Collections

Collections allow an admin to assign multiple resources at one time to a user

See Resource collections for more information.

Create a resource collection
Beta
Admin roles:
  • Application Administrator
OAuth 2.0:
  • okta.governance.collections.manage

Creates an empty resource collection

Request
Request Body schema: application/json
required

The writeable attributes of a resource collection

name
required
string [ 1 .. 255 ] characters

The name of a resource collection

description
string [ 1 .. 1000 ] characters

The human-readable description

Responses
201

Response to a successful resource collection creation operation

400

A request failed validation

401

When authentication fails

403

When authorization fails

429

When the rate limit has been exceeded

500

When there is a server fault due to an unexpected error

post/governance/api/v1/collections
Request samples
application/json

Request body for creating a new resource collection

{
  • "name": "Core Engineering Access",
  • "description": "Birthright access for all FTE engineers"
}
Response samples
application/json

Full response details for a resource collection

{
  • "id": "cole8sBBMFDxPgcHx0g3",
  • "name": "Core Engineering Access",
  • "description": "Birthright access for all FTE engineers",
  • "created": "2024-07-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2024-07-24T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "_links": {
    • "resources": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources"
      }
    }
}

List all resource collections
Beta
Admin roles:
  • Application Administrator
OAuth 2.0:
  • okta.governance.collections.read

Lists all resource collections

Request
query Parameters
after
string

The pagination cursor that points to the last record of the previous request.

Example: after=00u68w6vzKLultXS97g6
filter
string <scim-filter> <= 255 characters

A filter expression that filters data based on id or name resource collection properties. The sw operator is supported for name and the eq operator is supported for id.

Note: Query parameter percent encoding is required. See Percent-encoding.

Examples:
filter=name%20sw%20%22Sales%22
Search for resource collections with "coljqM9a9xerZfRpp0g2" or "coljrNAph4LiA2C1m0g2" IDs
filter=id%20eq%20%22coljqM9a9xerZfRpp0g2%22%20or%20id%20eq%20%22coljrNAph4LiA2C1m0g2%22
include
Array of strings

The include filter adds additional properties in the response.

Items Value: "counts" Examples:
Query param: ?include=counts
include=counts
limit
integer [ 1 .. 200 ]
Default: 20

The maximum number of records returned in a response

Responses
200

A successful resource collection list response

400

A request failed validation

401

When authentication fails

403

When authorization fails

429

When the rate limit has been exceeded

500

When there is a server fault due to an unexpected error

get/governance/api/v1/collections
Request samples 
Response samples 
application/json
List of collections


{
  • "data": [
    • {
      • "id": "cole8sBBMFDxPgcHx0g3",
      • "name": "Core Engineering Access",
      • "description": "Birthright access for all FTE engineers",
      • "created": "2024-07-24T14:15:22Z",
      • "createdBy": "00ub0oNGTSWTBKOLGLNR",
      • "lastUpdated": "2024-07-24T14:15:22Z",
      • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
      • "_links": {
        }
      },
    • {
      • "id": "rc5472336736435",
      • "name": "Core Sales Access",
      • "description": "Birthright access for all sales staff",
      • "created": "2024-07-24T14:15:22Z",
      • "createdBy": "00ub0oNGTSWTBKOLGLNR",
      • "lastUpdated": "2024-07-24T14:15:22Z",
      • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
      • "_links": {
        }
      },
    • {
      • "id": "rc34657643674534",
      • "name": "Super User Access",
      • "description": "Elevated access in all environments",
      • "created": "2024-07-24T14:15:22Z",
      • "createdBy": "00ub0oNGTSWTBKOLGLNR",
      • "lastUpdated": "2024-07-24T14:15:22Z",
      • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
      • "_links": {
        }
      }
    ],
  • "_links": {
    • "next": {
      • "href": "example.com/governance/api/v1/collections?limit=3&after=rc34657643674534"
      },
    • "self": {
      • "href": "example.com/governance/api/v1/collections?limit=3"
      }
    },
  • "metadata": {
    • "total": 3
    }
}
Retrieve a resource collection
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.read
Retrieves a resource collection


Request 
path Parameters
collectionId
required
string
The id of the collection


 
Responses 
200
Response to a successful resource collection creation operation


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


get/governance/api/v1/collections/{collectionId}
Request samples 
Response samples 
application/json
Full response details for a resource collection


{
  • "id": "cole8sBBMFDxPgcHx0g3",
  • "name": "Core Engineering Access",
  • "description": "Birthright access for all FTE engineers",
  • "created": "2024-07-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2024-07-24T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "_links": {
    • "resources": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources"
      }
    }
}
Replace a resource collection
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Replaces a resource collection


Request 
path Parameters
collectionId
required
string
The id of the collection


 
Request Body schema: application/json
required
The writeable attributes of a resource collection


name
required
string  [ 1 .. 255 ] characters 
The name of a resource collection


 
description
string  [ 1 .. 1000 ] characters 
The human-readable description


 
Responses 
200
Response to a successful resource collection creation operation


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


put/governance/api/v1/collections/{collectionId}
Request samples 
application/json
The request body to replace a resource collection


