Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
This page illustrates how to check the status of the Fingerprint service using the fingerprint endpoint.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
GET /fingerprint/status
Get the status of the Fingerprint service.
| Attribute | Description |
|---|---|
The following request gets the status of the Fingerprint service.
This page describes the jobs endpoint.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST /jobs/statuses
Get the status and output of the provided jobs.
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
The following request checks the status of the job specified in the payload.
healthy
boolean If true, the fingerprint status is healthy.
jobIds |
| Yes |
wait |
| No |
pollInterval |
| No |
id |
|
state |
|
output |
|
This section of API documentation is specific to configuring elements of your instance, such as users, tags, licenses, integrations, and webhooks.
Activities and notifications: View your activity notifications.
Fingerprint service status: Check the status of the Fingerprint service.
IAMs: Manage users and their permissions, groups, and attributes.
Licenses: Manage and view licenses in Immuta.
Sensitive data discovery: Configure custom sensitive data discovery rules and tags.
Tags: Create and search for tags.
Webhooks: Create webhooks that are triggered by events that happen in the system.
This page details the bim API, which allows users to programmatically access information about users, their group memberships, and authentications. Most of the actions described here require ADMIN permissions.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
Because the BIM endpoint encompasses groups, users, and authentications, there are three workflows.
POST /bim/iam/bim/user
Create a new BIM user.
This example request with the payload below will create a new BIM user with the username charlie.doe@immuta.com.
GET /bim/iam/{iamid}/user/authenticate
Authenticate a user from a 3rd-party identity provider.
This example request
POST /bim/iam/{iamid}/user/authenticate
Authenticate a user using their username and password and proxying it to the specified IAM service.
This example request with the payload below will authenticate the user using the bim IAM.
Payload example
PUT /bim/iam/{iamid}/user/{userid}/profile
Update a specified user's profile.
This example request will change the location to Boston, MA for the user with the username jane.doe@immuta.com.
Payload example
DELETE /bim/iam/{iamid}/user/{userid}/permissions/{permission}
Remove the specified user's permission.
This example request will delete the permission CREATE_DATA_SOURCE_IN_PROJECT from the user with the username john.doe@immuta.com.
PUT /bim/iam/{iamid}/user/{userid}/permissions
Update the specified user's permission.
This example request with the payload below will change to permissions of the user with the username charlie.doe@immuta.com to CREATE_DATA_SOURCE_IN_PROJECT, CREATE_PROJECT, and CREATE_DATA_SOURCE.
Payload example
PUT /bim/iam/{iamid}/user/{userid}/password
Update the specified user's password.
This example request with the payload below will change the password of the user with the ID jane.doe@immuta.com.
Payload example
PUT /bim/iam/{iamid}/user/{userid}/disable/{disable}
Disable / enable the specified BIM user.
This example request will disabled the user with the username jane.doe@immuta.com.
POST /bim/syncUsers
Sync users from an external IAM.
This example request will sync the users from the specified external IAM with Immuta.
Payload example
POST /iam/{iamId}/sync
Sync LDAP users with Immuta.
This example request will sync the users from Jump Cloud with Immuta.
Payload example
PUT /bim/iam/{iamid}/{modelType}/{modelId}/authorizations/{attributeName}/{attributeValue}
Update the specified user's attributes.
This example request will add the attribute Finance.Red Team to the user with the username jane.doe@immuta.com.
DELETE /bim/iam/{iamid}/{modelType}/{modelId}/authorizations/{key}/{value}
Remove an attribute from the specified group or user.
This example request will remove the attribute Country.JP from the user with the user ID jane.doe@immuta.com.
Configure SMTP: SMTP must be configured to use this endpoint. Additionally, after the users are created, they will not be active until they sign in to the Immuta UI.
POST /bim/iam/bim/user/{userid}/clone
Clones the provided user (including their permissions, groups, and attributes) to create multiple additional user accounts.
This example request will clone the user with the username jane.doe@immuta.com.
GET /bim/iam
Get a listing of configured IAM services.
The request below will list all of the IAMs in use.
GET /bim/user
Administrative search over the aggregated view of all users.
The request below will search all of the users in Immuta.
GET /bim/rpc/user/current
Get the currently logged in user's information.
This request will return information on the user that is logged in.
GET /bim/iam/{iamid}/user/{id}
Gets the specified user's aggregated view.
This example request will return information about the user with the ID 2.
GET /bim/iam/{iamid}/user/{userid}/profile
Gets the specified user's profile.
This example request will return the profile of the user with the ID 2.
GET /bim/iam/{iamid}/user/{userid}/groups
Get the specified user's list of groups.
This example request will return information on the groups of the user with the username john.doe@immuta.com.
DELETE /bim/iam/bim/user/{userid}
Delete the specified user in Immuta.
This example request will delete the user with the username charlie.doe@immuta.com.
POST /bim/group
Create a new group.
This request with the payload below will create a group through the bim IAM with the name API Group.
PUT /bim/group/{groupId}
Update the specified group.
This request with the payload below will update the group with the ID 2 with the name API Group #2 and with a new description.
Payload example
DELETE /bim/group/{groupId}/user/{groupuserid}
Remove a user from a group.
POST /bim/group/{groupId}/user
Add a new user to a group.
This request with the payload below adds the user with the ID tom.jones@immuta.com to the group with the ID 2.
Payload example
PUT /bim/iam/{iamid}/group/{groupid}/authorizations/{attributeName}/{attributeValue}
Update the specified group's attributes.
This example request will add the attribute Finance.Red Team to the group with the ID 2.
GET /bim/group
Get the list of groups from all configured IAMs.
This request will return all of the groups in Immuta.
GET /bim/group/{groupid}
Get the specified group.
This request will search for the group with the ID 2.
GET /bim/group/{groupid}/user
Get group users.
This request will return information on the users in the group with the ID 2.
DELETE /bim/group/{groupId}
Delete the specified group.
This request will delete the group with the ID 3.
POST /bim/apikey
Authenticate the user and create a project API key.
The payload must have one or both of the two attributes above.
