Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Fingerprint API reference guide
This page illustrates how to check the status of the Fingerprint service using the fingerprint
endpoint.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
GET
/fingerprint/status
Get the status of the Fingerprint service.
The following request gets the status of the Fingerprint service.
Admin API reference guide
This page outlines the admin
endpoint, which allows you to manage and review licenses in Immuta.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST
/admin/license
Add a license key to the Immuta tenant to increase the number of seats or enable features.
This example request adds a license key (saved in the example-payload.json
file) to the Immuta tenant.
GET
/admin/license
Get a list of all license keys.
This example request gets the license key for the https://www.organization.immuta.com
Immuta tenant.
GET
/admin/license/licenseStatus
Get the status of a license key's features and seat capacity.
This example request gets the number of seats and active users for the license key associated with the https://www.organization.immuta.com
Immuta tenant.
GET
/admin/license/usage
Get the license usage summary. This endpoint returns a summary of the number of active and inactive users and a list of users.
This request gets the license usage for 5 users in the https://www.organization.immuta.com
Immuta tenant.
DELETE
/admin/license/{licenseId}
Delete the specified license key.
This example request deletes the license key with the ID 1
.
Frameworks API reference guide
GET
/frameworks
Get all the frameworks in Immuta.
POST
/frameworks
DELETE
/frameworks/{frameworkId}
Deletes the framework you specify in the request.
The response returns a 204
response code if the request was successful.
GET
/frameworks/{frameworkId}
Gets the framework you specify in the request.
PUT
/frameworks/{frameworkId}
Update a framework. This example updates a framework to be inactive.
POST
/frameworks/{frameworkId}/clone
Clone a framework from an existing framework.
GET
/frameworks/{frameworkId}/versions
Gets every version of the framework you specify in the request.
The framework payload is used when creating or updating a framework. See the parameters below.
The tags object specifies the tags created for and used in the framework. It includes metadata for the tags, like sensitivity and descriptions. The table below outlines its child parameters.
The rules object specifies the rules used in the framework. The table below outlines its child parameters.
The framework reference is the response for many /frameworks
requests. See the parameters described below.
Jobs API reference guide
This page describes the jobs
endpoint.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST
/jobs/statuses
Get the status and output of the provided jobs.
The following request checks the status of the job specified in the payload.
Activity API reference guide
This page describes the activity
endpoint of the Immuta API, which allows you to view your activity notifications.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
GET
/activity
View your activity notification feed.
This example request gets 5 activities for the current user and sorts them in descending order.
GET
/activity/hasUnread
Determine whether you have unread activity notifications.
This request determines whether or not the requesting user has unread activities.
Webhooks API reference guide
Webhooks notify users or other systems when actions happen in Immuta. Every action that generates a notification is available as a webhook.
This page lists the REST endpoints for managing webhooks and provides examples of requests.
Application Admins can configure webhooks that are triggered by events that happen in the system (such as when data sources or projects are created), but any user can configure webhooks that are triggered by access requests and activity notifications.
POST
/webhooks
Create a new webhook. Users can create multiple webhooks in a single request.
The following request with the payload below creates a new webhook.
GET
/webhooks
Return a list of webhooks the user can see. (Admins can see all webhooks; users can only see their own webhooks.)
The following request returns a list of webhooks the user can see.
GET
/webhooks/actions
Return a list of valid notification actions that a webhook can be triggered by. |
The following request returns a list of valid notification actions that a webhook can be triggered by.
GET
/webhooks/history
Return historical records for webhook requests, including requests and responses.
The following request returns historical records for webhook requests, including requests and responses.
GET
/webhooks/{id}
Return specified webhook by ID.
The following request returns details on the webhook with the ID 1
.
POST
/webhooks/history/retry/{id}
Retry webhook requests by history ID. This can be done against any history record, regardless of failure or success.
The following request retries the webhook with the ID 1
.
DELETE
/webhooks/{id}
Delete a webhook by ID.
The following request deletes the webhook with the ID 1
.
The webhook request took longer than Immuta allows for a response. The default time limit is 10 seconds. To change this limit, reach out to your Immuta representative.
Search filter API reference guide
This page describes the searchFilter
endpoint.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST
/searchFilter
Save a new search filter.
The following request saves a new search filter.
GET
/searchFilter
Retrieve saved search filters.
The following request retrieves all saved search filters.
DELETE
/searchFilter/{searchFilterName}
Delete a search filter by name.
The following request deletes the Medical Claims
search filter.
Tag API reference guide
This page describes the tag
endpoint. When implemented, this standard REST interface can tag new data sources automatically.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
POST
/tag
Create a new tag.
The following request creates a new tag.
GET
/tag
Search across all tags.
The following request searches all tags.
POST
/tag/refresh
Refresh external tags.
The following request refreshes external tags.
POST
/tag/{modelType}/{modelId}
Add tags to a particular model. No tags will be processed if any invalid tags are found in the payload.
No tags will be processed if any invalid tags are found in the payload.
Request example
The following request adds tags to the data source with the data source ID 22
.
Request payload example
Response example
Request example
The following request adds tags to the project with the project ID 2
.
Request payload example
Response example
Request example
The following request adds tags to the countrycode
column of the data source with the data source ID 6
.
Request payload example
Response example
DELETE
/tag/{tag}
Delete a tag.
The following request deletes a tag.
DELETE
/tag/{modelType}/{modelId}/{tag}
Delete tags from a particular model.
The following request deletes a tag.
BIM API reference guide
This page details the bim
API, which allows users to programmatically access information about users, their group memberships, and authentications. Most of the actions described here require ADMIN permissions.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
Because the BIM endpoint encompasses groups, users, and authentications, there are three workflows.
