "https://localhost/opgrc/api/v2/scim/Users/pcm" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:openpages:UserExtension" ], "userName": "pcm", "name": { "familyName": "New_familyName", "givenName": "NewGivenName" }, "displayName": "NewGivenNameNew_familyName-pcm@localhost.com-pcm", "locale": "en_US", "active": true, "emails": [ { "value": "pcm@localhost.com" } ], "groups": [ { "value": "3", "display": "OpenPages", "type": "Group" }, { "value": "1001", "display": "SampleUsers", "type": "Group" }, { "value": "10", "display": "SecurityDomains", "type": "Group" } ], "urn:ietf:params:scim:schemas:extension:openpages:UserExtension": { "isLocked": false, "isHidden": false, "isDeleted": false, "isEditable": true, "adminLevel": 0, "roleAssignments": [ { "roleName": "Assignee", "objectTypeName": "SOXBusEntity", "id": "1", "role": "507", "folder": "/_op_sox/Project/Default/BusinessEntity", "objectType": "5", "securityPrincipal": "1029" }, { "roleName": "BCEndUser", "objectTypeName": "SOXBusEntity", "id": "2", "role": "509", "folder": "/_op_sox/Project/Default/BusinessEntity", "objectType": "5", "securityPrincipal": "1029" } ], "passwordCreationDate": "2024-09-20T04:55:02.198-04:00", "passwordExpiresInDays": 0, "canChangePassword": true, "isPasswordChangeFromAdmin": false, "isSecurityAdministrator": false, "availableProfileNames": [ "OpenPagesPCMMaster" ], "preferredProfileName": "OpenPagesPCMMaster", "isTemporaryPassword": false } }
Retrieve workflow instance data for the given workflow instance id
Retrieve workflow instance data for the given workflow instance id.
GET /v2/workflows/instances/{id}
Request
Path Parameters
The Activity Instance id.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/instances/${id}"
Response
The workflow activity instance data type definition.
WorkFlow activity instance status
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[A-Za-z0-9]*
WorkFlow activity instance criticality
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[A-Za-z]*
Workflow Due Date
Assignees
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z]*
Workflow prcoess Start Date
Workflow process Due Date
The workflow activity instance grc object data type definition.
Activity instance workflow data type definition.
WorkFlow activity instance id
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Status Code
200
200
{ "id": "385", "status": "Stage 2", "criticality": "medium", "due_date": "5/29/2013", "assignees": [ "pcm" ], "process_start_date": "6/14/2023", "process_due_date": "6/5/2013", "grc_object": { "id": "9001", "name": "Iss-11-001-AI_03", "path": "/_op_sox/Project/Default/IssueActionItems/Global Financial Services/North America/Retail Banking", "type_definition": { "id": "7", "name": "SOXTask", "label": "Action Item" } }, "workflow": { "id": "1", "name": "Action Item Approval Workflow", "label": "Action Item Approval Workflow", "version": "1", "activity": { "id": "3", "name": "Stage 2", "label": "In Progress" } } }
Get Workflow Process Definition by Id
Returns a workflow process definition given it's id.
GET /v2/workflows/definitions/{id}
Request
Path Parameters
The Workflow definition id.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/definitions/${id}"
Response
The workflow definition
Workflow Definition Name
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Workflow Definition Label
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Object Type's Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Type of workflow
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[a-z]*
State of this version of the workflow
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[a-z]*
State of the latest version of the workflow
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[a-z]*
Lists workflow activities
Possible values: 0 ≤ number of items ≤ 1000
Workflow Definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Workflow Definition Version ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Version number
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Latest version number for the workflow definition
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Is Workflow automated
Is Workflow enabled
Workflow last modified by
Modification date
Workflow Creator
Created on date
Status Code
200
200
{ "name": "Sample Workflow", "label": "Sample Workflow", "modifiedDate": "2026-07-05T02:42:59.042-04:00", "modifiedBy": "admin", "createdDate": "2026-07-05T02:42:59.042-04:00", "createdBy": "admin", "id": "36", "version_id": "36", "type": "standard", "type_definition_name": "SOXBusEntity", "version_number": "1", "latest_version_number": "1", "state": "published", "last_version_state": "published", "is_automated": false, "is_enabled": true, "activities": [ { "name": "Start", "label": "Start", "transitions": [ { "name": "Complete", "label": "Complete", "target": "End", "run_in_background": false, "notify_assignees": true, "notify_subscribers": true } ], "id": "151", "type": "start", "access_type": "open" }, { "name": "End", "label": "End", "id": "152", "type": "end", "access_type": "open" } ] }
Get Workflow Process Definition by Version Id
Returns a workflow process definition given it's versionid.
