Get an Access Bundle
get
/access-governance/access-controls/20250331/accessBundles/{accessBundleId}
Returns details of an access bundle with a given ID.
Request
Path Parameters
-
accessBundleId(required): string
A filter to be used for finding Access Bundles with the given id. Available values can be found using the ListAccessBundles operation.
Header Parameters
-
opc-request-id: string
The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.
Response
Supported Media Types
- application/json
200 Response
The Access Bundle for the given id
Headers
-
etag: string
For optimistic concurrency control. See `if-match`.
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : AccessBundle
Type:
objectAccess Bundle object.
Show Source
-
accessGuardrail:
object AccessGuardrailDetails
Access Guardrail object.
-
accessTimeLimit:
object AccessBundleTimeLimit
Time limit definition. Only one of daysLimit, hoursLimit, or dateTimeLimit should be specified.
-
accessTimeLimitType:
string
Allowed Values:
[ "INDEFINITELY", "NUMBER_OF_DAYS", "NUMBER_OF_HOURS" ]Time limit type of the access bundle. -
accountProfileId:
string
Configured account profile id for the access bundle.
-
accountProfileName:
string
configured account profile name for the access bundle.
-
approvalWorkflowId:
object IdInfo
Generic identifying information object.
-
autoApproveIfNoViolation:
boolean
Boolean flag to indicate auto approve if no violation in access request to the Access Bundle.
-
cloudAccountName:
string
Cloud Account name of OCI bundle i.e., OCI tenancy.
-
compartmentFqn:
string
Compartment full name of OCI bundle.
-
compartmentName:
string
Compartment name of OCI bundle.
-
createdBy:
object IdInfo
Generic identifying information object.
-
customAttributes:
object customAttributes
Metadata associated with the access bundle.
-
description:
string
Description of the Access Bundle.
-
displayName:
string
Display Name of the Access Bundle.
-
domainName:
string
Domain name of OCI bundle.
-
externalId:
string
ExternalId of the Access Bundle.
-
id(required):
string
Unique identifier that is immutable on creation.
-
name:
string
Name of the Access Bundle.
-
orchestratedSystem:
object IdInfo
Generic identifying information object.
-
orchestratedSystemAttributes:
object OrchestratedSystemAttributeSummary
Account & permission attributes.
-
orchestratedSystemType:
string
Orchestrated System type.
-
owners:
array owners
List of owner entities.
-
ownershipCollectionId:
string
Ownership collection associated with the Access Bundle.
-
permissions:
array permissions
List of permissions
-
requestableBy:
object IdInfo
Generic identifying information object.
-
resourceType:
string
Resource Type of an OCI Access Bundle.
-
status:
string
Allowed Values:
[ "ACTIVE", "DRAFT", "INACTIVE", "PENDING", "FAILED", "IN_PROGRESS", "SAVED", "SUCCESS", "TIMEOUT" ]Status of the Access Bundle. -
tags:
array tags
List of tags attached to the Access Bundle.
-
timeCreated:
string(date-time)
Time when the Access Bundle was created. An RFC3339 formatted datetime string.
-
timeUpdated:
string(date-time)
Time when the Access Bundle was last updated. An RFC3339 formatted datetime string.
-
updatedBy:
object IdInfo
Generic identifying information object.
Nested Schema : AccessGuardrailDetails
Type:
objectAccess Guardrail object.
Show Source
-
id(required):
string
The access guardrail id.
-
name(required):
string
The access guardrail name.
Nested Schema : AccessBundleTimeLimit
Type:
objectTime limit definition. Only one of daysLimit, hoursLimit, or dateTimeLimit should be specified.
Show Source
-
daysLimit:
object AccessBundleTimeLimitDays
Time limit definition in days.
-
hoursLimit:
object AccessBundleTimeLimitHours
Time limit definition in hours.
Nested Schema : IdInfo
Type:
objectGeneric identifying information object.
Show Source
-
displayName:
string
Display Name of the entity.
-
id:
string
Id of the entity.
-
name:
string
Name of the entity.
Nested Schema : customAttributes
Type:
objectMetadata associated with the access bundle.