POST
/bim/iam/bim/user
Create a new BIM user.
This example request with the payload below will create a new BIM user with the username charlie.doe@immuta.com
.
GET
/bim/iam/{iamid}/user/authenticate
Authenticate a user from a 3rd-party identity provider.
This example request
POST
/bim/iam/{iamid}/user/authenticate
Authenticate a user using their username and password and proxying it to the specified IAM service.
This example request with the payload below will authenticate the user using the bim
IAM.
Payload example
PUT
/bim/iam/{iamid}/user/{userid}/profile
Update a specified user's profile.
This example request will change the location to Boston, MA
for the user with the username jane.doe@immuta.com
.
Payload example
DELETE
/bim/iam/{iamid}/user/{userid}/permissions/{permission}
Remove the specified user's permission.
This example request will delete the permission CREATE_DATA_SOURCE_IN_PROJECT
from the user with the username john.doe@immuta.com
.
PUT
/bim/iam/{iamid}/user/{userid}/permissions
Update the specified user's permission.
This example request with the payload below will change to permissions of the user with the username charlie.doe@immuta.com
to CREATE_DATA_SOURCE_IN_PROJECT
, CREATE_PROJECT
, and CREATE_DATA_SOURCE
.
Payload example
PUT
/bim/iam/{iamid}/user/{userid}/password
Update the specified user's password.
This example request with the payload below will change the password of the user with the ID jane.doe@immuta.com
.
Payload example
PUT
/bim/iam/{iamid}/user/{userid}/disable/{disable}
Disable / enable the specified BIM user.
This example request will disabled the user with the username jane.doe@immuta.com
.
POST
/bim/syncUsers
Sync users from an external IAM.
This example request will sync the users from the specified external IAM with Immuta.
Payload example
POST
/iam/{iamId}/sync
Sync LDAP users with Immuta.
This example request will sync the users from Jump Cloud with Immuta.
Payload example
PUT
/bim/iam/{iamid}/{modelType}/{modelId}/authorizations/{attributeName}/{attributeValue}
Update the specified user's attributes.
This example request will add the attribute Finance.Red Team
to the user with the username jane.doe@immuta.com
.
DELETE
/bim/iam/{iamid}/{modelType}/{modelId}/authorizations/{key}/{value}
Remove an attribute from the specified group or user.
This example request will remove the attribute Country.JP
from the user with the user ID jane.doe@immuta.com
.
Configure SMTP: SMTP must be configured to use this endpoint. Additionally, after the users are created, they will not be active until they sign in to the Immuta UI.
POST
/bim/iam/bim/user/{userid}/clone
Clones the provided user (including their permissions, groups, and attributes) to create multiple additional user accounts.
This example request will clone the user with the username jane.doe@immuta.com
.
GET
/bim/iam
Get a listing of configured IAM services.
The request below will list all of the IAMs in use.
GET
/bim/user
Administrative search over the aggregated view of all users.
The request below will search all of the users in Immuta.
GET
/bim/rpc/user/current
Get the currently logged in user's information.
This request will return information on the user that is logged in.
GET
/bim/iam/{iamid}/user/{id}
Gets the specified user's aggregated view.
This example request will return information about the user with the ID 2
.
GET
/bim/iam/{iamid}/user/{userid}/profile
Gets the specified user's profile.
This example request will return the profile of the user with the ID 2
.
GET
/bim/iam/{iamid}/user/{userid}/groups
Get the specified user's list of groups.
This example request will return information on the groups of the user with the username john.doe@immuta.com
.
DELETE
/bim/iam/bim/user/{userid}
Delete the specified user in Immuta.
This example request will delete the user with the username charlie.doe@immuta.com
.
POST
/bim/group
Create a new group.
This request with the payload below will create a group through the bim
IAM with the name API Group
.
PUT
/bim/group/{groupId}
Update the specified group.
This request with the payload below will update the group with the ID 2
with the name API Group #2
and with a new description.
Payload example
DELETE
/bim/group/{groupId}/user/{groupuserid}
Remove a user from a group.
POST
/bim/group/{groupId}/user
Add a new user to a group.
This request with the payload below adds the user with the ID tom.jones@immuta.com
to the group with the ID 2
.
Payload example
PUT
/bim/iam/{iamid}/group/{groupid}/authorizations/{attributeName}/{attributeValue}
Update the specified group's attributes.
This example request will add the attribute Finance.Red Team
to the group with the ID 2
.
GET
/bim/group
Get the list of groups from all configured IAMs.
This request will return all of the groups in Immuta.
GET
/bim/group/{groupid}
Get the specified group.
This request will search for the group with the ID 2
.
GET
/bim/group/{groupid}/user
Get group users.
This request will return information on the users in the group with the ID 2
.
DELETE
/bim/group/{groupId}
Delete the specified group.
This request will delete the group with the ID 3
.
POST
/bim/apikey
Authenticate the user and create a project API key.
The payload must have one or both of the two attributes above.
This example request with the payload below will authenticate the user Jane Doe
in the project with the ID 1
and create a new API key for her.
POST
/bim/apikey/authenticate
Authenticate with the Immuta API using an API key.
This example request will authenticate the user with the Immuta API.
Payload example
POST
/bim/apikey/impersonate
Impersonate another user using an API key.
This example request will allow the requesting user to impersonate the user specified in example-payload.json
.
Payload example
POST
/bim/token
Get information for a given token, should it exist.
This example request will return information on the access token in the payload.
Payload example
GET
/bim/iam/{iamid}/user/{userid}/apikeys
Get metadata for all of the user's API keys.