This example request with the payload below will authenticate the user Jane Doe in the project with the ID 1 and create a new API key for her.
POST /bim/apikey/authenticate
Authenticate with the Immuta API using an API key.
This example request will authenticate the user with the Immuta API.
Payload example
POST /bim/apikey/impersonate
Impersonate another user using an API key.
This example request will allow the requesting user to impersonate the user specified in example-payload.json.
Payload example
POST /bim/token
Get information for a given token, should it exist.
This example request will return information on the access token in the payload.
Payload example
GET /bim/iam/{iamid}/user/{userid}/apikeys
Get metadata for all of the user's API keys.
This example request will return information on the API keys of the user with the username john.doe@immuta.com.
DELETE /bim/apikey/{keyid}
Delete an API key, all auth tokens issued using that API key, and generate a new API key.
This example request will delete the API key with the ID 323, revoke all the auth tokens issued using that API key, and generate a new API key.
This page describes the searchFilter endpoint.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST /searchFilter
Save a new search filter.
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
The following request saves a new search filter.
GET /searchFilter
Retrieve saved search filters.
The following request retrieves all saved search filters.
DELETE /searchFilter/{searchFilterName}
Delete a search filter by name.
The following request deletes the Medical Claims search filter.
This page describes the activity endpoint of the Immuta API, which allows you to view your activity notifications.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
| Method | Path | Purpose |
|---|---|---|
GET /activity
View your activity notification feed.
| Attribute | Description | Required |
|---|---|---|
This example request gets 5 activities for the current user and sorts them in descending order.
GET /activity/hasUnread
Determine whether you have unread activity notifications.
This request determines whether or not the requesting user has unread activities.
This page outlines the admin endpoint, which allows you to manage and review licenses in Immuta.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST /admin/license
Add a license key to the Immuta tenant to increase the number of seats or enable features.
| Parameter | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
This example request adds a license key (saved in the example-payload.json file) to the Immuta tenant.
GET /admin/license
Get a list of all license keys.
This example request gets the license key for the https://www.organization.immuta.com Immuta tenant.
GET /admin/license/licenseStatus
Get the status of a license key's features and seat capacity.
This example request gets the number of seats and active users for the license key associated with the https://www.organization.immuta.com Immuta tenant.
GET /admin/license/usage
Get the license usage summary. This endpoint returns a summary of the number of active and inactive users and a list of users.
This request gets the license usage for 5 users in the https://www.organization.immuta.com Immuta tenant.
DELETE /admin/license/{licenseId}
Delete the specified license key.
This example request deletes the license key with the ID 1.
This page describes the tag endpoint. When implemented, this standard REST interface can tag new data sources automatically.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
.
.
.
.
POST /tag
Create a new tag.
| Attribute | Description | Required |
|---|
The following request creates a new tag.
GET /tag
Search across all tags.
The following request searches all tags.
POST /tag/refresh
Refresh external tags.
The following request refreshes external tags.
POST /tag/{modelType}/{modelId}
Add tags to a particular model. No tags will be processed if any invalid tags are found in the payload.
No tags will be processed if any invalid tags are found in the payload.
Request example
The following request adds tags to the data source with the data source ID 22.
Request payload example
Response example
Request example
The following request adds tags to the project with the project ID 2.
Request payload example
Response example
Request example
The following request adds tags to the countrycode column of the data source with the data source ID 6.
Request payload example
Response example
DELETE /tag/{tag}
Delete a tag.
The following request deletes a tag.
DELETE /tag/{modelType}/{modelId}/{tag}
Delete tags from a particular model.
The following request deletes a tag.
Webhooks notify users or other systems when actions happen in Immuta. Every action that generates a notification is available as a webhook.
This page lists the REST endpoints for managing webhooks and provides examples of requests.
Application Admins can configure webhooks that are triggered by events that happen in the system (such as when data sources or projects are created), but any user can configure webhooks that are triggered by access requests and activity notifications.
All user-configured webhook integrations must respond within 10 seconds of receiving the webhook request payload. If the webhook integration takes longer to respond, the .
.
POST /webhooks
Create a new webhook. Users can create multiple webhooks in a single request.
The following request with the payload below creates a new webhook.
GET /webhooks
Return a list of webhooks the user can see. (Admins can see all webhooks; users can only see their own webhooks.)
The following request returns a list of webhooks the user can see.
GET /webhooks/actions
Return a list of valid notification actions that a webhook can be triggered by. |
The following request returns a list of valid notification actions that a webhook can be triggered by.
GET /webhooks/history
Return historical records for webhook requests, including requests and responses.
The following request returns historical records for webhook requests, including requests and responses.
GET /webhooks/{id}
Return specified webhook by ID.
The following request returns details on the webhook with the ID 1.
POST /webhooks/history/retry/{id}
Retry webhook requests by history ID. This can be done against any history record, regardless of failure or success.
The following request retries the webhook with the ID 1.
DELETE /webhooks/{id}
Delete a webhook by ID.
The following request deletes the webhook with the ID 1.
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Parameter | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Parameter | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Endpoint | Purpose |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Endpoint | Purpose |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Attribute | Description | Required |
|---|
| Type | Triggers |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Endpoint | Purpose |
|---|
| Attribute | Description |
|---|
| Attribute | Description |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
| Attribute | Description | Required |
|---|
| Attribute | Description |
|---|
The webhook request took longer than Immuta allows for a response. The default is 10 seconds, but this can be configured from the .
filter
array Includes facets to use in the search filter, such as searchText (the base search string for data sources/projects), tag, column, connectionString, schema, and type (type of models to search for: datasource or project).
Yes
name
string Name to be used for the search filter.
No
filter
array The facets used in the search filter, such as searchText (the base search string for data sources/projects), tag, column, connectionString, schema, and type (type of models used in the filter: datasource or project).
name
string The name of the search filter.
searchText
string A string used to filter returned saved filters. The query is executed with a wildcard prefix and suffix.
