Skip to main content
POST
/
api
/
v1
/
search
/
entitlements
Search
package main

import(
	"context"
	"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
	conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
	"log"
)

func main() {
    ctx := context.Background()

    s := conductoronesdkgo.New(
        conductoronesdkgo.WithSecurity(shared.Security{
            BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
            Oauth: "<YOUR_OAUTH_HERE>",
        }),
    )

    res, err := s.AppEntitlementSearch.Search(ctx, nil)
    if err != nil {
        log.Fatal(err)
    }
    if res.AppEntitlementSearchServiceSearchResponse != nil {
        for {
            // handle items

            res, err = res.Next()

            if err != nil {
                // handle error
            }

            if res == nil {
                break
            }
        }
    }
}
{
  "expanded": [
    {
      "@type": "<string>"
    }
  ],
  "facets": {
    "count": "<string>",
    "facets": [
      {
        "displayName": "<string>",
        "iconUrl": "<string>",
        "param": "<string>",
        "range": {
          "ranges": [
            {
              "count": "<string>",
              "displayName": "<string>",
              "from": "<string>",
              "iconUrl": "<string>",
              "to": "<string>"
            }
          ]
        },
        "value": {
          "values": [
            {
              "count": "<string>",
              "displayName": "<string>",
              "iconUrl": "<string>",
              "value": "<string>"
            }
          ]
        }
      }
    ]
  },
  "list": [
    {
      "appEntitlement": {
        "alias": "<string>",
        "appId": "<string>",
        "appResourceId": "<string>",
        "appResourceTypeId": "<string>",
        "certifyPolicyId": "<string>",
        "complianceFrameworkValueIds": [
          "<string>"
        ],
        "createdAt": "2023-11-07T05:31:56Z",
        "defaultValuesApplied": true,
        "deletedAt": "2023-11-07T05:31:56Z",
        "deprovisionerPolicy": {
          "action": {
            "actionName": "<string>",
            "appId": "<string>",
            "connectorId": "<string>",
            "displayName": "<string>"
          },
          "connector": {
            "account": {
              "config": {},
              "connectorId": "<string>",
              "doNotSave": {},
              "saveToVault": {
                "vaultIds": [
                  "<string>"
                ]
              },
              "schemaId": "<string>"
            },
            "defaultBehavior": {
              "connectorId": "<string>"
            },
            "deleteAccount": {
              "connectorId": "<string>"
            }
          },
          "delegated": {
            "appId": "<string>",
            "entitlementId": "<string>",
            "implicit": true
          },
          "externalTicket": {
            "appId": "<string>",
            "connectorId": "<string>",
            "externalTicketProvisionerConfigId": "<string>",
            "instructions": "<string>"
          },
          "manual": {
            "instructions": "<string>",
            "userIds": [
              "<string>"
            ]
          },
          "multiStep": {
            "provisionSteps": "<array>"
          },
          "unconfigured": {},
          "webhook": {
            "webhookId": "<string>"
          }
        },
        "description": "<string>",
        "displayName": "<string>",
        "durationGrant": "<string>",
        "durationUnset": {},
        "emergencyGrantEnabled": true,
        "emergencyGrantPolicyId": "<string>",
        "grantCount": "<string>",
        "grantPolicyId": "<string>",
        "id": "<string>",
        "isAutomationEnabled": true,
        "isManuallyManaged": true,
        "matchBatonId": "<string>",
        "overrideAccessRequestsDefaults": true,
        "provisionerPolicy": {
          "action": {
            "actionName": "<string>",
            "appId": "<string>",
            "connectorId": "<string>",
            "displayName": "<string>"
          },
          "connector": {
            "account": {
              "config": {},
              "connectorId": "<string>",
              "doNotSave": {},
              "saveToVault": {
                "vaultIds": [
                  "<string>"
                ]
              },
              "schemaId": "<string>"
            },
            "defaultBehavior": {
              "connectorId": "<string>"
            },
            "deleteAccount": {
              "connectorId": "<string>"
            }
          },
          "delegated": {
            "appId": "<string>",
            "entitlementId": "<string>",
            "implicit": true
          },
          "externalTicket": {
            "appId": "<string>",
            "connectorId": "<string>",
            "externalTicketProvisionerConfigId": "<string>",
            "instructions": "<string>"
          },
          "manual": {
            "instructions": "<string>",
            "userIds": [
              "<string>"
            ]
          },
          "multiStep": {
            "provisionSteps": "<array>"
          },
          "unconfigured": {},
          "webhook": {
            "webhookId": "<string>"
          }
        },
        "purpose": "APP_ENTITLEMENT_PURPOSE_VALUE_UNSPECIFIED",
        "requestSchemaId": "<string>",
        "revokePolicyId": "<string>",
        "riskLevelValueId": "<string>",
        "slug": "<string>",
        "sourceConnectorIds": {},
        "systemBuiltin": true,
        "updatedAt": "2023-11-07T05:31:56Z",
        "userEditedMask": "<string>"
      },
      "appPath": "<string>",
      "appResourcePath": "<string>",
      "appResourceTypePath": "<string>"
    }
  ],
  "nextPageToken": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization
string
header
required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

