JUMP TOOAuth and OIDCOpenID ConnectAuthorize device to use OIDC.postGet provider's metadata.getGet the access token.postCreate a dynamic client.postRevoke the token.postGet the provider's JSON Web Key Set (JWKS).getAuthorize the user to use OIDC.postAuthorize the user to use OIDC.getRead a dynamic client.getDelete a dynamic client.deleteIntrospect the token.postRetrieve user informationpostRetrieve user informationgetUsers & GroupsUsers Management Version 2.0Get the list of supported header names.getChange the authenticated user's password.postThe bulk request that clients use to send a potentially large collection of resource operations in a single request. For a PUT, PATCH, or POST, the data in the operation is the resource data as for a single SCIM request.postAuthenticate a user name and password.postRetrieves a list of CSV import requests that belong to the specified tenant.getCreates a user in Cloud Directory. The users are created for a specific tenant that is specified in the request. Users are either created to use Cloud Directory as an identity source or as a just-in-time provisioning sequence when the user is authenticated at a remote identity source such as an enterprise authentication.postRetrieves a list of users that belong to a specified tenant and match the search filter criteria.getRetrieves the total number of users under a tenant in the Cloud Directory.getDeprecated - Modify a custom schema attribute for the specified tenant in Cloud DirectoryputDeprecated - Retrieve the details of a schema attribute in Cloud Directory for a tenant.getDeprecated - Delete a custom schema attribute for the specified tenant in Cloud Directory.deleteCancels a CSV import request for the specified tenant.putRetrieves the details of a CSV import request that belong to the specified tenant.getDeletes a CSV import request from the specified tenant.deleteReplaces the user's attributes in Cloud Directory. On Success, the return response contains the details of the user and includes any groups to which the user belongs. The HTTP PUT method is used to replace the resource's attributes. For example, clients that previously retrieved the entire resource and revised it, can replace the resource by using an HTTP PUT.putRetrieves the details of a user in Cloud Directory for a tenant. The details that are returned include the group information for each group to which the user belongs. The details also specify whether the user is a federated user or a regular user.getDeletes a user from a specified tenant in Cloud Directory. The user is also removed from any groups to which the user belongs.deleteModify a user's attributes in Cloud Directory. It can be used to update one or more attributes.patchImport users for the specified tenant from a comma separated value (CSV) file.postReset a user's password.patchReplaces the authenticated user's attributes in Cloud Directory.putRetrieves the account details of the authenticated user in Cloud Directory.getDelete the authenticated user's Cloud Directory user account. The user is also removed from any groups to which the user belongs.deleteDeprecated - Create a custom schema attribute to extend the SCIM API model for managing user accounts.postDeprecated - Retrieve the list of a schema attributes in Cloud Directory for a tenant.getRetrieves the SCIM capabilities enabled for the tenant.getCompare a clear text value to a custom hashed attribute value for a user.postGroups Management Version 2.0Updates the group's attributes for a specified tenant.putRetrieves the details of a group for a specified tenant. On Success, the returned response contains the details of the group that include the members that are in the group.getDelete a group from a specified tenant. If a group has more than 10,000 members then the members will not be notified when the group is deleted.deleteThis API is used to modify a group's attributes. It can be used to update one or more attributes.patchRetrieves the total number of groups under a tenant in the Cloud Directory.getImport groups for the specified tenant from a comma separated value (CSV) file.postCreates a group for a specified tenant.postRetrieves a list of groups that belong to the specified tenant and match the search criteria.getAccount expiration configurationSet the account expiration config.putRetrieve the global configuration for attribute mapping that can be overridden in individual identity providers.getUser Self Care APIInitiate a reset password request by using an authentication mechanism.postValidates the authentication attempt that is associated with the current step in the username recovery flow.postInitiate a forgot username request by using an authentication mechanism.postValidates the authentication attempt that is associated with the current step in the reset password flow.postReset the user's forgotten password.putRecover