This example request will return information on the API keys of the user with the username john.doe@immuta.com
.
DELETE
/bim/apikey/{keyid}
Delete an API key, all auth tokens issued using that API key, and generate a new API key.
This example request will delete the API key with the ID 323
, revoke all the auth tokens issued using that API key, and generate a new API key.
Attribute | Description |
---|---|
.
.
.
.
.
Parameter | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Parameter | Description | Required |
---|
Attribute | Description |
---|
Parameter | Description | Required |
---|
Attribute | Description |
---|
The frameworks resource allows you to create and manage classification frameworks. System-created frameworks cannot be edited, so to make any adjustments.
Method | Endpoint | Description |
---|
The response returns all the frameworks in Immuta. See the for details about the response schema.
Create a new framework. This example creates a framework that will tag all columns in a data source with the tag "HR Framework . Internal Employee Data" when a single column within the data source has the tag "Employee Name". Then can be built to only allow HR to access this sensitive employee data.
The request accepts a JSON or YAML payload. See the for parameter details.
The response returns the framework that was created. See the for details about the response schema.
Parameter | Description | Required or optional |
---|
Parameter | Description | Required or optional |
---|
The response returns the framework specified in the request. See the for details about the response schema.
Parameter | Description | Required or optional |
---|
The request accepts a JSON or YAML payload. See the for parameter options; partial updates are supported.
The response returns the framework that was updated. See the for details about the response schema.
Parameter | Description | Required or optional |
---|
The response returns the framework that was created as a clone. See the for details about the response schema.
Parameter | Description | Required or optional |
---|
The response returns a copy of every version of the framework specified in the request. See the for details about the response schema.
Parameter | Description | Required or optional | Default values | Accepted values |
---|
Parameter | Description | Required or optional | Default values | Accepted values |
---|
Parameter | Description | Required or optional | Default values | Accepted values |
---|
Parameter | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description |
---|
: View your activity notifications.
: Check the status of the Fingerprint service.
: Manage users and their permissions, groups, and attributes.
: Manage and view licenses in Immuta.
: Configure custom sensitive data discovery identifiers and tags.
: Create and search for tags.
: Create webhooks that are triggered by events that happen in the system.
All user-configured webhook integrations must respond within 10 seconds of receiving the webhook request payload. If the webhook integration takes longer to respond, the .
.
Type | Triggers |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Endpoint | Purpose |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
statusCode | code | Issue |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
.
.
.
.
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Endpoint | Purpose |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Endpoint | Purpose |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
.
.
.
.
.
.
.
.
.
.
.
.
Attribute | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Method | Path | Purpose |
---|
Attribute | Description |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
Attribute | Description | Required |
---|
Attribute | Description |
---|
healthy
boolean
If true
, the fingerprint status is healthy.
licenseKey |
| Yes |
licenseKey |
|
id |
|
uuid |
|
features |
|
handlers |
|
expires |
|
seats |
|
createdAt |
|
notice |
|
noticeOnExpire |
|
id |
|
uuid |
|
features |
|
handlers |
|
expires |
|
seats |
|
createdAt |
|
notice |
|
noticeOnExpire |
|
activeUserCount |
|
licenseSeats |
|
canAddUser |
|
hardSeats |
|
offset |
| No |
size |
| No |
users |
|
users.userType |
|
users.name |
|
users.email |
|
users.iamid |
|
users.userid |
|
users.active |
|
summary |
|
summary.dataConsumers |
|
summary.dataConsumers.totalCount |
|
summary.dataConsumers.activeCount |
|
summary.dataConsumers.inactiveCount |
|
summary.policyOwners |
|
summary.policyOwners.totalCount |
|
licenseId |
| Yes |
id |
|
licenseKey |
|
seats |
|
softSeats |
|
expires |
|
uuid |
|
deleted |
|
features |
|
handlers |
|
hardExpiration |
|
notice |
|
noticeOnExpire |
|
createdAt |
|
updatedAt |
|
hardDelete |
|
expired |
|
id | The unique identifier of the framework. | Required |
id | The unique identifier of the framework. | Required |
id | The unique identifier of the framework. | Required |
id | The unique identifier of the framework. | Required |
id | The unique identifier of the framework. | Required |
name | The fully rendered name of the tag, including any parent tags. | Required | - | - |
source | The catalog the tag is from. | Required | - |
|
description | A description of the classification tag. | Required | - | - |
sensitivities | The sensitivity assigned to the tag. This sensitivity can drive the Detect dashboards and monitors. | Optional |
| - |
sensitivities.dimension | The type of sensitivity assigned to the tag. | Required if adding sensitivities | - |