{
  • "name": "Core Engineering Access",
  • "description": "Birthright access for all FTE engineers"
}
Response samples 
application/json
Full response details for a resource collection


{
  • "id": "cole8sBBMFDxPgcHx0g3",
  • "name": "Core Engineering Access",
  • "description": "Birthright access for all FTE engineers",
  • "created": "2024-07-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2024-07-24T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "_links": {
    • "resources": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources"
      }
    }
}
Delete a collection
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Deletes a resource collection specified by an id


Request 
path Parameters
collectionId
required
string
The id of the collection


 
Responses 
204
A successful collection response


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


delete/governance/api/v1/collections/{collectionId}
Request samples 
Response samples 
application/json
{
  • "errorCode": "string",
  • "errorId": "string",
  • "errorSummary": "string",
  • "errorLink": "string",
  • "errorCauses": [
    • {
      • "errorSummary": "string",
      • "reason": "string",
      • "location": "string",
      • "locationType": "string",
      • "domain": "string"
      }
    ]
}
List all collection resources
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.read
Lists all the resources in a given collection


Request 
path Parameters
collectionId
required
string
The id of the collection


 
query Parameters
after
string
The pagination cursor that points to the last record of the previous request.


 
 Example:  after=00u68w6vzKLultXS97g6
include
Array of strings
The include query parameter returns additional properties in the response.


Items Enum: Description
entitlements
Returns entitlement detail and value count in the response


entitlementValueCount
Returns only the entitlement value count in the response


 
 Example:  include=entitlements
limit
integer  [ 1 .. 200 ] 
 Default:  20
The maximum number of records returned in a response


 
Responses 
200
A successful collection resources list response


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


get/governance/api/v1/collections/{collectionId}/resources
Request samples 
Response samples 
application/json
List of resources in a collection


{
  • "data": [
    • {
      • "resourceOrn": "orn:okta:idp:00ofsdghasfhas54wewe:apps:salesforce:0oafxqCAJWWGELFTYASJ",
      • "resourceId": "res789067asg6asdf7g",
      • "resourceProfile": {},
      • "_links": {
        }
      },
    • {
      • "resourceOrn": "orn:okta:idp:00o11edPwGqbUrsDm0g4:apps:google:0oafxqDFHASFGZGSERDHA",
      • "resourceId": "res1234gjfdsfdasha",
      • "resourceProfile": {},
      • "_links": {
        }
      },
    • {
      • "resourceOrn": "orn:okta:idp:0034t89uq4u0q54u80q2:apps:netsuite:0oasdSDlGAVXCBZSDFG",
      • "resourceId": "res6573rtyfuhdyste",
      • "resourceProfile": {},
      • "_links": {
        }
      }
    ],
  • "_links": {
    • "next": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources?limit=3&after=res6573rtyfuhdyste"
      },
    • "self": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources?limit=3"
      }
    },
  • "metadata": {
    • "count": 3
    }
}
Add the resources to a collection
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Adds the resources to a collection


Request 
path Parameters
collectionId
required
string
The id of the collection


 
Request Body schema: application/json
 Array (<= 25 items)
resourceOrn
required
string <okta-resource-orn> 
The ORN identifier for a specific app. Other resource types aren't supported.


See the supported-resources endpoint for reference.


 
Array of objects
Collection of entitlements and associated value identifiers


 
Responses 
200
A successful add resources to collection list response


400
The response to an invalid request to add resources to a collection


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


post/governance/api/v1/collections/{collectionId}/resources
Request samples 
application/json
[
  • {
    • "resourceOrn": "orn:okta:idp:00ofsdghasfhas54wewe:apps:salesforce:0oafxqCAJWWGELFTYASJ",
    • "entitlements": [
      • {
        },
      • {
        }
      ]
    },
  • {
    • "resourceOrn": "orn:okta:idp:00o11edPwGqbUrsDm0g4:apps:google:0oafxqDFHASFGZGSERDHA"
    },
  • {
    • "resourceOrn": "orn:okta:idp:0034t89uq4u0q54u80q2:apps:netsuite:0oasdSD~GAVXCBZSDFG",
    • "entitlements": [
      • {
        },
      • {
        }
      ]
    }
]
Response samples 
application/json
List of resources in a collection


{
  • "data": [
    • {
      • "resourceOrn": "orn:okta:idp:00ofsdghasfhas54wewe:apps:salesforce:0oafxqCAJWWGELFTYASJ",
      • "resourceId": "res789067asg6asdf7g",
      • "resourceProfile": {},
      • "_links": {
        }
      },
    • {
      • "resourceOrn": "orn:okta:idp:00o11edPwGqbUrsDm0g4:apps:google:0oafxqDFHASFGZGSERDHA",
      • "resourceId": "res1234gjfdsfdasha",
      • "resourceProfile": {},
      • "_links": {
        }
      },
    • {
      • "resourceOrn": "orn:okta:idp:0034t89uq4u0q54u80q2:apps:netsuite:0oasdSDlGAVXCBZSDFG",
      • "resourceId": "res6573rtyfuhdyste",
      • "resourceProfile": {},
      • "_links": {
        }
      }
    ],
  • "_links": {
    • "next": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources?limit=3&after=res6573rtyfuhdyste"
      },
    • "self": {
      • "href": "example.com/governance/api/v1/collections/cole8sBBMFDxPgcHx0g3/resources?limit=3"
      }
    },
  • "metadata": {
    • "count": 3
    }
}
Delete a collection resource
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Deletes a specified resource from a collection