the user's forgotten user name.putPassword Policy Management 2.0Update the password policy for a specified tenant.putGet the password policy for a specified tenant.getAttribute managementAttributesCreates an attributepostLists all attributesgetBulk management operations of attributespatchModifies an attributeputGets an attributegetDeletes an attributedeleteModifies selected properties of an attributepatchGets the list of existing attribute tagsgetRetrieves the list of attribute functions that are configured for the specified tenantgetAttribute EvaluationPreview the value that would be computed for this attribute.postApplication managementApplication AccessGet attribute values delta for an account for the application.getRetry a failed operationpostCreate custom rule.postCreates an instance of an application for a tenant.postGets the list of all applications that were onboarded by tenant administrator.getUpdates entitlements to an application.postFetches the entitlements of an application.getChecks if the auth policy is configured with an application.getGets details of the specified operationgetUpdates the attributes of an application accessible to the owner.putFetches the details of an application accessible to owner.getGets the list of all the operations that are performed on accounts of this tenant.getFetches the applications that are entitled to a user.getGets the list of all applications that were onboarded by tenant administrator using search by attribute like sourceId.getUpdate custom rule.putGet rule definition.getGet Last run reconciliation status for an application.getGets the account details of given account associated with an application.getRemediate an account for given application for a tenant.postRetry a list of failed operations.postGets the summary stats of all applications for a given tenant.getStart reconciliation for the application.postProvides mechanism to adopt an Orphan accountpostSearches for the applications of an owner.getGets the list of accounts for the specified application.getUpdates an application.putGets the details of an application.getDeletes the application that is specified by the application ID.deleteSuspend/Restore/Orphan/Unmanage/deprovision an Account identified by this applicationId, userId.postReturns all the operations that were part of the reconciliationgetGets the Application account list details for specified reconciliation id.getStop reconciliation for given reconciliation of an application.postGets reconciliation adoption stats details of reconciliation for an application.getGet All reconciliation status for all application of given tenant.getRetrieves all supporting data for a given application.getChecks if the identity source is configured with an application.getAPI to determine if a user is entitled to an application.postEntitlement ManagementGet the entitlements granted to a group.getAdd or remove one or more children for an entitlement.postFind the children of an entitlement.getGrant or revoke an entitlement to one or more users and groups.postDelete an entitlement.deleteGet the entitlement details.getUpdate an entitlement.patchGet the entitlements that are granted to a user.getCheck if a user is granted to an application.postCheck if a user is granted to an application.getGrant or revoke one or more entitlements to a group.postSearch the assignments.postUpdate the rights values of a role.patchCreates a new entitlement.postGet the right values of a permission assigned to a user.getGrant or revoke one or more entitlements to a user.postGet the entitlements granted to the logged user.getGet the rights values associated to an assignment.getUpdate the rights values of an assignment.patchPublish or discard an entitlement.patchGet the list of user added to or removed from dynamic entitlement.postSearch the entitlements.postGet all the applications that are granted to a user.getAuthenticationIdentity SourcesCreate an identity source instance for a tenant.postRetrieve all the identity source instances of the tenant.getRetrieve all the identity source instances of the tenant that use the passord policy ID's specified in the 'search' query parameter.getRetrieve all the identity source instances of the tenant that have this property name and value.getUpdate an identity source instance of the tenant with the specified instance ID.putRetrieve the details of a particular identity source instance of the tenant with the specified instance ID.getDelete an identity source instance of the tenant with the specified instance ID.deleteFIDOInitiate a FIDO registration.postRetrieve the list of FIDO registrations.getComplete a FIDO authentication.postResolve an rpId.postUpdate a FIDO registration.putRetrieve a FIDO registration.getDelete a FIDO registration.deleteInitiate a FIDO authentication.postComplete a FIDO registration.postQR Code LoginRetrieve a