|
sensitivities.sensitivity | The sensitivity assigned to the tag. | Required if adding sensitivities | - |
|
name | The short, humna-readable name for the rule. | Required | - | - |
classificationTag | The tag to apply to the data source based on the criteria. | Required | - | - |
classificationTag.name | The name of the tag to apply. | Required | - | - |
classificationTag.source | The catalog the tag is from. | Required | - |
|
columnTags | The criteria for applying tags. Tags will be applied to a column when these tags are found on the same column. | Optional |
| - |
columnTags.name | The name of the column tag. When matched, the classification tag will be applied to the same column. | Required if using columnTags criteria | - | - |
columnTags.source | The catalog the column tag is from. | Required if using columnTags criteria | - |
|
neighborColumnTags | The criteria for applying tags. Tags will be applied to all columns within a data source if this tag is found already applied to any column within the data source. | Optional |
| - |
neighborColumnTags.name | The name of the neighboring column tag. When matched, the classification tag will be applied to all columns within that data source. | Required if using neighborColumnTags criteria | - | - |
neighborColumnTags.source | The catalog the neighboring column tag is from. | Required if using neighborColumnTags criteria | - |
|
tableTags | The criteria for applying tags. Tags will be applied to all columns in a data source when this tag is found applied to the data source. | Optional |
| - |
tableTags.name | The name of the data source tag. When matched, the classification tag will be applied to all columns within that data source. | Required if using tableTags criteria | - | - |
tableTags.source | The catalog the data source tag is from. | Required if using tableTags criteria | - |
|
jobIds |
| Yes |
wait |
| No |
pollInterval |
| No |
id |
|
state |
|
output |
|
excludeMine |
| No |
nonRequestActivity |
| No |
new |
| No |
offset |
| No |
size |
| No |
modelType |
| No |
modelId |
| No |
sortField |
| No |
sortOrder |
| No |
searchText |
| No |
notificationType |
| No |
permission |
| No |
count |
|
unread |
|
activities |
|
unread |
|
acknowledgedAccess | A project member acknowledges the purposes on a project. |
addedToProject | A data source is added to a project. |
apiKeyRevoked | A user's API key is revoked. |
attributeAdded | An attribute is added to a group or user. |
attributeRemoved | An attribute is removed from a group or user. |
attributeUpdated | Attributes for a group or user are updated. |
bulkJobStatus | A bulk action is completed (whether success/failure). |
certificationRequired | A Global Policy that requires certification by the data source owner is applied to a data source. |
conflictingGlobalPolicies | Global Policies are applied to the same column on a data source. |
dataSourceExpired | A data source that was configured to expire has expired. |
dataSourceExpiring | A data source that was configured to expire expires tomorrow. |
dataSourceUpdated | A data source is updated. |
deletedDatasourceRemovedFromProject | A data source has been deleted and then removed from a project. |
expiredDatasourceRemovedFromProject | A data source that has expired and been deleted is removed from a project. |
firstQuery | A data source is queried for the first time through Immuta. |
globalPolicyCreated | A Global Policy is created. |
globalPolicyDeleted | A Global Policy is deleted. |
globalPolicyDisabled | A Global Policy is disabled. |
globalPolicyUpdated | A Global Policy is updated. |
groupUserAdded | A user is added to a group. |
groupUserDeleted | A user is removed from a group. |
healthCheckFailed | A health check runs and returns not healthy. |
healthCheckResolved | A health check runs and returns healthy. |
modelAccessApproved | A user's access request is approved for a data source or project. |
modelAccessDenied | A user's access request is denied for a data source or project. |
modelAccessRequested | A user requests access to a data source or project. |
modelAccessRevoked | A user's access request is revoked for a data source or project. |
modelAccessUpdated | A user's access level is updated for a data source or project. |
modelCreated | A data source or project is created. |
modelDeleted | A data source or project is deleted. |
modelTagAdded | A tag is added to a data source or a data source column. |
modelTagRemoved | A tag is removed from a data source or a data source column. |
modelUserAdded | A user is added to a data source. |
modelUserDeleted | A user is removed from a data source. |
modelUserJoined | A user joins a data source that they are already allowed to join. |
nativeWorkspaceStateChanged | A native workspace configuration within a project changes. |
permissionsUpdated | A user's permissions are updated. |
policyAdjustmentCreated | A policy adjustment is created. |
policyAdjustmentExpired | A policy adjustment has expired (the default is after a year). |
policyCertificationExpired | A policy certification on a data source has expired. |
policyUpdated | A data source's policies have been updated by a user or Global Policy. Policy updates are triggered for many reasons, including when a data source is created, a user updates them, a Global Policy changed, tags are added to a data source or column, the data dictionary changed, a fingerprint is recomputed, an external catalog modifies tags on a linked data source, or a policy disabled. |