Search app entitlements by a variety of filters.

accessReviewId
string

Search for app entitlements that are being reviewed as part of this access review campaign.

alias
string

Search for app entitlements that have this alias (exact match).

appIds
string[] | null

Search for app entitlements contained in any of these apps.

appUserIds
string[] | null

Search for app entitlements that are granted to any of these app user ids.

complianceFrameworkIds
string[] | null

Search for app entitlements that are part of these compliace frameworks.

displayName
string

The displayName field.

excludeAppIds
string[] | null

Exclude app entitlements from the results that are in these app IDs.

excludeAppUserIds
string[] | null

Exclude app entitlements from the results that these app users have granted.

excludeImmutable
boolean

The excludeImmutable field.

excludeResourceTypeIds
string[] | null

The excludeResourceTypeIds field.

excludedEntitlementRefs
App Entitlement Ref · object[] | null

The excludedEntitlementRefs field.

expandMask
App Entitlement Expand Mask · object

The app entitlement expand mask allows the user to get additional information when getting responses containing app entitlement views.

includeDeleted
boolean

Include deleted app entitlements, this includes app entitlements that have a deleted parent object (app, app resource, app resource type)

isAutomated
boolean

The isAutomated field.

membershipType
enum<string>[] | null

The membershipType field.

Available options:
APP_ENTITLEMENT_MEMBERSHIP_TYPE_UNSPECIFIED,
APP_ENTITLEMENT_MEMBERSHIP_TYPE_MEMBER,
APP_ENTITLEMENT_MEMBERSHIP_TYPE_OWNER,
APP_ENTITLEMENT_MEMBERSHIP_TYPE_EXCLUSION,
APP_ENTITLEMENT_MEMBERSHIP_TYPE_ADMIN
onlyGetExpiring
boolean

Restrict results to only those who have expiring app entitlement user bindings.

pageSize
integer<int32>

The pageSize where 0 <= pageSize <= 100. Values < 10 will be set to 10. A value of 0 returns the default page size (currently 25)

pageToken
string

The pageToken field.

policyRefs
Policy Ref · object[] | null

Search for app entitlements that use any of these policies.

query
string

Query the app entitlements with a fuzzy search on display name and description.

refs
App Entitlement Ref · object[] | null

The refs field.

resourceIds
string[] | null

Search for app entitlements that belongs to these resources.

resourceTraitIds
string[] | null

The resourceTraitIds field.

resourceTypeIds
string[] | null

Search for app entitlements that are for items with resources types that have matching names. Example names are "group", "role", and "app".

riskLevelIds
string[] | null

Search for app entitlements with these risk levels.

sourceConnectorId
string

The sourceConnectorId field.

Response

200 - application/json

Successful response

The AppEntitlementSearchServiceSearchResponse message.

expanded
object[] | null

List of related objects.

facets
Facets · object

Indicates one value of a facet.

list
App Entitlement View · object[] | null

List of app entitlement view objects.

nextPageToken
string

The nextPageToken is shown for the next page if the number of results is larger than the max page size. The server returns one page of results and the nextPageToken until all results are retreived. To retrieve the next page, use the same request and append a pageToken field with the value of nextPageToken shown on the previous page.