No
values
array Details regarding the search filters, including name, filter, searchText (the base search string for data sources/projects), tag, column, connectionString, schema, and type (type of models used in the filter: datasource or project).
searchFilterName
string The name of the specific search filter.
Yes
values
array Details regarding the search filters, including name, filter, searchText (the base search string for data sources/projects), tag, column, connectionString, schema, and type (type of models used in the filter: datasource or project).
GET
/activity
GET
/activity/hasUnread
excludeMine
boolean If true, excludes activities that were initiated by the calling user.
No
nonRequestActivity
boolean If true, excludes data source access requests from the returned activities.
No
new
boolean If true, excludes activities that are marked as 'read'.
No
offset
integer Used in combination with size to fetch pages.
No
size
integer The number of records to return in this query.
No
modelType
string The type of object to get activity for (i.e., data source, script, etc.).
No
modelId
string The ID for the model (i.e., the data source ID).
No
sortField
string The field to use for sorting.
No
sortOrder
string The sort order to use. The default is desc.
No
searchText
string If set, will use text to search through notification types and return all matched types.
No
notificationType
string If set, will only return activities of this type.
No
permission
string If set, will only return activities from users with a given permission if current user has it as well.
No
count
integer The total number of results available.
unread
integer The number of unread activities.
activities
metadata The information about the individual activities.
unread
boolean If true, the user has unread activities.
licenseKey
string The license key, as a payload.
Yes
licenseKey
string The license key.
id
integer The ID of the license.
uuid
string The unique universal identifier.
features
array The features included in the license.
handlers
array The data handlers included in the license.
expires
timestamp The date the license expires.
seats
integer The number of user seats available.
createdAt
timestamp The date the license key was generated.
notice
string This notice appears on the login page.
noticeOnExpire
string This notice appears on the login page after the license expires.
GET
/admin/license
GET
/admin/license/licenseStatus
id
integer The ID of the license.
uuid
string The unique universal identifier.
features
array The features included in the license.
handlers
array The data handlers included in the license.
expires
timestamp The date the license expires.
seats
integer The number of user seats available.
createdAt
timestamp The date the license key was generated.
notice
string This notice appears on the login page.
noticeOnExpire
string This notice appears on the login page after the license expires.
activeUserCount
integer The number of active users in the Immuta tenant.
licenseSeats
integer The total number of seats available in the license.
canAddUser
boolean When true, the administrator can add user accounts to the Immuta tenant.
hardSeats
integer The number of licensed seats available.
offset
integer The start index of the records to return. You can combine the offset and size parameters to return a specific set of user records. For example, to return the second and third user records in the response, you would set offset=1 and size=2. The default start index is 0.
No
size
integer The number of user records to return. The default size is 10.
No
users
array[] An array of user records.
users.userType
string The type of user. Value can be dataConsumer or policyOwner.
users.name
string The name of the user.
users.email
string The user's email address.
users.iamid
string The IAM the user belongs to.
users.userid
string The user's username.
users.active
boolean If true, the user is active. This is determined by whether Immuta has tracked any activity by the user in the last year.
summary
object The summary of license usage that covers all users, not just the subset returned by a call to this endpoint.
summary.dataConsumers
array Includes a summary of the dataConsumers type.
summary.dataConsumers.totalCount
integer The total number of users of this type known to Immuta.
summary.dataConsumers.activeCount
integer The number of active data consumers known to Immuta, determined by whether Immuta has tracked any activity by the user in the last year. Minimum value is 0.
summary.dataConsumers.inactiveCount
integer The number of inactive data consumers known to Immuta, determined by whether Immuta has tracked any activity by the user in the last year. Minimum value is 0.
summary.policyOwners
object Includes a summary of the policyOwners type.
summary.policyOwners.totalCount
integer The total number of users of this type known to Immuta.
licenseId
integer The ID of the license key you want to delete.
Yes
id
integer The license key ID.
licenseKey
string The license key.
seats
integer The number of seats in the license.
softSeats
integer The number of users that can be added beyond seats without access being blocked.
expires
timestamp The date the license expires.
uuid
string The unique universal identifier.
deleted
boolean If true, the license key has been deleted.
features
array The features included in the license.
handlers
array The data handlers included in the license.
hardExpiration
boolean When true, all data access is blocked when the license expires.
notice
string This notice appears on the login page.
noticeOnExpire
string This notice appears on the login page after the license expires.
createdAt
timestamp The date the license key was generated.
updatedAt
timestamp The date the license key was deleted.
hardDelete
boolean If true, the license key cannot be re-added after it is deleted.
expired
boolean If true, the license has expired.
iamid
string The IAM ID.
Yes
userid
string The new user's username.
Yes
password
string The new user's password.
No
profile
array Information on the new user's name and email.
No
permissions
array Information on the new user's permissions.
No
id
integer The user ID.
iamid
string The IAM ID.
userid
string The user's username.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
authorizations
array The user's groups and attributes.
permissions
array The user's permissions.
profile
array Details on the user, including name, email, phone, about, location, organization, position, preferences, externalUserIds, scim, systemGenerated, id, createdAt, and updatedAt values.
lastLogin
timestamp The date the user most recently logged into Immuta.
disabled
boolean If true, the user is disabled.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date the user was last updated.
newUserLink
string A link for the new user to log in and create a password.
emailFailed
boolean If true, the login email was unable to be sent to the user's provided email address.
emailSent
boolean If true, a login email was sent to the new user.
GET
/bim/iam/{iamid}/user/authenticate
POST
/bim/iam/{iamid}/user/authenticate
PUT
/bim/iam/{iamid}/user/{userid}/profile
DELETE
/bim/iam/{iamid}/user/{userid}/permissions/{permission}
PUT
/bim/iam/{iamid}/user/{userid}/permissions
PUT
/bim/iam/{iamid}/user/{userid}/password
PUT
/bim/iam/{iamid}/user/{userid}/disable/{disable}
POST
/bim/syncUsers
POST
/iam/{iamId}/sync
PUT
/bim/iam/{iamid}/{modelType}/{modelId}/authorizations/{attributeName}/{attributeValue}
DELETE
/bim/iam/{iamid}/{modelType}/{modelId}/authorizations/{key}/{value}
POST
/bim/iam/bim/user/{userid}/clone
iamid
string The IAM ID.