projectDisabled | A project is disabled. |
projectEqualizationMemberNotInCompliance | A member of an equalized project is out of compliance. |
projectEqualizationToggled | Project equalization is toggled on or off. |
projectUpdated | A project is updated. |
purposeCreated | A purpose is created. |
purposeDeleted | A purpose is deleted. |
purposeUpdated | A purpose is updated. |
queryCanceled | A running query is canceled due to a change on a data source. |
queryCreated | A user creates a public query on a data source. |
queryUpdated | A public query is updated. |
removedFromProject | A data source is removed from a project. |
switchedCurrentProject | A user switches their current project. |
tagCreated | A tag is created. |
tagDeleted | A tag is deleted. |
tagUpdated | A tag is updated. |
taskDeleted | An outstanding data source task is deleted without validation. |
taskValidated | An outstanding data source task is validated. |
userCloned | A user is cloned. |
userCreated | A user or group is created. |
userDeleted | A user or group is deleted. |
userDisabled | A user is disabled. |
userEnabled | A user is enabled. |
userMigrated | A user is migrated from an old IAM to a new IAM. |
usernameUpdated | A user's name is updated. |
userUpdated | A group is updated. |
webhooks |
| Yes |
url |
| Yes |
name |
| Yes |
global |
| Yes |
notificationType |
| Yes |
actionType |
| Yes |
secret |
| No |
createdWebhooks |
|
value |
|
value |
|
offset |
| No |
pageSize |
| No |
sortField |
| No |
sortOrder |
| No |
notificationType |
| No |
includeGlobal |
| No |
includeUser |
| No |
successOrFailure |
| No |
count |
|
records |
|
id |
| Yes |
value |
|
id |
| Yes |
id |
|
request |
|
response |
|
statusCode |
|
notificationType |
|
webhooksActivityId |
|
createdAt |
|
updatedAt |
|
id |
| Yes |
value |
|
filter |
| Yes |
name |
| No |
filter |
|
name |
|
searchText |
| No |
values |
|
searchFilterName |
| Yes |
values |
|
name |
| Yes |
id |
| No |
rootTag |
| No |
id |
|
color |
|
description |
|
name |
|
source |
|
deleted |
|
systemCreated |
|
createdBy |
|
createdAt |
|
updatedAt |
|
searchText |
| No |
source |
| No |
excludedSource |
| No |
includeAllSystemTags |
| No |
excludedHierarchies |
| No |
limit |
| No |
id |
|
name |
|
color |
|
description |
|
source |
|
deleted |
|
systemCreated |
|
modelType |
| Yes |
modelId |
| Yes |
name |
| Yes |
id |
| No |
displayName |
| No |
source |
| No |
systemCreated |
| No |
addedBy |
| No |
deleted |
| No |
hasLeafNodes |
| No |
createdBy |
| No |
createdAt |
| No |
updatedAt |
| No |
name |
|
source |
|
addedBy |
|
deleted |
|
tag |
| Yes |
deleteHierarchy |
| No |
id |
|
name |
|
color |
|
description |
|
source |
|
deleted |
|
systemCreated |
|
createdBy |
|
createdAt |
|
updatedAt |
|
tag |
| Yes |
modelType |
| Yes |
modelId |
| Yes |
iamid |
| Yes |
userid |
| Yes |
password |
| No |
profile |
| No |
permissions |
| No |
id |
|
iamid |
|
userid |
|
bimAuthorizations |
|
iamAuthorizations |
|
authorizations |
|
permissions |
|
profile |
|
lastLogin |
|
disabled |
|
createdAt |
|
updatedAt |
|
newUserLink |
|
emailFailed |
|
emailSent |
|
iamid |
| Yes |
iamid |
| Yes |
username |
| Yes |
password |
| Yes |
authenticated |
|
token |
|
tokenExpiration |
|
profileId |
|
iamid |
| Yes |
userId |
| Yes |
iamid |
| No |
userid |
| No |
| No |
phone |
| No |
sqlUser |
| No |
about |
| No |
location |
| No |
organization |
| No |
position |
| No |
externalUserIds |
| No |
preferences |
| No |
scim |
| No |
profile |
|
permissions |
|
iamid |
|
userid |
|
authorizations |
|
updatedAt |
|
disabled |
|
lastLogin |
|
bimAuthorizations |
|
iamAuthorizations |
|
hasLogin |
|
id |
|
iamid |
|
userid |
|
bimAuthorizations |
|
iamAuthorizations |
|
authorizations |
|
permissions |
|
profile |
|
lastLogin |
|
disabled |
|
createdAt |
|
updatedAt |
|
iamid |
| Yes |
userid |
| Yes |
id |
|
iamid |
|
userid |
|
bimAuthorizations |
|
iamAuthorizations |
|
authorizations |
|
permissions |
|
profile |
|
lastLogin |
|
disabled |
|
createdAt |
|
updatedAt |
|
iamid |
| Yes |
userid |
| Yes |
originalPassword |
| Yes |
password |
| Yes |
success |
|
iamid |
| Yes |
userid |
| Yes |
disable |
| Yes |
userid |
|
disabled |
|
iamid |
| Yes |
iamId |
| Yes |
dryRun |
| Yes |
iamConfig |
| No |
plugin |
| No |
schema |
| No |
supportedActions |
| No |
type |
| No |
totalCount |
|
importedUsers |
|
refreshedUsers |
|
disabledUsers |
|
enabledUsers |
|
runningInBackground |
|
count |
|
iamid |
| Yes |
modelType |
| Yes |
modelID |
| Yes |
attributeName |
| Yes |
attributeValue |
| Yes |
id |
|
iamid |
|
userid |
|
name |
|
bimAuthorizations |
|
iamAuthorizations |
|
authorizations |
|
permissions |
|
profile |
|
lastLogin |
|
disabled |
|
createdAt |
|
updatedAt |
|
iamid |
| Yes |
modelId |
| Yes |
modelType |
| Yes |
key |
| Yes |
value |
| No |
id |
|
iamid |
|
authorizations |
|
permissions |
|
profile |
|
systemGenerated |
|
createdAt |
|
updatedAt |
|
userId |
| Yes |
| Yes |
failedEmails |
|
id |
|
displayName |
|
type |
|
oauth |
|
size |
| No |
name |
| No |
userid |
| No |
| No |
iamid |
| No |
profileIds |
| No |
excludeSystemGenerated |
| No |
excludeAdminAndGovernor |
| No |
excludeDeletediams |
| No |
excludebim |
| No |
includeDisabled |
| No |
offset |
| No |
sortField |
| No |
sortOrder |
| No |
permission |
| No |
count |
|
hits |
|
id |
|
iamid |
|
userid |
|
bimAuthorizations |
|
iamAuthorizations |
|
authorizations |
|
projectId |
|
permissions |
