Predict SOD violations for identity.

POST {{baseUrl}}/sod-violations/predict

This API is used to check if granting some additional accesses would cause the subject to be in violation of any SOD policies. Returns the violations that would be caused.

A token with ORG_ADMIN or API authority is required to call this API.

Request Body

{"identityId"=>"2c91808568c529c60168cca6f90c1313", "accessRefs"=>[{"type"=>"ENTITLEMENT", "id"=>"2c918087682f9a86016839c050861ab1", "name"=>"CN=Information Access,OU=test,OU=test-service,DC=TestAD,DC=local"}, {"type"=>"ENTITLEMENT", "id"=>"2c918087682f9a86016839c0509c1ab2", "name"=>"CN=Information Technology,OU=test,OU=test-service,DC=TestAD,DC=local"}]}

HEADERS

Key	Datatype	Required	Description
`Content-Type`	string
`Accept`	string

RESPONSES

status: OK

{&quot;violationContexts&quot;:[{&quot;policy&quot;:{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;id&quot;:&quot;0f11f2a4-7c94-4bf3-a2bd-742580fe3bde&quot;,&quot;name&quot;:&quot;Business SOD Policy&quot;},&quot;conflictingAccessCriteria&quot;:{&quot;leftCriteria&quot;:{&quot;criteriaList&quot;:[{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:true},{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:false}]},&quot;rightCriteria&quot;:{&quot;criteriaList&quot;:[{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:true},{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:false}]}}},{&quot;policy&quot;:{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;id&quot;:&quot;0f11f2a4-7c94-4bf3-a2bd-742580fe3bde&quot;,&quot;name&quot;:&quot;Business SOD Policy&quot;},&quot;conflictingAccessCriteria&quot;:{&quot;leftCriteria&quot;:{&quot;criteriaList&quot;:[{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:true},{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:false}]},&quot;rightCriteria&quot;:{&quot;criteriaList&quot;:[{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:true},{&quot;type&quot;:&quot;ENTITLEMENT&quot;,&quot;existing&quot;:false}]}}}]}