Yes
iamid
string The IAM ID.
Yes
username
string The user's username for the IAM dictated in the request.
Yes
password
string The user's password for the IAM dictated in the request.
Yes
authenticated
boolean If true, the user has been successfully authenticated.
token
string The user's access token.
tokenExpiration
timestamp The date the token will expire.
profileId
integer The user ID.
iamid
string The IAM ID.
Yes
userId
string The user's username.
Yes
iamid
string The IAM ID.
No
userid
string The user's username.
No
string The user email.
No
phone
string The user phone number.
No
sqlUser
string The user's SQL username.
No
about
string Details about the user to be displayed on their profile.
No
location
string The user's location.
No
organization
string The user's organization.
No
position
string The user's position.
No
externalUserIds
array A list of the user's external usernames for hdfsUser, databricksUser, snowflakeUser, prestoUser, asaUser, and redshiftUser.
No
preferences
array
No
scim
array
No
profile
array Details information about the user, including name, email, phone, about, location, organization, position, preferences, externalUserIds, scim, id, and the date of creation.
permissions
array A list of the user's permissions.
iamid
string The IAM ID.
userid
string The user's username.
authorizations
array The user's attributes and groups.
updatedAt
timestamp The date the user was last updated.
disabled
boolean If true, the user is disabled.
lastLogin
timestamp The date the user last logged in.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
hasLogin
boolean If true, the user has logged into Immuta.
iamid
string The IAM ID.
Yes
userid
string The user's username.
Yes
permission
string The permission to remove. See Immuta permissions and personas for a list of Immuta permissions.
Yes
id
integer The user's ID.
iamid
string The IAM ID.
userid
string The user's username.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
authorizations
array Details on the user's groups and attributes.
permissions
array[string] A list of the user's permissions.
profile
integer The user's profile ID.
lastLogin
timestamp The date the user last logged into Immuta.
disabled
boolean If true, the user is disabled.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date the user was last updated.
iamid
string The IAM ID.
Yes
userid
string The user's username.
Yes
permissions
array[string] A list of the user's permissions. This list is going to be a comprehensive list of all of the user's permissions. See Immuta permissions and personas for a list of Immuta permissions.
Yes
id
integer The user's ID.
iamid
string The IAM ID.
userid
string The user's username.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
authorizations
array Details on the user's groups and attributes.
permissions
array A list of the user's permissions.
profile
integer The user's profile ID.
lastLogin
timestamp The date the user last logged into Immuta.
disabled
boolean If true, the user is disabled.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date the user was last updated.
iamid
string The IAM ID.
Yes
userid
string The user's username.
Yes
originalPassword
string The user's old password.
Yes
password
string The user's new password.
Yes
success
boolean If true, the user's password has been successfully changed to the new password.
iamid
string The IAM ID.
Yes
userid
string The user's username.
Yes
disable
boolean If true, the user will be disabled.
Yes
userid
string The user's username.
disabled
boolean If true, the user is disabled.
iamid
string The external IAM ID.
Yes
iamId
string The external IAM ID.
Yes
dryRun
boolean If true, no updates will actually be made.
Yes
iamConfig
array Details about the IAM configuration, including authenticationOnly, credentials, defaultPermissions, displayName, id, ldapSync, and options.
No
plugin
string The type of plugin the IAM uses, ldap.
No
schema
array Details about the IAM schema, including group, profile, authorizations, and externalUserIds.
No
supportedActions
string
No
type
string The type of IAM, ldap.
No
totalCount
integer The total number of users in the external IAM that could be synced over into Immuta.
importedUsers
array Details about the users who were successfully imported from the sync, including userId and dn.
refreshedUsers
array Details about the users who were successfully refreshed from the sync, including userId and dn.
disabledUsers
array Details about the users who were successfully disabled from the sync, including userId and dn.
enabledUsers
array Details about the users who were successfully enabled from the sync, including userId and dn.
runningInBackground
boolean If true, the sync created a job to run in the background.
count
integer The number of users successfully updated from the IAM.
iamid
string The IAM ID.
Yes
modelType
string The type of model the attribute is added to. Options include group or user.
Yes
modelID
string The user or group ID.
Yes
attributeName
string The attribute name.
Yes
attributeValue
string The attribute value.
Yes
id
integer The user or group ID.
iamid
string The IAM ID.
userid
string The user's username.
name
string The group name.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
authorizations
array Details on the user's or group's and attributes.
permissions
array A list of the user's permissions.
profile
integer The user's profile ID.
lastLogin
timestamp The date the user last logged into Immuta.
disabled
boolean If true, the user is disabled.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date the user was last updated.
iamid
string The ID for the IAM the user or group is under.
Yes
modelId
string The user or group ID.
Yes
modelType
string The type of model the attribute is being removed from. Options include group or user.
Yes
key
string The attribute to remove.
Yes
value
string The attribute value to remove.
No
id
integer The user or group ID.
iamid
string The IAM ID.
authorizations
array The user or group attributes after the request has been made.
permissions
array The user or group permissions.
profile
integer The profile ID, if the model is a user.
systemGenerated
boolean If true, the user was created by Immuta.
createdAt
timestamp The date the user or group was created.
updatedAt
timestamp The date the user or group was last updated.
userId
string The user's username.
Yes
array The list of new users' emails.
Yes
failedEmails
array A list of any emails that failed to become users.
GET
/bim/iam
GET
/bim/user
GET
/bim/rpc/user/current
GET
/bim/iam/{iamid}/user/{id}
GET
/bim/iam/{iamid}/user/{userid}/profile
GET
/bim/iam/{iamid}/user/{userid}/groups
id
string The IAM ID.
displayName
string The name displayed in Immuta and entered at the time of configuration.
type
string The identity provider type.
oauth
boolean When true, the IAM service uses OAuth framework for authorization.
size
integer The maximum number of records to return. The default is 25.