QR code login verification.getCreate a QR code login verification.getAttempt a QR code login verification.postCancel a QR code login verification.deleteQR Code Login ConfigurationUpdate the QR code login configuration.putRetrieve the QR code login configuration.getAuthentication Manage User SessionsDelete random session for the user.deletereCAPTCHAUpdate a reCAPTCHA configurationputRetrieve a reCAPTCHA configurationgetDelete a reCAPTCHA configurationdeleteCreate a reCAPTCHA configurationpostRetrieve the list of reCAPTCHA configurationsgetPassword AuthenticationRetrieve the list of valid password based identity sources.getChange a user's password for an identity source.putAttempt password authentication with an identity source.postReset a user's password for an identity source.postIdentity Source TypesRetrieve the details of a particular identity source types.getRetrieve the metadata of a particular SAML Enterprise.getRetrieve the details of all the identity source types.getFIDO ConfigurationCreate a relying party configuration.postRetrieve the list of relying party configurations.getCreate a metadata entry.postRetrieve the list of metadata entries.getUpdate a relying party configuration.putRetrieve a relying party configuration.getDelete a relying party configuration.deleteUpdate a metadata entry.putRetrieve a metadata entry.getDelete a metadata entry.deleteSocial JWT ExchangeExchange a valid social JWT for an IBM Security Verify access token.postAuthentication Token ExchangeExchange a valid bearer token for an authenticated browser sessiongetMulti-factor authenticationVoice One-time PasswordCreate a transient voice one-time password verification.postCreate a voice one-time password enrollment.postRetrieve the list of voice one-time password enrollments.getAttempt a voice one-time password verification.postRetrieve a voice one-time password verification.getCancel a voice one-time password verification.deleteCreate a voice one-time password verification.postAttempt a transient voice one-time password verification.postRetrieve a transient voice one-time password verification.getCancel a transient voice one-time password verification.deleteUpdate a voice one-time password enrollment.putRetrieve a voice one-time password enrollment.getDelete a voice one-time password enrollment.deleteKnowledge QuestionsCreate a knowledge question enrollment.postRetrieve the list of knowledge question enrollments.getCreate a knowledge question verification.postUpdate a knowledge question enrollment.putRetrieve a knowledge question enrollment.getDelete a knowledge question enrollment.deleteAttempt a knowledge question verification.postRetrieve a knowledge question verification.getDelete a knowledge question verification.deleteTime-based One-time Password 2.0Create a time-based one-time password enrollment.postRetrieve the list of time-based one-time password enrollments.getUpdate a time-based one-time password enrollment.putAttempt a time-based one-time password verification.postRetrieve a time-based one-time password enrollment.getDelete a time-based one-time password enrollment.deleteOne-time PasswordAttempt a one-time password verification.postRetrieve a one-time password verification.getCancel a one-time password verification.deleteCreate a one-time password verification.postAuthentication Factors 2.0Discover the availability of all authentication factors.getRetrieve the list of authentication factor enrollments.getDiscover the availability of an authentication factor.getEmail One-time Password 2.0Create a email one-time password verification.postCreate a email one-time password enrollment.postRetrieve the list of email one-time password enrollments.getAttempt a transient email one-time password verification.postRetrieve a transient email one-time password verification.getCancel a transient email one-time password verification.deleteCreate a transient email one-time password verification.postAttempt a email one-time password verification.postRetrieve a email one-time password verification.getCancel a email one-time password verification.deleteUpdate a email one-time password enrollment.putRetrieve a email one-time password enrollment.getDelete a email one-time password enrollment.deleteAuthenticatorsRetrieve the list of registered authenticators.getComplete or refresh an authenticator registration.postComplete a specific verification transaction.postRetrieve a specific verification transaction.getUpdate the editable attributes of a specific authenticator registration.putRetrieve a specific authenticator registration.getDelete a specific authenticator registration.deleteUpdate the editable attributes of a specific authenticator registration.patchRetrieve the list of available authenticator clients.getInitiate a verification transaction.postRetrieve the list of verification transactions.getInitiate an