Oracle Access Governance REST APIs

Get list of Access Association for the given review task

get

/access-governance/access-reviews/20250331/accessReviews/{accessReviewId}/associations

Returns list of Access Association for the given access review.

Request

Path Parameters

accessReviewId(required): string

Unique access review identifier.

Query Parameters

limit: integer

Minimum Value: 1

Maximum Value: 1000

The maximum number of items to return.

Default Value: 10
page: string

Minimum Length: 1

A token representing the position at which to start retrieving results. This must come from the `opc-next-page` header field of a previous response.
sortBy: string

The sort by for associations. The default value is position.

Default Value: position

Allowed Values: [ "position" ]
sortOrder: string

The sort order to use, either 'ASC' or 'DESC'.

Allowed Values: [ "ASC", "DESC" ]

Header Parameters

opc-request-id: string

The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.

Response

Supported Media Types

application/json

200 Response

The access review associations.

Headers

opc-next-page: string

For pagination of a list of items. When paging through a list, if this header appears in the response, then a partial list might have been returned. Include this value as the `page` parameter for the subsequent GET request to get the next batch of items.
opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : AssociationSummaryCollection

Type: object

List of Associations.

Show Source

items(required): array items

List of Associations.

{
    "type":"object",
    "description":"List of Associations.",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "description":"List of Associations.",
            "type":"array",
            "items":{
                "$ref":"#/definitions/AssociationSummary"
            }
        }
    }
}

Nested Schema : items

Type: array

List of Associations.

Show Source

Array of: object AssociationSummary

The Association summary for the access review.

{
    "description":"List of Associations.",
    "type":"array",
    "items":{
        "$ref":"#/definitions/AssociationSummary"
    }
}

Nested Schema : AssociationSummary

Type: object

The Association summary for the access review.

Show Source

accesses: array accesses

The list of AccessBundles or Roles.
id(required): string

The ID of the association.
identityCollections: array identityCollections

The list of Identity Collections.
position(required): integer

The position of the statement in the association.
type: string

Allowed Values: [ "ROLE", "ACCESS_BUNDLE" ]

The type of the association.

{
    "type":"object",
    "description":"The Association summary for the access review.",
    "required":[
        "id",
        "position"
    ],
    "properties":{
        "id":{
            "description":"The ID of the association.",
            "type":"string"
        },
        "type":{
            "description":"The type of the association.",
            "type":"string",
            "x-obmcs-top-level-enum":"#/definitions/AssociationType",
            "enum":[
                "ROLE",
                "ACCESS_BUNDLE"
            ]
        },
        "identityCollections":{
            "description":"The list of Identity Collections.",
            "type":"array",
            "items":{
                "$ref":"#/definitions/IdNameObject"
            }
        },
        "accesses":{
            "description":"The list of AccessBundles or Roles.",
            "type":"array",
            "items":{
                "$ref":"#/definitions/IdNameObject"
            }
        },
        "position":{
            "description":"The position of the statement in the association.",
            "type":"integer"
        }
    }
}

Nested Schema : accesses

Type: array

The list of AccessBundles or Roles.

Show Source

Array of: object IdNameObject

The Attribute key or Operator condition for the Membership rule.

{
    "description":"The list of AccessBundles or Roles.",
    "type":"array",
    "items":{
        "$ref":"#/definitions/IdNameObject"
    }
}

Nested Schema : identityCollections

Type: array

The list of Identity Collections.

Show Source

Array of: object IdNameObject

The Attribute key or Operator condition for the Membership rule.

{
    "description":"The list of Identity Collections.",
    "type":"array",
    "items":{
        "$ref":"#/definitions/IdNameObject"
    }
}

Nested Schema : IdNameObject

Type: object

The Attribute key or Operator condition for the Membership rule.

Show Source

displayName(required): string

The display name of the Attribute Key or Operator.
id(required): string

The ID of the Attribute Key or Operator.
name(required): string

The name of the Attribute Key or Operator.

{
    "type":"object",
    "description":"The Attribute key or Operator condition for the Membership rule.",
    "required":[
        "id",
        "name",
        "displayName"
    ],
    "properties":{
        "id":{
            "description":"The ID of the Attribute Key or Operator.",
            "type":"string"
        },
        "name":{
            "description":"The name of the Attribute Key or Operator.",
            "type":"string"
        },
        "displayName":{
            "description":"The display name of the Attribute Key or Operator.",
            "type":"string"
        }
    }
}

400 Response

Bad Request

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

401 Response

Unauthorized

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

404 Response

Not Found

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

429 Response

Too Many Requests

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

500 Response

Internal Server Error

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Default Response

Unknown Error

Headers

opc-request-id: string

Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Root Schema : Error

Type: object

Error Information.

Show Source

code(required): string

A short error code that defines the error, meant for programmatic parsing.
message(required): string

A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Examples

The following example shows how to retrieve access associations for a policy. This helps to retrieve policy associations, where an identity collection is granted access to a resource through an access bundle or roles.

cURL Example

curl -i -X GET \
   -H "Authorization:Bearer <your access token>" \
 '${service-instance-url}/access-governance/access-reviews/accessReviews/${accessReviewId}/associations

Example of the Response Body

The following example shows the contents of the response body in JSON format:

{
  "items": [
    {
      "id": "421xxxx-c5e3-4781-aeb9-f417xxxxxx",
      "type": "ACCESS_BUNDLE",
      "identityCollections": [
        {
          "id": "236xxxx-3bd7-495a-a559-dacexxxxxx",
          "name": "IC_Database.QA",
          "displayName": "IC_Database.QA"
        }
      ],
      "accesses": [
        {
          "id": "49a0xxxx-a522-4b7d-b4a8-5b3dxxxxxx",
          "name": "DBAT_AB",
          "displayName": "DBAT_AB"
        }
      ],
      "position": 0
    }
  ]
}

If you use an access review task id other than policy access review ID or no actionable statements are included, then you'll receive the following response:

{
    "items": [
    ]
}