No
name
string A partial name to match against user names.
No
userid
string A partial ID to match against user IDs.
No
string A partial email address to match against user email addresses.
No
iamid
string[] Optionally provide the IAM to filter the users.
No
excludeSystemGenerated
boolean If true, the results will exclude accounts automatically created for handlers that periodically crawl and ingest.
No
excludeAdminAndGovernor
boolean If true, Admin and Governor accounts will be excluded.
No
excludeDeletediams
boolean If true, the results will exclude users for any IAMs that are no longer configured.
No
excludebim
boolean If true, users from the Immuta internal identity manager will be excluded.
No
includeDisabled
boolean If true, the results will include disabled users.
No
offset
integer Offset to start returning values.
No
sortField
string The field to sort results on. The default is user name. Possible values: name, createdAt, iamid, email.
No
sortOrder
string The order that the results will be sorted in. The default is asc. Possible values: asc, desc.
No
permission
string A permission to filter the users by.
No
count
integer Total number of results. May be greater than the length of hits if additional results exist. Use size and offset to page additional results.
hits
metadata Details for each result, including id, iamid, userid, bimAuthorizations, iamAuthorizations, authorizations, projectId, permissions, groupPermissions, profile, authentication, systemGenerated, lastLogin, lastExternalRefresh, disabled, hasLogin, groups, createdAt, updatedAt, and schema values.
id
integer The user ID.
iamid
string The ID of the IAM the user is connected to.
userid
string The user's username.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
authorizations
metadata Details on the user's attributes.
projectId
integer The project ID for the user's current project.
permissions
string A list of the user's permissions.
profile
metadata Details on the user, including name, email, phone, about, location, organization, position, preferences, externalUserIds, scim, systemGenerated, id, createdAt, and updatedAt values.
lastLogin
timestamp The date of the user's last Immuta login.
disabled
boolean If true, the user has been disabled.
hasLogin
boolean If true, the user has logged into Immuta.
groups
metadata Information on the user's groups.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date of the last time the user's information was updated.
id
integer The user ID.
iamid
string The ID of the IAM the user is connected to.
userid
string The user's username.
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
authorizations
metadata Details on the user's attributes.
projectId
integer The project ID for the user's current project.
permissions
string A list of the user's permissions.
profile
metadata Details on the user, including name, email, phone, about, location, organization, position, preferences, externalUserIds, scim, systemGenerated, id, createdAt, and updatedAt values.
lastLogin
timestamp The date of the user's last Immuta login.
disabled
boolean If true, the user has been disabled.
hasLogin
boolean If true, the user has logged into Immuta.
groups
metadata Information on the user's groups.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date of the last time the user's information was updated.
iamid
string The IAM ID.
Yes
id
integer The user ID.
Yes
params
query
No
profile
array Details about the user, including name, email, phone, about, location, organization, position, preferences, externalUserIds, scim, id, and the date of creation.
preferences
array Information about the user's tabDataSourceState, tabProjectState, sortDataSourceState, and currentProject.
permissions
array A list of the user's permissions.
iamid
string The IAM ID.
userid
string The user's username.
authorizations
array The user's attributes and groups.
updatedAt
timestamp The date the user was last updated.
systemGenerated
boolean
disabled
boolean If true, the user is disabled.
lastLogin
timestamp The date the user last logged in.
lastExternalRefresh
timestamp
bimAuthorizations
array The attributes and groups given to the user's BIM profile.
iamAuthorizations
array The attributes and groups given to the user's external IAM profile.
hasLogin
boolean If true, the user has logged into Immuta.
iamid
string The IAM ID.
Yes
id
integer The user ID.
Yes
name
string The user's name.
string The user's email.
phone
string The user's phone number.
about
string Details about the user.
location
string The user's location.
organization
string The user's organization.
position
string The user's position.
externalUserIds
array A list of user IDs for technologies outside of Immuta, if specified as different from the Immuta user ID.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date the profile was last updated.
preferences
array Information on the user's preferences including values for sortProjectState and currentProject.
iamid
string The IAM ID.
Yes
userid
string The user's username.
Yes
id
integer The group ID.
name
string The group name.
iamid
string The IAM ID.
groupUser
integer The user's ID within the group.
userid
string The user's username.
Yes
userid
string The user's username.
iamid
string The IAM ID.
iamid
string The IAM ID.
Yes
name
string The new group name.
Yes
string The new group's email.
No
description
string The new group's description.
No
id
integer The group ID.
iamid
string The IAM ID.
name
string The group name.
string The group email.
authorizations
array The group's attributes.
description
The group description.
createdAt
timestamp The date the group was created.
updatedAt
timestamp The date the group was last updated.
PUT
/bim/group/{groupId}
DELETE
/bim/group/{groupId}/user/{groupuserid}
POST
/bim/group/{groupId}/user
PUT
/bim/iam/{iamid}/group/{groupid}/authorizations
groupId
integer The group ID.
Yes
name
string The group's new name.
No
string The group's new email.
No
description
string The group's new description.
No
id
integer The group ID.
iamid
string The IAM ID.
name
string The group name.
string The group email.
authorizations
string The group attributes.
description
string The group description.
createdAt
timestamp The date the group was created.
updatedAt
timestamp The date the group was last updated.
groupId
integer The group ID.
Yes
groupuserid
integer The user's group ID.
Yes
groupId
integer The group ID.
Yes
userid
string The new user's ID.
Yes
iamid
string The new user's IAM.
Yes
id
integer The user's group ID.
group
integer The group ID.
profile
integer The user ID.
createdAt
timestamp The date the user was added to the group.
updatedAt
timestamp The date the user was last updated within the group.
iamid
string The IAM ID.
Yes
groupId
integer The group ID.
Yes
attributeName
string The attribute name.
Yes
attributeValue
string The attribute value.
Yes
id
integer The group ID.
iamid
string The IAM ID.
name
string The group name.
string The group email.
authorizations
string The group attributes.
description
string The group description.
createdAt
timestamp The date the group was created.
updatedAt
timestamp The date the group was last updated.