authenticator registration.postSMS One-time Password 2.0Create a transient SMS one-time password verification.postCreate a SMS one-time password enrollment.postRetrieve the list of SMS one-time password enrollments.getUpdate a SMS one-time password enrollment.putRetrieve a SMS one-time password enrollment.getDelete a SMS one-time password enrollment.deleteCreate a SMS one-time password verification.postAttempt a transient SMS one-time password verification.postRetrieve a transient SMS one-time password verification.getCancel a transient SMS one-time password verification.deleteAttempt a SMS one-time password verification.postRetrieve a SMS one-time password verification.getCancel a SMS one-time password verification.deleteSignature AuthenticationUpdate the editable attributes of a specific signature enrollment.putRetrieve a specific signature enrollment.getDelete a specific signature enrollment.deleteUpdate the editable attributes of a specific signature enrollment.patchEnroll a signature authentication method.postRetrieve the list of signature enrollments.getFederationOpenID Connect Grant ManagementRetrieves a specific OIDC grant.getDeletes a specific OIDC grant.deleteRetrieves a specific OIDC grant.getDeletes a specific OIDC grant.deleteRetrieves the list of OIDC grants.getBulk delete, disable, or enable OIDC grants.patchRetrieves the list of OIDC grants.getBulk delete, disable, or enable OIDC grants.patchRetrieves a specific OIDC grant.getDeletes a specific OIDC grant.deleteRetrieves the list of OIDC grants.getBulk delete, disable, or enable OIDC grants.patchSAML 2.0 Alias ManagementRetrieves a specific aliasgetDeletes a specific aliasdeleteRetrieves the list of aliases belonging to usergetRetrieves a specific alias belonging to usergetDeletes a specific alias belonging to userdeleteRetrieves the list of aliasesgetSAML 2.0 Federations ManagementUpdate a FederationputGet a FederationgetGet all FederationsgetExports a federation metadatagetWS Federation ManagementEnable WS-Federation audit trace for the tenantpostEnable WS-Federation audit tracepostOpenID Connect Dynamic Client ProfileUpdate dynamic client profile.putRead dynamic client profile.getIdentity Provider Attribute MappingsSet the global attribute mappings for identity sources.putRetrieve the global configuration for attribute mapping that can be overridden in individual identity providers.getOpenID Connect FederationUpdates the OpenID Connect federation configuration.putRetrieves the OpenID Connect federation configuration.getAccess & Risk PoliciesAccess Policy Management V5.0retrieve the revisions for an access policygetcreate an access policypostretrieve access policiesgetupdate a access policy revisionputretrieve a revision for an access policygetdelete an access policy revisiondeleteupdate a access policyputcreate an access policy revisionpostretrieve a access policygetdelete an access policydeleteBranding & customizationCustomization - ThemesRegister a new themepostList all the themesgetUpdate a theme registrationputDownload theme-based templatesgetDelete a theme registrationdeleteUpdate a specific template file for a themeputDownload a specific template file from a themegetDeletes a customization for a specific template file in a themedeleteReset customizationsdeleteLifecycle & GovernanceAccess Request Management V1.0Send a reminder to all approvers of a requestpostFind all requestable applications in the catalog.getCreate a workflow configuration.postFind a workflow configuration.getExecute actions for a list of requestspostCancel a list of requestspostCreate a self requestpostSearch the self requestsgetDelete all the requests that are filtered by one or more query parameters.deleteSearch requests of an approvergetDelete a request by iddeleteGet request detailsgetAdd a justificationpostReplace an existing workflow configuration.putFind a workflow configuration by ID.getDelete a workflow configuration.deleteAdapter ManagementGet webui template in the system for a given profile id and template id.getList all profiles using the attribute.getPublish the profilepostUpdate draft in system.putGet details of the specified profilegetDelete specified profiledeleteGet default webui template in the system for a given template id.getCreate draft in system.postGet all custom profiles in system.getGet all profiles in system for a tenant with a given template id.getCertification Campaign assignmentsModify a given assignment.putRetrieve a specific assignment.getRetrieve all assignments in a given campaign instance.postRetrieve all assignments in a given campaign instancegetRetrieve all assignments in a given campaign instance.postRetrieve all assignments, in a given campaign instance.getRefresh assignments in a continuous campaign.postModify a given set of assignments.patchAdd new assignments to a continuous campaign.postAdd new assignments