1. Oracle Access Governance REST APIs
  2. Tasks
  3. AccessGuardrails

Analyze Access Guardrails

post

/access-governance/access-controls/20250331/accessGuardrails/analyze

against Identities for any violations.

Request

Header Parameters
  • The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.
Body ()
Details for the Access Guardrails analysis.
Root Schema : AnalyzeAccessGuardrailsDetails
Type: object
Request Body for analyzing Access Guardrails against Identities.
Show Source
Nested Schema : accessGuardrailIds
Type: array
Access Guardrail Ids.
Show Source
Nested Schema : globalIdentityIds
Type: array
Global Identity Ids.
Show Source
Back to Top

Response

Supported Media Types

200 Response

The Access Guardrail analysis was successfully completed.
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : AnalyzeAccessGuardrailsResult
Type: object
Response body for analyzing Access Guardrails against Identities.
Show Source
Nested Schema : items
Type: array
Violation details corresponding to each global identity id.
Show Source
Nested Schema : AnalyzeAccessGuardrailsViolationDetails
Type: object
Analyze Access Guardrails Violation details
Show Source
Nested Schema : violationDetails
Type: object
Additional Properties Allowed
Show Source
A map where keys represent unique rule identifiers and values are lists of violations.
Nested Schema : additionalProperties
Type: array
Show Source

400 Response

Bad Request
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

401 Response

Unauthorized
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

404 Response

Not Found
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

409 Response

Conflict
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

412 Response

Precondition failed
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

429 Response

Too Many Requests
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

500 Response

Internal Server Error
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source

Default Response

Unknown Error
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
Error Information.
Show Source
Back to Top

Examples

The following example shows how analyze violations for an identity. Replace placeholder values with actual values before running the sample command.

Before analyzing an access guardrail, you need to run the following APIs to fetch the required data:
  • List Access Guardrails - [GET] {BasePath}/accessGuardrails
  • List Identities - [GET] {BasePath}/identities
.

cURL Request Example

curl -i -X POST \
   -H "Authorization:Bearer <your-access-token>" \
   -H "Content-Type:application/json" \
   -d \
'{
  "globalIdentityIds": [
    "globalId.OCI.bd49ff2a-5c47-4242-xxxx-9ba235fbb0ec.9fxxx61d84394960469c2af598b63d4"
  ],
  "accessGuardrailIds": [
    "a4203401-46c3-4xxx-891a-b1c127fa94ba"
  ]
}' \
 '<${service-instance-url}/access-governance/access-controls/20250331/accessGuardrails/analyze>'

Submit the POST request

${service-instance-url}/access-governance/access-controls/${version}/accessGuardrails/analyze

Example Request Payload

{
  "globalIdentityIds": [
    "globalId.OCI.bd49ff2a-5c47-4242-xxxx-9ba235fbb0ec.9fxxx61d84394960469c2af598b63d4"
  ],
  "accessGuardrailIds": [
    "a4203401-46c3-4xxx-891a-b1c127fa94ba"
  ]
}

Example of the Response Code

You'll receive 200 OK response along with the following response body:

{
  "violationCount" : 1,
  "items" : [ {
    "globalIdentityId" : "globalId.OCI.bd49ff2a-5c47-4242-xxxx-9ba235fbb0ec.9fxxx61d84394960469c2af598b63d4",
    "hasViolation" : true,
    "accessGuardrailId" : "a4203401-46c3-xxx-891a-b1c127fa94ba",
    "violationDetails" : {
      "47beef27-b07a-497e-xxxx-765fbba966aa" : [ "This Identity does not have identity attribute Organization equals MK_Org_01" ]
    }
  } ]
}
Back to Top