GET
/bim/group
GET
/bim/group/{groupId}
GET
/bim/group/{groupId}/user
name
string A partial name to match against group names.
No
userid
integer The user ID. This will return the groups that the user is a member of.
No
iamid
string Optionally provide the IAM to filter the groups.
No
size
integer The maximum number of records to return. The default is 25.
No
offset
integer Offset to start returning values.
No
sortField
string The field to sort results on. Possible values: name, createdAt, iamid. Default is name.
No
sortOrder
string The order that the results will be sorted in. Possible values: asc, desc. The default is asc.
No
nameOnly
boolean If true, results will only return distinct group names.
No
count
integer Total number of results. May be greater than the length of hits if additional results exist. Use size and offset to page additional results.
hits
metadata Details on each result, including id, iamid, name, gid, email, authorizations, description, scim, scimid, createdAt, and updatedAt values.
id
integer The group ID.
iamid
string The IAM ID.
name
string The name of the group.
string The group email.
authorizations
metadata Details on the group's attributes.
descriptions
string Details attached to the group.
createdAt
timestamp The date the group was created.
updatedAt
timestamp The date the group was last updated.
groupId
integer The ID of the group.
Yes
id
integer The group's ID.
iamid
string The IAM ID.
name
string The group's name.
string The group's email.
authorizations
metadata Details on the group's attributes.
descriptions
string The group's description.
createdAt
timestamp The date the group was created.
updatedAt
timestamp The date the group was last updated.
groupId
integer The ID of the group.
Yes
offset
integer Offset to start returning values.
No
size
integer The maximum number of records to return. The default is 25.
No
sortOrder
string The order that the results will be sorted in. Possible values: asc, desc. The default is asc.
No
count
integer Total number of results. May be greater than the length of hits if additional results exist. Use size and offset to page additional results.
hits
metadata Details for each result, including id, group, profile, uid, iamid, userid, disabled, scim, scimid, createdAt, and updatedAt values.
id
integer The group ID.
iamid
string The ID of the IAM the user is connected to.
userid
string The user's username.
profile
metadata Details on the user, including iamid, userid, name, email, phone, about, location, organization, position, preferences, externalUserIds, scim, systemGenerated, id, createdAt, and updatedAt values.
disabled
boolean If true, the user has been disabled.
group
integer The group ID.
createdAt
timestamp The date the user was created.
updatedAt
timestamp The date of the last time the user's information was updated.
groupId
integer The group ID.
Yes
projectId
integer The project ID.
No
name
string The name to associate with the API key.
No
apikey
string The new API key.
keyid
integer The new API key's ID.
project
integer The project ID.
name
string The name of the API key.
POST
/bim/apikey/authenticate
POST
/bim/apikey/impersonate
apikey
string The API key.
authenticated
boolean If true, the user has been successfully authenticated.
token
string The user's access token.
apikey
string The API key of the account with the user impersonation permission.
userid
string The username of the impersonated user.
iamid
string The IAM ID of the impersonated user.
projectId
integer The project ID of the impersonated user.
authenticated
boolean If true, the user has been successfully authenticated.
token
string The user's access token.
POST
/bim/token
GET
/bim/iam/{iamid}/user/{userid}/apikeys
token
string The access token.
id
integer The access token ID.
type
string The token type: bearer.
iamid
string The IAM ID.
userid
string The user's username.
project
integer If the token was generated using a project API key, this is the project ID.
token
string The access token.
created
timestamp The date the token was created.
lastUsed
timestamp The date the token was last used.
expiration
timestamp The date the token will expire.
name
string The token name.
createdAt
timestamp The date the token was created.
updatedAt
timestamp The date the token was last updated.
scopes
string The scope of the token, such as impersonation.
impersonationuserid
string The user ID of the impersonating user.
impersonationiamid
string The IAM ID of the impersonating user.
iamid
string The IAM ID.
Yes
userid
string The user's username.
Yes
keyid
integer The API key ID.
created
timestamp The date the API key was created.
project
array Information on the project attached to the API key, including values for name, status, description, documentation, deleted, allowMaskedJoins, subscriptionType, subscriptionPolicy, equalization, snowflake, salt, type, schema, id, createdAt, updatedAt, workspace, createdBy, updatedBy, and schemaEvolutionId.
lastUsed
timestamp The date the API key was last used.
name
string The API key name.
keyid
integer The API key ID.
Yes
revokedTokens
integer The number of tokens revoked.