to a continuous campaign instance.postModify a given set of assignments.patchModify a given assignment.putRetrieve a specific assignment.getCertification Campaign instancesRetrieve instances corresponding to a specific campaign configuration.getRetrieve campaign instances.getModify campaign instances.patchModify specific campaign instance.putRetrieve a specific campaign instance.getRetrieve campaign instances.getRetrieve instances corresponding to a specific campaign configuration.getCreate a preview campaign.postRetrieve specific campaign instance.getCertification Campaign configurationsEdit specific campaign configuration.putRetrieve a specific campaign configuration.getDelete specific campaign configuration.deleteCreate a campaign configuration.postRetrieve the campaign configurations.getEdit campaign configurations.patchAccess ManagementSubmit access request for selfpostGet the list of accesses for raising request.postProvisioning ManagementUpdate provisioning policy for an application. In addition resends all events for the application.putCreate a provisioning policy for an applicatication. Provisioning policy enables or disables publishing of provisioning events for the application.postGet provisioning policy for an application.getDelete provisioning policy for an application.deleteCertification Campaign statisticsRetrieve statistics of specific assignments within a given instance.getRetrieve statistics of specific assignments.getRetrieve statistics of specific campaign instances.getRetrieve statistics of specific campaign instances.getRetrieve campaign statistics.getRetrieve statistics of specific assignments within a given instance.getRetrieve statistics of specific assignments.getServiceabilityGet the attributes for an active Dynamic Role.getIdentity agentsAgent Bridge Support ServiceRetrieve corrupted agent configuration(s) which can't be decrypted due to missing certificategetCreate an agent configuration.postRetrieve agent configurations.getUpdate a specific agent configuration.putRetrieve a specific agent's configuration.getDelete an agent configuration.deleteRetrieve the API Client credentials.getData privacy & consentData Privacy and Consent ManagementRetrieve a specific consent record.getDelete a specific consent record from a tenant.deleteRetrieve a list of consent records.getBulk delete consent records.patchData Privacy and ConsentProvides the data usage approval.postPresents the data subject information to the user.postCreate or update a consent record.postBulk create or patch consent records.patchEvent analytics & reportsAnalytics - Risk InsightsUpdate remediation action documents in IAM Analytics database.putCreate remediation action documents in IAM Analytics database.postQuery metadata for a specific entity Id from IAM Analytics database.getQuery Summary of all the supported entities in IAM Analytics database.getFetch the deleted records for specified name of entitygetCreate custom action definition in IAM Analytics database.postDelete action definitions in IAM Analytics database.deleteQuery Summary of the specific entity - users for IAM Analytics database.getQuery Summary of the specific entity - users for IAM Analytics database.getQuery resources from IAM Analytics database. For a valid resource request, the endpoints will retrieve the resource data from the backend database.getQuery metadata for an entity from IAM Analytics database.getQuery resources from IAM Analytics database. For a valid resource request, the endpoints will retrieve resource data from the backend database.getQuery Summary of the specific entity - policyviolations for IAM Analytics database.getUpdate action documents in IAM Analytics database.putQuery Summary of the specific entity - application for IAM Analytics database.getQuery supported actions from IAM Analytics database.getReportsExport reports for a specified tenant into CSV file.postRun a report.postEventsGet all events for a tenant.getAuthentication ConfigurationTime-based One-time Password Configuration 2.0Update the time-based one-time password configuration.putRetrieve the time-based one-time password configuration.getKnowledge Questions ConfigurationUpdate a knowledge questions configuration profile.putRetrieve a knowledge questions configuration profile.getRetrieve the list of knowledge questions configuration profiles.getSMS One-time Password Configuration 2.0Update the SMS one-time password configuration.putRetrieve the SMS one-time password configuration.getSignature Authentication ConfigurationUpdate the signature authentication method configuration.putRetrieve the signature authentication methods configuration.getUpdate the signature authentication methods configuration.patchAuthenticator ClientsUpdate the metadata attributes of an authenticator client.putRetrieve the metadata of a specific authenticator client.getUpdate