Show Source
Nested Schema : OrchestratedSystemAttributeSummary
Type:
objectAccount & permission attributes.
Show Source
-
accountAttributes:
array accountAttributes
List of Orchestrated System account attributes.
-
permissionAttributes:
array permissionAttributes
List of Orchestrated System permission attributes.
Nested Schema : owners
Type:
arrayList of owner entities.
Show Source
-
Array of:
object OwnerSummary
Owner entity object
Nested Schema : permissions
Type:
arrayList of permissions
Show Source
-
Array of:
object PermissionSummary
Description of Permission.
Nested Schema : AccessBundleTimeLimitDays
Type:
objectTime limit definition in days.
Show Source
-
accessLimitInDays(required):
integer
Minimum Value:
1Maximum Value:365Maximum number of days allowed before expiry. -
extensionApprovalWorkflowId(required):
object IdInfo
Generic identifying information object.
-
extensionInDays(required):
integer
Minimum Value:
1Maximum Value:90Number of days extensions is allowed. -
notificationInDays(required):
integer
Minimum Value:
1Maximum Value:30Number of days when notification should be sent.
Nested Schema : AccessBundleTimeLimitHours
Type:
objectTime limit definition in hours.
Show Source
-
accessLimitInHours(required):
integer
Minimum Value:
1Maximum Value:24Maximum number of hours allowed before expiry. -
extensionApprovalWorkflowId(required):
object IdInfo
Generic identifying information object.
-
extensionInHours(required):
integer
Minimum Value:
1Maximum Value:8Number of hours extension is allowed. -
notificationInHours(required):
integer
Minimum Value:
1Maximum Value:24Number of hours when notification should be sent.
Nested Schema : accountAttributes
Type:
arrayList of Orchestrated System account attributes.
Show Source
-
Array of:
object OrchestratedSystemAttributeDataSummary
Orchestrated System Attributes
Nested Schema : permissionAttributes
Type:
arrayList of Orchestrated System permission attributes.
Show Source
-
Array of:
object OrchestratedSystemAttributeDataSummary
Orchestrated System Attributes
Nested Schema : OrchestratedSystemAttributeDataSummary
Type:
objectOrchestrated System Attributes
Show Source
-
children:
array children
nested attributes
-
discriminator:
string
this field signify attribute field is password
-
isQuestion:
boolean
Indicates if this Orchestrated System Attribute will be presented as a question.
-
name:
string
Attribute name - Unique identifier
-
permissionType:
string
Permission Type
-
title:
string
Display Name for the attribute.
-
type:
string
Type of attribute
-
values:
array values
Attribute Values
Nested Schema : children
Type:
arraynested attributes
Show Source
-
Array of:
object NestedAttributesSummary
Nested set of Orchestrated System attributes
Nested Schema : NestedAttributesSummary
Type:
objectNested set of Orchestrated System attributes
Show Source
-
items:
array items
Orchestrated System attributes
Nested Schema : items
Type:
arrayOrchestrated System attributes
Show Source
-
Array of:
object OrchestratedSystemAttributeDataSummary
Orchestrated System Attributes
Nested Schema : OwnerSummary
Type:
objectOwner entity object
Show Source
-
id(required):
string
Unique identifier that is immutable on creation
-
isPrimary(required):
boolean
Is this entity the primary owner?
-
name(required):
string
Name of the owner
Nested Schema : PermissionSummary
Type:
objectDescription of Permission.
Show Source
-
description:
string
Description of the permission
-
id(required):
string
The Unique Oracle ID (OCID) that is immutable on creation
-
name:
string
Name of the permission
-
permissionType:
object PermissionTypeSummary
PermissionType Summary.
-
resource:
object ResourceSummary
Resource Summary.
-
timeCreated:
string(date-time)
Time when the permission was last created. An RFC3339 formatted datetime string
-
timeUpdated:
string(date-time)
Time when the permission was last updated. An RFC3339 formatted datetime string
-
type:
string
Type of the permission
Nested Schema : PermissionTypeSummary
Type:
objectPermissionType Summary.
Show Source
-
displayName:
string
Display Name of the PermissionType.