GET /v2/workflows/definitions/version/{id}
Request
Path Parameters
The Workflow definition version id.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/definitions/version/${id}"
Response
The workflow definition
Workflow Definition Name
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Workflow Definition Label
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]*
Object Type's Name
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[A-Za-z0-9]*
Type of workflow
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[a-z]*
State of this version of the workflow
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[a-z]*
State of the latest version of the workflow
Possible values: 1 ≤ length ≤ 256, Value must match regular expression
[a-z]*
Lists workflow activities
Possible values: 0 ≤ number of items ≤ 1000
Workflow Definition ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Workflow Definition Version ID
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Version number
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Latest version number for the workflow definition
Possible values: 1 ≤ length ≤ 31, Value must match regular expression
[0-9]*
Is Workflow automated
Is Workflow enabled
Workflow last modified by
Modification date
Workflow Creator
Created on date
Status Code
200
200
{ "name": "Sample Workflow", "label": "Sample Workflow", "modifiedDate": "2026-07-05T02:42:59.042-04:00", "modifiedBy": "admin", "createdDate": "2026-07-05T02:42:59.042-04:00", "createdBy": "admin", "id": "36", "version_id": "36", "type": "standard", "type_definition_name": "SOXBusEntity", "version_number": "1", "latest_version_number": "2", "state": "published", "last_version_state": "draft", "is_automated": false, "is_enabled": true, "activities": [ { "name": "Start", "label": "Start", "transitions": [ { "name": "Complete", "label": "Complete", "target": "End", "run_in_background": false, "notify_assignees": true, "notify_subscribers": true } ], "id": "151", "type": "start", "access_type": "open" }, { "name": "End", "label": "End", "id": "152", "type": "end", "access_type": "open" } ] }
Get Workflow Process Definitions
Returns all workflow process definitions. Use optional parameter to filter by object type.
GET /v2/workflows/definitions
Request
Query Parameters
The GRC object type to return workflows for. Can be an id or a name.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Activities and actions are included by default. Set this to false to filter them out.
Possible values: 1 ≤ length ≤ 5, Value must match regular expression
[A-Za-z]*
Default:
true
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/definitions"
Response
Collection of WFProcessDefinitionType Objects
Collection of WFProcessDefinitionType
Possible values: 0 ≤ number of items ≤ 1000
Total number of records
Specify index of the first query result.
Specifies the desired maximum number of results per page.
Status Code
200
200
{ "definitions": [ { "name": "Sample Workflow", "label": "Sample Workflow", "modifiedDate": "2026-07-05T02:42:59.042-04:00", "modifiedBy": "admin", "createdDate": "2026-07-05T02:42:59.042-04:00", "createdBy": "admin", "id": "36", "version_id": "36", "type": "standard", "type_definition_name": "SOXBusEntity", "version_number": "1", "latest_version_number": "1", "state": "published", "last_version_state": "published", "is_automated": false, "is_enabled": true, "activities": [ { "name": "Start", "label": "Start", "transitions": [ { "name": "Complete", "label": "Complete", "target": "End", "run_in_background": false, "notify_assignees": true, "notify_subscribers": true } ], "id": "151", "type": "start", "access_type": "open" }, { "name": "End", "label": "End", "id": "152", "type": "end", "access_type": "open" } ] } ] }
Transition GRC Object to New Workflow State
Transitions a GRC object to the new workflow state based on the instance ID and transition name.
POST /v2/workflows/instances/{id}/transition/{transition}
Request
Path Parameters
The Workflow instance id.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
The name of the Workflow action to perform.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[A-Za-z]*
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/instances/${id}/transition/${transition}"
Response
Status Code
Successfully ran the workflow on the GRC object, transitioning the GRC object to the new state.
200
{ "grc_object_id": "13002", "workflow_id": "121", "process_state": "open", "activity_instance_id": "741", "activity_id": "582", "activity_name": "processing_stage", "activity_label": "processing_stage" }
Retrieve workflow instances using search parameters
Returns all workflow process instance data based on the search parameter.
GET /v2/workflows/instances/search
Request
Query Parameters
Field to sort results by.
Allowable values: [
due_date
,workflow
,activity
]Default:
due_date
Direction to sort results. asc or desc
Allowable values: [
asc
,desc
]Default:
asc
User's role to filter on.
Allowable values: [
assignee
,subscriber
,oversight
]User to filter on. Can be username or id.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Type Definition to filter on. Can be name or id.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Workflow to filter on. Can be name or id.
Possible values: 1 ≤ length ≤ 1024, Value must match regular expression
[A-Za-z0-9]+(,[A-Za-z0-9]+)*
Whether to return due date result counts with the list of activity instances
Default:
false
Dimension to group due date counts by.
Allowable values: [
type_definition
,criticality
,workflow
,activity
]Default:
type_definition
The scope to aggregate due date counts.
Allowable values: [
day
,week
,month
,year
]Default:
week
The page of results to return.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
Default:
1
The max number of results returned by each request.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
curl -X GET --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/instances/search"
Response
Collection of workflow activity instances.
Counts of activity instances by due date and optional dimension.
Pagination data
Status Code
200
200
{ "activity_instances": [ { "id": "3", "status": "Stage 2", "criticality": "medium", "due_date": "9/8/2013", "assignees": [ "OpenPagesAdministrator" ], "process_start_date": "6/14/2023", "process_due_date": "9/15/2013", "grc_object": { "id": "9004", "name": "Iss-11-001-AI_06", "path": "/_op_sox/Project/Default/ICDocumentation/Workpapers/AI/001", "type_definition": { "id": "7", "name": "SOXTask", "label": "Action Item" } }, "workflow": { "id": "388", "name": "Action Item Approval Workflow", "label": "Action Item Approval Workflow", "version": "1", "activity": { "id": "1", "name": "In Progress", "label": "In Progress" } } } ], "paging": { "total_count": 212, "page": 1, "page_size": 40 } }
Start the workflow process for the given workflow id and grc object id
Start the workflow process for the given workflow id and grc object id.
POST /v2/workflows/definitions/{id}/start/{grc_object_id}
Request
Path Parameters
The Workflow definition id.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
The Grc Object id.
Possible values: 1 ≤ length ≤ 10, Value must match regular expression
[0-9]*
curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" "${base_url}/v2/workflows/definitions/${id}/start/${grc_object_id}"