|
profile |
|
lastLogin |
|
disabled |
|
hasLogin |
|
groups |
|
createdAt |
|
updatedAt |
|
id |
|
iamid |
|
userid |
|
bimAuthorizations |
|
iamAuthorizations |
|
authorizations |
|
projectId |
|
permissions |
|
profile |
|
lastLogin |
|
disabled |
|
hasLogin |
|
groups |
|
createdAt |
|
updatedAt |
|
iamid |
| Yes |
id |
| Yes |
params |
| No |
profile |
|
preferences |
|
permissions |
|
iamid |
|
userid |
|
authorizations |
|
updatedAt |
|
systemGenerated |
|
disabled |
|
lastLogin |
|
lastExternalRefresh |
|
bimAuthorizations |
|
iamAuthorizations |
|
hasLogin |
|
iamid |
| Yes |
id |
| Yes |
name |
|
|
phone |
|
about |
|
location |
|
organization |
|
position |
|
externalUserIds |
|
createdAt |
|
updatedAt |
|
preferences |
|
iamid |
| Yes |
userid |
| Yes |
id |
|
name |
|
iamid |
|
groupUser |
|
userid |
| Yes |
userid |
|
iamid |
|
iamid |
| Yes |
name |
| Yes |
| No |
description |
| No |
id |
|
iamid |
|
name |
|
|
authorizations |
|
description | The group description. |
createdAt |
|
updatedAt |
|
groupId |
| Yes |
name |
| No |
| No |
description |
| No |
id |
|
iamid |
|
name |
|
|
authorizations |
|
description |
|
createdAt |
|
updatedAt |
|
groupId |
| Yes |
groupuserid |
| Yes |
groupId |
| Yes |
userid |
| Yes |
iamid |
| Yes |
id |
|
group |
|
profile |
|
createdAt |
|
updatedAt |
|
iamid |
| Yes |
groupId |
| Yes |
attributeName |
| Yes |
attributeValue |
| Yes |
id |
|
iamid |
|
name |
|
|
authorizations |
|
description |
|
createdAt |
|
updatedAt |
|
name |
| No |
ids |
| No |
userid |
| No |
iamid |
| No |
size |
| No |
offset |
| No |
sortField |
| No |
sortOrder |
| No |
nameOnly |
| No |
count |
|
hits |
|
id |
|
iamid |
|
name |
|
|
authorizations |
|
descriptions |
|
createdAt |
|
updatedAt |
|
groupId |
| Yes |
id |
|
iamid |
|
name |
|
|
authorizations |
|
descriptions |
|
createdAt |
|
updatedAt |
|
groupId |
| Yes |
offset |
| No |
size |
| No |
sortOrder |
| No |
count |
|
hits |
|
id |
|
iamid |
|
userid |
|
profile |
|
disabled |
|
group |
|
createdAt |
|
updatedAt |
|
groupId |
| Yes |
projectId |
| No |
name |
| No |
apikey |
|
keyid |
|
project |
|
name |
|
apikey |
|
authenticated |
|
token |
|
apikey |
|
userid |
|
iamid |
|
projectId |
|
authenticated |
|
token |
|
token |
|
id |
|
type |
|
iamid |
|
userid |
|
project |
|
token |
|
created |
|
lastUsed |
|
expiration |
|
name |
|
createdAt |
|
updatedAt |
|
scopes |
|
impersonationuserid |
|
impersonationiamid |
|
iamid |
| Yes |
userid |
| Yes |
keyid |
|
created |
|
project |
|
lastUsed |
|
name |
|
keyid |
| Yes |
revokedTokens |
|
GET |
|
GET |
|
GET | Gets all the frameworks |
POST | Creates a new framework |
DELETE | Deletes a framework |
GET | Gets the framework with the given framework ID |
PUT | Updates a framework |
POST | Clones a framework |
GET | Gets all versions of the framework with the given framework ID |
shortName | The short, human-readable name for the framework. | Required | - | - |
name | The official, human-readable name for the framework. | Required | - | - |
description | A description of the framework. | Required | - | - |
tags | Required | - | - |
rules | Required | - | - |
active | When | Required | - |
|
id | The Immuta-assigned unique ID for the framework. |
version | The Immuta-assigned unique ID for the version of this framework. This can be useful when auditing the changes to frameworks. |
shortName | The short, human-readable name for the framework. |
name | The official, human-readable name for the framework. |
description | A description of the framework. |
createdBy | The unique ID of the user who created the framework. |
createdAt | A timestamp of when the framework was created. |
tags |
rules |
active | If |
GET |
|
GET |
|
Return a list of webhooks the user can see. (Admins can see all webhooks; users can only see their own webhooks.) |
Return a list of valid notification actions that a webhook can be triggered by. |
Return historical records for webhook requests, including requests and responses. |
Return specified webhook by ID. |
| The request timed out. |
|
|
|
|
GET |
|
POST |
|
PUT |
|
DELETE |
|
PUT |
|
PUT |
|
PUT |
|
POST |
|
POST |
|
PUT |
|
DELETE |
|
POST |
|
iamid |
| Yes |
userid |
| Yes |
permission | Yes |
permissions | Yes |
GET |
|
GET |
|
GET |
|
GET |
|
GET |
|
GET |
|
PUT |
|
DELETE |
|
POST |
|
PUT |
|
GET |
|
GET |
|
GET |
|
POST |
|
POST |
|
POST |
|
GET |
|
Sensitive data discovery (SDD) API reference guide
To run this identifier against your data, ensure it is added to a framework.
POST
/sdd/classifier
Create an identifier.
The following request creates an identifier, saved in example-payload.json
.
POST
/sdd/template
Create an identification framework.
The following request creates an identification framework that contains 2 identifiers, saved in example-payload.json
.
GET
/sdd/classifier
List or search identifiers.
The following request lists 5 identifiers.
GET
/sdd/template
List or search identification frameworks.
The following request lists all identification frameworks.
GET
/sdd/classifier/{classifierName}
Get an identifier by name.
This request gets the identifier named MY_REGEX_IDENTIFIER
.
GET
/sdd/template/{templateName}
Get an identification framework by name.
This request gets the identification framework named MY_FIRST_FRAMEWORK
.
GET
/sdd/template/global
View the current global framework.
This request gets the current global framework information.
PUT
/sdd/template/apply
Apply an identification framework to a set of data sources.