the metadata attributes of an authenticator client.patchUpdate the editable attributes of a specific authenticator client.putRetrieve a specific authenticator client.getDelete a specific authenticator client.deleteUpdate the editable attributes of a specific authenticator client.patchCreate an authenticator client.postRetrieve the list of authenticator clients.getEmail One-time Password Configuration 2.0Update the email one-time password configuration.putRetrieve the email one-time password configuration.getOne-time Password Configuration 2.0Update the one-time password configuration.putRetrieve the one-time password configuration.getVoice One-time Password ConfigurationUpdate the voice one-time password configuration.putRetrieve the voice one-time password configuration.getGeneral configurationAPI ClientsGets a YAML response that contains the credentials for a specific client.getUpdates a specific API clientputGets a specific API clientgetDeletes an API clientdeleteCreate an API ClientpostLists the API ClientsgetBulk deletes the API clientspatchMdmbroker 1.0 Device-manager ConfigurationUpdate a device-managerputGet a device-managergetDelete a device-managerdeleteUpdate a device-manager with PATCHpatchLists uniqueuseridentifiersgetLists device informationgetDelete user devicedeleteLists your own device informationgetDeletes your own devicedeleteUpdate the device-manager's identitysource statusputCreate a device-managerpostLists device-managersgetTest a device-manager connectionpostTest a device-manager connectionputGet trusted certificatesgetPush Credentials ManagementCreate a set of mobile push provider credentials.postGet all the sets of configured mobile push provider credentials.getUpdate a specific set of configured mobile push provider credentials.putGet a specific set of configured mobile push provider credentials.getDelete a specific set of configured mobile push provider credentials.deleteTenant Properties API 2.0Replaces the tenant properties for the specified tenant.putRetrieves a list of tenant properties for the specified tenant.getAdmin Entitlement ManagementGrant or revoke one or more admin entitlements to a user.postPublish or discard an admin entitlement.patchGet the list of user added to or removed from dynamic admin entitlement.postFind the admin entitlements that are granted to the user that is logged in.getFind the admin entitlements that are granted to a group.getCreate an admin entitlement.postGet the list of admin entitlements.postGrant or revoke an admin entitlement to one or more users and groups.postDelete an admin entitlement.deleteGet an admin entitlement.getUpdate an admin entitlement.patchGet the list of admin assignments.postGrant or revoke one or more admin entitlements to a group.postAdd or remove one or more children for an admin entitlement.postGet the children of an admin entitlement.getFind the admin entitlements that are granted to a user.getCertificatesGets the signer certificate with the given label.getDelete a signer certificate.deleteUpdate a personal certificate.putGet a single personal certificate with the specified label.getDelete a personal certificate.deleteImports a signer certificate.postGets the list of signer certificates.getImport or generate a personal certificate.postGets the list of personal certificates.getSession Exchange ConfigurationSet the session exchange config.putRetrieve the configuration for session exchange.getPassword VaultPassword VaultUpdate a password vault enrollment.putRetrieve a password vault enrollment.getDelete a password vault enrollment.deleteUpdate a password vault resource.putRetrieve a password vault resource.getDelete a password vault resource.deletePassword Vault ConfigurationUpdate the password vault configuration.putRetrieve the password vault configuration.getDeprecated APIsCustomization - Templates (deprecated)Deprecated - Download templatesgetDeprecated - Upload Template CustomizationspostOpenID Connect Consent Management (deprecated)Deprecated - Retrieves a specific OIDC consent.getDeprecated - Deletes a specific OIDC consent.deleteDeprecated - Retrieves a specific OIDC consent.getDeprecated - Deletes a specific OIDC consent.deleteDeprecated - Bulk scope/entitlement removal of OIDC consents.patchDeprecated - Retrieves a specific OIDC consent.getDeprecated - Deletes a specific OIDC consent.deleteDeprecated - Retrieves the list of OIDC consents.getDeprecated - Bulk delete OIDC consents.patchDeprecated - Retrieves the list of OIDC consents.getDeprecated - Bulk delete, or scope and entitlement removal of OIDC consents.patchDeprecated - Retrieves the list of OIDC consents.getDeprecated - Bulk delete, or scope and entitlement removal of OIDC consents.patchCreate a workflow configuration.post https://{tenant_url}/v1.0/workflowsEntitlements required: manageAccessWorkflow [Manage Access Request Work Flows]