-
externalId:
string
External Id of the PermissionType
-
id:
string
The Unique Oracle ID (OCID) that is immutable on creation.
-
name:
string
name of the PermissionType.
Nested Schema : ResourceSummary
Type:
objectResource Summary.
Show Source
-
customAttributes:
object customAttributes
Metadata associated with the resource
-
displayName:
string
Display Name of the Resource.
-
id(required):
string
The Unique Oracle ID (OCID) that is immutable on creation.
-
name:
string
name of the Resource.
-
type:
string
Type of the Resource
400 Response
Bad Request
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
401 Response
Unauthorized
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
404 Response
Not Found
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
429 Response
Too Many Requests
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
500 Response
Internal Server Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Default Response
Unknown Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Examples
The following example shows how to retrieve a details for a specific Access Bundle. Replace placeholder values with actual values before running the sample command.
cURL Example - Without Query Parameters
curl -i -X GET \
-H "Authorization:Bearer <your access token>" \
'${service-instance-url}/access-governance/access-controls/${version}/accessBundles/${accessBundleID}'Example of the Response Body
The following example shows the contents of the response body in JSON format, including a list of all available access bundles:
{
"accessBundleType" : "PERMISSION_BUNDLE",
"id" : "cbcf4668-4fed-4f70-8692-6xxxxxxxx",
"name" : "Administer, Management, Sql, Xdbadmin, Wm_Admin_Role ('ag-api-demo-DBUM' system)",
"displayName" : "Administer, Management, Sql, Xdbadmin, Wm_Admin_Role ('ag-api-demo-DBUM' system)",
"description" : "Bundle for 'ag-api-demo-DBUM-DBUM' system having key terms: 'Administer, Wm_Admin_Role, Xs_Cache_Admin'",
"tags" : [ "DBUM"],
"timeCreated" : "2025-02-24T22:45:02.155Z",
"timeUpdated" : "2025-03-18T16:20:19.819Z",
"createdBy" : {
"id" : "globalId.ICF.Non-Human-Test-Nov02.8xxxxxxxxxxxf4aa551989b7ec",
"name" : "Abel Maclead",
"displayName" : "Abel Maclead"
},
"updatedBy" : {
"id" : "globalId.ICF.Non-Human-Test-Nov02.84923636exxxxxxxxxxec",
"name" : "Abel Maclead",
"displayName" : "Abel Maclead"
},
"requestableBy" : {
"id" : "ANY",
"name" : "Anyone",
"displayName" : "Anyone"
},
"status" : "ACTIVE",
"approvalWorkflowId" : {
"id" : "NO_APPROVAL_REQUIRED",
"name" : "No Approval Required",
"displayName" : "No Approval Required"
},
"orchestratedSystem" : {
"id" : "07cfd352-a6a1-42ae-9409-731cb41a74fc",
"name" : "ag-api-demo-3-DBUM",
"displayName" : "ag-api-demo-DBUM-DBUM"
},
"orchestratedSystemType" : "ICF",
"ownershipCollectionId" : "d830b750-cee1-44f1-a5b8-cbxxxxxea6",
"owners" : [ {
"id" : "globalId.ICF.Non-Human-Test-Nov02.84923636xxxxxxxxxxxec",
"name" : "Ama Maclead",
"isPrimary" : true
} ],
"externalId" : "4354203e-910d-4cc8-ab3f-xxxx48023b94",
"cloudAccountName" : null,
"domainName" : null,
"resourceType" : null,
"compartmentName" : null,
"compartmentFqn" : null,