This request applies the MY_FIRST_FRAMEWORK
framework to the Public Case
data source.
POST
/sdd/run
Run SDD on specified data sources.
This request runs SDD on the data source Public Case
.
This request runs SDD on all your data sources.
This request runs SDD on the Medical Claims data source with the PII_REVISION
framework, but will not tag any columns if matches are found.
PUT
/sdd/classifier/{classifierName}
Update an identifier. Partial updates are not supported.
The following request updates the name and description of the MY_REGEX_IDENTIFIER
identifier.
Payload example
POST
/sdd/template/{templateName}/clone
Clone an identification framework.
This request clones the MY_FIRST_FRAMEWORK
identification framework.
Payload example
PUT
/sdd/template/{templateName}
Update an identification framework.
The following request updates the name of, description of, and identifiers in the MY_FIRST_FRAMEWORK
identification framework.
Payload example
DELETE
/sdd/classifier/{classifierName}
Delete an identifier.
The following request deletes the REGULAR_EXPRESSION
identifier.
DELETE
/sdd/template/{templateName}
Delete an identification framework.
The following request deletes the HEALTH_DATA
identification framework.
.
.
The tags used in the framework and the sensitivity attached to them. Each tag used must have a tags object. See the tags for child parameters.
The rules used to apply the tags in the framework. See the rules for child parameters.
The tags used in the framework and the sensitivity attached to them. See the tags for child parameters.
The rules used to apply the tags in the framework. See the rules for child parameters.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
string
The permission to remove. See for a list of Immuta permissions.
array[string]
A list of the user's permissions. This list is going to be a comprehensive list of all of the user's permissions. See for a list of Immuta permissions.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Method | Path | Purpose |
---|---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Method | Path | Purpose |
---|---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Method | Path | Purpose |
---|---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
Attribute | Description | Required |
---|---|---|
Attribute | Description |
---|---|
name
string
Unique, request-friendly identifier name. Must be uppercase letters or numbers.
Yes
displayName
string
Unique, human-readable identifier name.
Yes
description
string
The identifier description.
Yes
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
Yes
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
. The config object must include one of the following: config.regex
, config.columnNameRegex
, or config.values
.
Yes
config.tags
array[string]
The default resulting tags to apply when the identifier is matched; they must begin with Discovered .
.
No
config.regex
string
A case-insensitive regular expression to match against column values.
No
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
No
config.values
array[string]
The list of words included in the dictionary to match against column values.
No
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive. Defaults to false
.
No
config.minConfidence
integer
Apply tags when the identifier match is at least this percentage. Not supported for native SDD. Must be between 0 and 1.
Yes
createdBy
array
Includes details about the user who created the identifier, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly identifier name.
displayName
string
Unique, human-readable identifier name.
description
string
The identifier description.
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
config.tags
array[string]
The default resulting tags to apply to the data source when the identifier is matched.
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
config.regex
string
A case-insensitive regular expression to match against column values.
config.values
array[string]
The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive.
config.minConfidence
integer
Apply tags when the identifier match is at least this percentage. Not supported for native SDD.
createdAt
date
When the identifier was created.
updatedAt
date
When the identifier was last updated.
name
string
Unique, request-friendly framework name. Must be uppdercase letters or numbers.
Yes
displayName
string
Unique, human-readable framework name.
Yes
description
string
The framework description.
Yes
classifiers
array
The identifiers to include in the framework and any additional overrides for those identifiers.
Yes
classifiers.name
string
The name of the identifier to include in the framework.
Yes
classifiers.overrides
array
The overrides to modify the identifier for this framework.
No
classifiers.overrides.tags
array
The resulting tags to apply when the identifier is matched. These tags will override the identifier's default tags and must begin with Discovered .
.
No
id
integer
The unique ID of the framework.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.
GET
sdd/classifier
GET
sdd/template
GET
sdd/classifier/{classifierName}
GET
sdd/template/{templateName}
GET
sdd/template/global
sortField
string
The field to sort the search results: id
, name
, displayName
, type
, createdAt
, or updatedAt
.
No
sortOrder
string
Denotes whether to sort the results in ascending (asc
) or descending (desc
) order. Default is asc
.
No
offSet
integer
Use in combination with limit
to fetch pages.
No
limit
integer
Limits the number of results displayed per page.
No
type
array[string]
Searches based on identifier type: regex
, dictionary
, builtIn
, or columnNameRegex
.
No
searchText
string
A partial, case-insensitive search on name.
No
count
integer
The number of identifiers found matching the search criteria.
createdBy
array
Includes details about the user who created the identifier, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly identifier name.
displayName
string
Unique, human-readable identifier name.
description
string
The identifier description.
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
config.tags
array[string]
The default resulting tags to apply when the identifier is matched.
config.columnNameRegex
string
A case-insensitive regular expression to optionally match against column names.
config.regex
string
A case-insensitive regular expression to match against column values.
config.values
array[string]
The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive.
createdAt
date
When the identifier was created.
updatedAt
date
When the identifier was last updated.
sortField
string
The field to sort the search results: id
, name
, displayName
, type
, createdAt
, or updatedAt
.
No
sortOrder
string
Denotes whether to sort the results in ascending (asc
) or descending (desc
) order. Default is asc
.
No
offSet
integer
Use in combination with limit
to fetch pages.
No
limit
integer
Limits the number of results displayed per page.
No
classifiers
array[string]
Filters framework results to those containing the specified identifiers.
No
searchText
string
A partial, case-insensitive search on the framework name.
No
count
integer
The number of identification frameworks found matching the search criteria.
id
integer
The unique ID of the framework.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.
classifierName
string
The name of the identifier.