id |
|
color |
|
description |
|
name |
|
source |
|
deleted |
|
systemCreated |
|
createdBy |
|
createdAt |
|
updatedAt |
|
searchText |
| No |
source |
| No |
excludedSource |
| No |
includeAllSystemTags |
| No |
excludedHierarchies |
| No |
limit |
| No |
id |
|
name |
|
color |
|
description |
|
source |
|
deleted |
|
systemCreated |
|
modelType |
| Yes |
modelId |
| Yes |
name |
| Yes |
id |
| No |
displayName |
| No |
source |
| No |
systemCreated |
| No |
addedBy |
| No |
deleted |
| No |
hasLeafNodes |
| No |
createdBy |
| No |
createdAt |
| No |
updatedAt |
| No |
name |
|
source |
|
addedBy |
|
deleted |
|
tag |
| Yes |
deleteHierarchy |
| No |
id |
|
name |
|
color |
|
description |
|
source |
|
deleted |
|
systemCreated |
|
createdBy |
|
createdAt |
|
updatedAt |
|
tag |
| Yes |
modelType |
| Yes |
modelId |
| Yes |
acknowledgedAccess | A project member acknowledges the purposes on a project. |
addedToProject | A data source is added to a project. |
apiKeyRevoked | A user's API key is revoked. |
attributeAdded | An attribute is added to a group or user. |
attributeRemoved | An attribute is removed from a group or user. |
attributeUpdated | Attributes for a group or user are updated. |
bulkJobStatus | A bulk action is completed (whether success/failure). |
certificationRequired | A Global Policy that requires certification by the data source owner is applied to a data source. |
conflictingGlobalPolicies | Global Policies are applied to the same column on a data source. |
dataSourceExpired | A data source that was configured to expire has expired. |
dataSourceExpiring | A data source that was configured to expire expires tomorrow. |
dataSourceUpdated | A data source is updated. |
deletedDatasourceRemovedFromProject | A data source has been deleted and then removed from a project. |
expiredDatasourceRemovedFromProject | A data source that has expired and been deleted is removed from a project. |
firstQuery | A data source is queried for the first time through Immuta. |
globalPolicyCreated | A Global Policy is created. |
globalPolicyDeleted | A Global Policy is deleted. |
globalPolicyDisabled | A Global Policy is disabled. |
globalPolicyUpdated | A Global Policy is updated. |
groupUserAdded | A user is added to a group. |
groupUserDeleted | A user is removed from a group. |
healthCheckFailed | A health check runs and returns not healthy. |
healthCheckResolved | A health check runs and returns healthy. |
modelAccessApproved | A user's access request is approved for a data source or project. |
modelAccessDenied | A user's access request is denied for a data source or project. |
modelAccessRequested | A user requests access to a data source or project. |
modelAccessRevoked | A user's access request is revoked for a data source or project. |
modelAccessUpdated | A user's access level is updated for a data source or project. |
modelCreated | A data source or project is created. |
modelDeleted | A data source or project is deleted. |
modelTagAdded | A tag is added to a data source or a data source column. |
modelTagRemoved | A tag is removed from a data source or a data source column. |
modelUserAdded | A user is added to a data source. |
modelUserDeleted | A user is removed from a data source. |
modelUserJoined | A user joins a data source that they are already allowed to join. |
nativeWorkspaceStateChanged | A native workspace configuration within a project changes. |
permissionsUpdated | A user's permissions are updated. |
policyAdjustmentCreated | A policy adjustment is created. |
policyAdjustmentExpired | A policy adjustment has expired (the default is after a year). |
policyCertificationExpired | A policy certification on a data source has expired. |
policyUpdated | A data source's policies have been updated by a user or Global Policy. Policy updates are triggered for many reasons, including when a data source is created, a user updates them, a Global Policy changed, tags are added to a data source or column, the data dictionary changed, a fingerprint is recomputed, an external catalog modifies tags on a linked data source, or a policy disabled. |
projectDisabled | A project is disabled. |
projectEqualizationMemberNotInCompliance | A member of an equalized project is out of compliance. |
projectEqualizationToggled | Project equalization is toggled on or off. |
projectUpdated | A project is updated. |
purposeCreated | A purpose is created. |
purposeDeleted | A purpose is deleted. |
purposeUpdated | A purpose is updated. |
queryCanceled | A running query is canceled due to a change on a data source. |
queryCreated | A user creates a public query on a data source. |
queryUpdated | A public query is updated. |
removedFromProject | A data source is removed from a project. |
switchedCurrentProject | A user switches their current project. |
tagCreated | A tag is created. |
tagDeleted | A tag is deleted. |
tagUpdated | A tag is updated. |
taskDeleted | An outstanding data source task is deleted without validation. |
taskValidated | An outstanding data source task is validated. |
userCloned | A user is cloned. |
userCreated | A user or group is created. |
userDeleted | A user or group is deleted. |
userDisabled | A user is disabled. |
userEnabled | A user is enabled. |
userMigrated | A user is migrated from an old IAM to a new IAM. |
usernameUpdated | A user's name is updated. |
userUpdated | A group is updated. |
webhooks |
| Yes |
url |
| Yes |
name |
| Yes |
global |
| Yes |
notificationType |
| Yes |
actionType |
| Yes |
secret |
| No |
createdWebhooks |
|
value |
|
value |
|
offset |
| No |
pageSize |
| No |
sortField |
| No |
sortOrder |
| No |
notificationType |
| No |
includeGlobal |
| No |
includeUser |
| No |
successOrFailure |
| No |
count |
|
records |
|
id |
| Yes |
value |
|
id |
| Yes |
id |
|
request |
|
response |
|
statusCode |
|
notificationType |
|
webhooksActivityId |
|
createdAt |
|
updatedAt |
|
id |
| Yes |
value |
|
name |
| Yes |
id |
| No |
rootTag |
| No |
|
|
|
|
Return a list of webhooks the user can see. (Admins can see all webhooks; users can only see their own webhooks.) |
Return a list of valid notification actions that a webhook can be triggered by. |
Return historical records for webhook requests, including requests and responses. |
Return specified webhook by ID. |
|
| Issue |
| The request timed out. |
In previous documentation, rule and pattern are referred to as classifier or identifier, and framework is referred to as template.
To run this pattern against your data, ensure it is added to a framework.
POST /sdd/classifier
Create a pattern.
| Attribute | Description | Required |
|---|---|---|
The following request creates a pattern, saved in example-payload.json.
POST /sdd/template
Create an identification framework.
The following request creates an identification framework that contains 2 rules, saved in example-payload.json.
GET /sdd/classifier
List or search patterns.
The following request lists 5 patterns.
GET /sdd/template
List or search identification frameworks.
The following request lists all identification frameworks.
GET /sdd/classifier/{classifierName}
Get a pattern by name.
This request gets the pattern named MY_REGEX_PATTERN.
GET /sdd/template/{templateName}
Get an identification framework by name.
This request gets the identification framework named MY_FIRST_FRAMEWORK.
GET /sdd/template/global
View the current global framework.
This request gets the current global framework information.
PUT /sdd/template/apply
Apply an identification framework to a set of data sources.
This request applies the MY_FIRST_FRAMEWORK framework to the Public Case data source.
POST /sdd/run
Run SDD on specified data sources.
This request runs SDD on the data source Public Case.
This request runs SDD on all your data sources.
This request runs SDD on the Medical Claims data source with the PII_REVISION framework, but will not tag any columns if matches are found.
PUT /sdd/classifier/{classifierName}
Update a pattern. Partial updates are not supported.
The following request updates the name and description of the MY_REGEX_PATTERN pattern.