"customAttributes" : { },
"permissions" : [ {
"id" : "roles.ICF.ag-api-demo-DBUM-DBUM.d58d0fe8974dd1cb97xxxxxxx",
"name" : "AUTHENTICATEDUSER",
"description" : null,
"type" : "ENTITLEMENTS",
"timeCreated" : "2024-10-06T07:34:30.633Z",
"timeUpdated" : null,
"resource" : {
"id" : "resource.ICF.ag-api-demo-DBUM-DBUM.7e083f9851db103540xxxxxxxx",
"name" : "ag-api-demo-DBUM-DBUM",
"displayName" : "ag-api-demo-DBUM-DBUM",
"type" : "DBUM",
"customAttributes" : null
},
"permissionType" : {
"id" : "etype.ICF.ag-api-demo-DBUM-DBUM.6ae3be9a18b9aae2f8baxxxxxx",
"name" : "icf.connector.entitlement.type.roles",
"displayName" : "Role",
"externalId" : "roles"
}
}, {
"id" : "roles.ICF.ag-api-demo-DBUM-DBUM.9690282467b46e171f1c0xxxxxx",
"name" : "XS_CACHE_ADMIN",
"description" : null,
"type" : "ENTITLEMENTS",
"timeCreated" : "2024-10-06T07:34:29.043Z",
"timeUpdated" : null,
"resource" : {
"id" : "resource.ICF.ag-api-demo-DBUM-DBUM.123456xxxxxxxxxxxxxxxx",
"name" : "ag-api-demo-DBUM-DBUM",
"displayName" : "ag-api-demo-DBUM-DBUM",
"type" : "DBUM",
"customAttributes" : null
},
"permissionType" : {
"id" : "etype.ICF.ag-api-demo-DBUM-DBUM.6ae3be9a18bxxxxxxxxxxxx",
"name" : "icf.connector.entitlement.type.roles",
"displayName" : "Role",
"externalId" : "roles"
}
}, {
"id" : "roles.ICF.ag-api-demo-DBUM-DBUM.c554da3bb5e17e380affd24bb461d522",
"name" : "XS_SESSION_ADMIN",
"description" : null,
"type" : "ENTITLEMENTS",
"timeCreated" : "2024-10-06T07:34:29.042Z",
"timeUpdated" : null,
"resource" : {
"id" : "resource.ICF.ag-api-demo-DBUM-DBUM.7e083f9851db1035408a877c654d28bd",
"name" : "ag-api-demo-DBUM-DBUM",
"displayName" : "ag-api-demo-DBUM-DBUM",
"type" : "DBUM",
"customAttributes" : null
},
"permissionType" : {
"id" : "etype.ICF.ag-api-demo-DBUM-DBUM.6ae3be9a18b9aae2f8ba02e7f8908eaf",
"name" : "icf.connector.entitlement.type.roles",
"displayName" : "Role",
"externalId" : "roles"
}
}, {
"id" : "roles.ICF.ag-api-demo-DBUM-DBUM.af0048cc3156c0d61bb4dd704d5a3502",
"name" : "WM_ADMIN_ROLE",
"description" : null,
"type" : "ENTITLEMENTS",
"timeCreated" : "2024-10-06T07:34:30.634Z",
"timeUpdated" : null,
"resource" : {
"id" : "resource.ICF.ag-api-demo-DBUM-DBUM.7e083f9851db1035408a877c654d28bd",
"name" : "ag-api-demo-DBUM-DBUM",
"displayName" : "ag-api-demo-DBUM-DBUM",
"type" : "DBUM",
"customAttributes" : null
},
"permissionType" : {
"id" : "etype.ICF.ag-api-demo-DBUM.6ae3be9a18b9aae2f8ba02e7f8908eaf",
"name" : "icf.connector.entitlement.type.roles",
"displayName" : "Role",
"externalId" : "roles"
}
}, {
"id" : "privileges.ICF.ag-api-demo-DBUM-DBUM.34ac64704d5894a58xxxxxxxx",
"name" : "CREATE USER",
"description" : null,
"type" : "ENTITLEMENTS",
"timeCreated" : "2024-10-06T07:34:29.080Z",
"timeUpdated" : null,
"resource" : {
"id" : "resource.ICF.ag-api-demo-DBUM.7e083f9851db103xxxxxxxxx",
"name" : "ag-api-demo-DBUM",
"displayName" : "ag-api-demo-DBUM",
"type" : "DBUM",
"customAttributes" : null
},
"permissionType" : {
"id" : "etype.ICF.ag-api-demo-DBUM.d1ecb6a39a6fd079c76bxxxxxxxx",
"name" : "icf.connector.entitlement.type.privileges",
"displayName" : "Privilege",
"externalId" : "privileges"
}
}
} ]
}