Yes
id
integer
The unique ID of the identifier.
createdBy
array
Includes details about the user who created the identifier, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly identifier name.
displayName
string
Unique, human-readable identifier name.
description
string
The identifier description.
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
config.tags
array[string]
The name of the resulting tags to apply to the data source.
config.columnNameRegex
string
A case-insensitive regular expression to optionally match against column names.
config.regex
string
A case-insensitive regular expression to match against column values.
config.values
array[string]
The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive.
createdAt
date
When the identifier was created.
updatedAt
date
When the identifier was last updated.
templateName
string
The name of the identification framework.
Yes
id
integer
The unique ID of the framework.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.
id
integer
The unique ID of the framework.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.
template
string
The name of the identification framework to apply to the data sources. null
to clear current framework, and the data source will use the global framework.
Yes
sources
string
The name of the data sources to apply the framework to.
Yes
success
boolean
When true
, the request was successful.
sources
string
The name of the data sources to apply the identification framework to.
Yes
all
boolean
If true
, SDD will run on all Immuta data sources.
No
wait
integer
The number of seconds to wait for the SDD jobs to finish. The value -1
will wait until the jobs complete. Default is -1
.
No
dryRun
boolean
When true
, SDD will not update the tags on the data source(s). Instead of applying tags, SDD returns the tags that would be applied to the data source. This allows users to evaluate whether or not identifiers or frameworks are applying tags correctly without updating the data source. Default is false
.
No
template
string
If passed, Immuta will run SDD with this framework instead of the applied framework on the data source(s). Passing template
when dryRun
is false
will cause an error.
No
id
string
The unique identifier of the job.
state
string
The job state. Statuses include created
, retry
, active
, completed
, expired
, cancelled
, or failed
.
output
array[string]
Information about the tags applied on the data source, including diff
(added
and removed
tags) and the current state of allTags
on all columns in the data sources.
PUT
/sdd/classifier/{classifierName}
POST
sdd/classifier/template/{templateName}/clone
PUT
/sdd/template/{templateName}
classifierName
string
The name of the identifier to update.
Yes
name
string
Unique, request-friendly identifier name. Must be uppercase letters or numbers.
Yes
displayName
string
Unique, human-readable identifier name.
Yes
description
string
The identifier description.
Yes
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
Yes
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
. The config object must contain one of the following: config.regex
, config.columnNameRegex
, or config.values
.
Yes
config.tags
array[string]
The default resulting tags to apply when the identifier is matched; they must begin with Discovered .
.
No
config.regex
string
A case-insensitive regular expression to match against column values.
No
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
No
config.values
array[string]
The list of words included in the dictionary to match against column values.
No
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive. Defaults to false
.
No
config.minConfidence
integer
Apply tags when the identifier match is at least this percentage. Not supported for native SDD. Must be between 0 and 1.
Yes
createdBy
array
Includes details about the user who created the identifier, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly identifier name.
displayName
string
Unique, human-readable identifier name.
description
string
The identifier description.
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
config.tags
array[string]
The default resulting tags to apply to the data source when the identifier is matched.
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
config.regex
string
A case-insensitive regular expression to match against column values.
config.values
array[string]
The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive.
createdAt
date
When the identifier was created.
updatedAt
date
When the identifier was last updated.
templateName
string
The name of the identification framework to clone.
Yes
name
string
Unique, request-friendly framework name for the cloned framework.
Yes
displayName
string
Unique, human-readable framework name for the cloned framework.
Yes
description
string
The cloned framework description.
No
id
integer
The unique ID of the framework.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.
templateName
string
The name of the identification framework to update.
Yes
name
string
Unique, request-friendly framework name. Must be uppercase letters or numbers.
Yes
displayName
string
Unique, human-readable framework name.
Yes
description
string
The framework description.
Yes
classifiers
array
The identifiers to include in the framework and any additional overrides for those identifiers.
Yes
classifiers.name
string
The name of the identifier to include in the framework.
Yes
classifiers.overrides
array
The overrides to modify the identifier for this framework.
No
classifiers.overrides.tags
array
The resulting tags to apply when the identifier is matched. These tags will override the identifier's default tags and must begin with Discovered .
.
No
id
integer
The unique ID of the framework.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.
DELETE
/sdd/classifier/{classifierName}
DELETE
/sdd/template/{templateName}
classifierName
string
The name of the identifier to delete.
Yes
createdBy
array
Includes details about the user who created the identifier, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly identifier name.
displayName
string
Unique, human-readable identifier name.
description
string
The identifier description.
type
string
The type of identifier: regex
, dictionary
, columnNameRegex
, or builtIn
.
config
object
The configuration of the identifier, which includes config.values
, config.caseSensitive
, config.regex
, config.columnNameRegex
, and config.tags
.
config.tags
array[string]
The default resulting tags to apply to the data source when the identifier is matched.
config.columnNameRegex
string
A case-insensitive regular expression to match against column names.
config.regex
string
A case-insensitive regular expression to match against column values.
config.values
array[string]
The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean
Indicates whether or not values
are case sensitive.
createdAt
date
When the identifier was created.
updatedAt
date
When the identifier was last updated.
templateName
string
The name of the identification framework to delete.
Yes
id
integer
The unique ID of the framework.
createdBy
array
Includes details about the user who created the framework, such as their profile id
, name
, and email
.
name
string
Unique, request-friendly framework name.
displayName
string
Unique, human-readable framework name.
description
string
The framework description.
classifiers
array
The identifiers in the framework and any overrides for those identifiers.
createdAt
date
When the framework was created.
updatedAt
date
When the framework was last updated.