Payload example
POST /sdd/template/{templateName}/clone
Clone an identification framework.
This request clones the MY_FIRST_FRAMEWORK identification framework.
Payload example
PUT /sdd/template/{templateName}
Update an identification framework.
The following request updates the name of, description of, and rules in the MY_FIRST_FRAMEWORK identification framework.
Payload example
DELETE /sdd/classifier/{classifierName}
Delete a pattern.
The following request deletes the REGULAR_EXPRESSION pattern.
DELETE /sdd/template/{templateName}
Delete an identification framework.
The following request deletes the HEALTH_DATA identification framework.
.
.
.
.
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
name
string Unique, request-friendly pattern name.
Yes
displayName
string Unique, human-readable pattern name.
Yes
description
string The pattern description.
Yes
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
Yes
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
Yes
config.tags
array[string] The default resulting tags to apply when the pattern is matched; they must begin with Discovered . .
No
config.regex
string A case-insensitive regular expression to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.columnNameRegex
string A case-insensitive regular expression to match against column names. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.values
array[string] The list of words included in the dictionary to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.caseSensitive
boolean Indicates whether or not values are case sensitive. Defaults to false.
No
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
name
string Unique, request-friendly framework name.
Yes
displayName
string Unique, human-readable framework name.
Yes
description
string The framework description.
Yes
classifiers
array The patterns to include in the framework and any additional overrides for those patterns.
Yes
classifiers.name
string The name of the pattern to include in the framework.
Yes
classifiers.overrides
array The overrides to modify the pattern for this framework.
No
classifiers.overrides.tags
array The resulting tags to apply when the pattern is matched. These tags will override the pattern's default tags and must begin with Discovered . .
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
GET
sdd/classifier
GET
sdd/template
GET
sdd/classifier/{classifierName}
GET
sdd/template/{templateName}
GET
sdd/template/global
sortField
string The field by which to sort the search results: id, name, displayName, type, createdAt, or updatedAt.
No
sortOrder
string Denotes whether to sort the results in ascending (asc) or descending (desc) order. Default is asc.
No
offSet
integer Use in combination with limit to fetch pages.
No
limit
integer Limits the number of results displayed per page.
No
type
array[string] Searches based on pattern type: regex, dictionary, builtIn, or columnNameRegex.
No
searchText
string A partial, case-insensitive search on name.
No
count
integer The number of pattern found matching the search criteria.
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to optionally match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
sortField
string The field by which to sort the search results: id, name, displayName, type, createdAt, or updatedAt.
No
sortOrder
string Denotes whether to sort the results in ascending (asc) or descending (desc) order. Default is asc.
No
offSet
integer Use in combination with limit to fetch pages.
No
limit
integer Limits the number of results displayed per page.
No
classifiers
array[string] Filters framework results to those containing the specified patterns.
No
searchText
string A partial, case-insensitive search on the framework name.
No
count
integer The number of identification frameworks found matching the search criteria.
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
classifierName
string The name of the pattern.
Yes
id
integer The unique ID of the pattern.
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The name of the resulting tags to apply to the data source.
config.columnNameRegex
string A case-insensitive regular expression to optionally match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
templateName
string The name of the identification framework.
Yes
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
id
integer The unique ID of the framework.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
template
string The name of the identification framework to apply to the data sources. null to clear current framework, and the data source will use the global framework.
Yes
sources
string The name of the data sources to apply the framework to.
Yes
success
boolean When true, the request was successful.
sources
string The name of the data sources to apply the identification framework to.
Yes
all
boolean If true, SDD will run on all Immuta data sources.
No
wait
integer The number of seconds to wait for the SDD jobs to finish. The value -1 will wait until the jobs complete. Default is -1.
No
dryRun
boolean When true, SDD will not update the tags on the data source(s). Instead of applying tags, SDD returns the tags that would be applied to the data source. This allows users to evaluate whether or not rules or frameworks are applying tags correctly without updating the data source. Default is false.
No
template
string If passed, Immuta will run SDD with this framework instead of the applied framework on the data source(s). Passing template when dryRun is false will cause an error.
No
id
string The unique identifier of the job.
state
string The job state. Statuses include created, retry, active, completed, expired, cancelled, or failed.
output
array[string] Information about the tags applied on the data source, including diff (added and removed tags) and the current state of allTags on all columns in the data sources.
PUT
/sdd/classifier/{classifierName}
POST
sdd/classifier/template/{templateName}/clone
PUT
/sdd/template/{templateName}
classifierName
string The name of the pattern to update.
Yes
name
string Unique, request-friendly pattern name.
Yes
displayName
string Unique, human-readable pattern name.
Yes
description
string The pattern description.
Yes
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
Yes
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
Yes
config.tags
array[string] The default resulting tags to apply when the pattern is matched; they must begin with Discovered . .
No
config.regex
string A case-insensitive regular expression to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.columnNameRegex
string A case-insensitive regular expression to match against column names. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.values
array[string] The list of words included in the dictionary to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.caseSensitive
boolean Indicates whether or not values are case sensitive. Defaults to false.
No
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
templateName
string The name of the identification framework to clone.
Yes
name
string Unique, request-friendly framework name for the cloned framework.
Yes
displayName
string Unique, human-readable framework name for the cloned framework.
Yes
description
string The cloned framework description.
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
templateName
string The name of the identification framework to update.
Yes
name
string Unique, request-friendly framework name.
Yes
displayName
string Unique, human-readable framework name.
Yes
description
string The framework description.
Yes
classifiers
array The patterns to include in the framework and any additional overrides for those patterns.
Yes
classifiers.name
string The name of the pattern to include in the framework.
Yes
classifiers.overrides
array The overrides to modify the pattern for this framework.
No
classifiers.overrides.tags
array The resulting tags to apply when the pattern is matched. These tags will override the pattern's default tags and must begin with Discovered . .
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
DELETE
/sdd/classifier/{classifierName}
DELETE
/sdd/template/{templateName}
classifierName
string The name of the pattern to delete.
Yes
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
templateName
string The name of the identification framework to delete.
Yes
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.