Request 
path Parameters
collectionId
required
string
The id of the collection


 
resourceId
required
string
The id of the resource in ORN format


 
Responses 
204
A successful collection response


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


delete/governance/api/v1/collections/{collectionId}/resources/{resourceId}
Request samples 
Response samples 
application/json
{
  • "errorCode": "string",
  • "errorId": "string",
  • "errorSummary": "string",
  • "errorLink": "string",
  • "errorCauses": [
    • {
      • "errorSummary": "string",
      • "reason": "string",
      • "location": "string",
      • "locationType": "string",
      • "domain": "string"
      }
    ]
}
Retrieve a collection resource
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.read
Retrieves a collection resource with entitlements


Request 
path Parameters
collectionId
required
string
The id of the collection


 
resourceId
required
string
The id of the resource in ORN format


 
Responses 
200
Response to a successful get resource collection operation


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


get/governance/api/v1/collections/{collectionId}/resources/{resourceId}
Request samples 
Response samples 
application/json
{
  • "data": {
    • "resourceOrn": "orn:okta:idp:00ofsdghasfhas54wewe:apps:salesforce:0oafxqCAJWWGELFTYASJ",
    • "resourceId": "res789067asg6asdf7g",
    • "entitlementValueCount": 2,
    • "entitlements": [
      • {
        },
      • {
        }
      ],
    • "_links": {
      • "entitlements": {
        }
      }
    }
}
Replace a collection resource
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Replaces a specified resource in a collection


Request 
path Parameters
collectionId
required
string
The id of the collection


 
resourceId
required
string
The id of the resource in ORN format


 
Request Body schema: application/json
required
The updatable attributes of a collection resource


Array of objects
Collection of entitlements and associated value identifiers


 
Responses 
200
Response to a successful collection resource update operation


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


put/governance/api/v1/collections/{collectionId}/resources/{resourceId}
Request samples 
application/json
{
  • "entitlements": [
    • {
      • "id": "espo3v6xlwdtEX2il1d6",
      • "values": [
        ]
      },
    • {
      • "id": "esp4rg7fkom0c3AsX8g6",
      • "values": [
        ]
      }
    ]
}
Response samples 
application/json
{
  • "data": {
    • "resourceOrn": "orn:okta:idp:00ofsdghasfhas54wewe:apps:salesforce:0oafxqCAJWWGELFTYASJ",
    • "resourceId": "res789067asg6asdf7g",
    • "entitlementValueCount": 2,
    • "entitlements": [
      • {
        },
      • {
        }
      ],
    • "_links": {
      • "entitlements": {
        }
      }
    }
}
Retrieve the unassigned users
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.read
Retrieves unassigned users for a collection based on the provided filter


Request 
path Parameters
collectionId
required
string
The id of the collection


 
query Parameters
filter
string <scim-filter> 
A filter expression that filters users based on firstName, lastName, or email properties.
The sw operator is supported for these properties.




Note: Query parameter percent encoding is required. See Percent-encoding.




  Examples: 
filter=firstName%20sw%20%22John%22
filter=firstName%20sw%20%22John%22%20OR%lastName%20sw%20%22John%22%20OR%20email%20sw%20%22John%22
Responses 
200
A list of users that can be assigned to a collection


401
When authentication fails


403
When authorization fails


404
When the requested resource was not found


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


get/governance/api/v1/collections/{collectionId}/catalog/users
Request samples 
Response samples 
application/json
List of unassigned users from a collection


{}
List all assignments for a collection
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.read
Lists all assignments for a collection


Assignments for a collection are sorted by last assigned principals first.


Request 
path Parameters
collectionId
required
string
The id of the collection


 
query Parameters
after
string
The pagination cursor that points to the last record of the previous request.


 
 Example:  after=00u68w6vzKLultXS97g6
filter
string <scim-filter> 
A filter expression that filters principals based on principal or principalProfile properties.
The sw operator is supported for these properties.


Note: Query parameter percent encoding is required. See Percent-encoding.


  Examples: 
Filter for "00ub0oNGTSWTBKOLGLNR" external ID and "OKTA_USER" principal type 
filter=principal.externalId%20eq%20%2200ub0oNGTSWTBKOLGLNR%22%20AND%20principal.type%20eq%20%22OKTA_USER%22
filter=principalProfile.name%20sw%20%22John%22
limit
integer  [ 1 .. 200 ] 
 Default:  20
The maximum number of records returned in a response


 
Responses 
200
A successful list of assigned principals response


401
When authentication fails


403
When authorization fails


404
When the requested resource was not found


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


get/governance/api/v1/collections/{collectionId}/assignments
Request samples 
Response samples 
application/json
List of assigned principals to collection


{
  • "data": [
    • {
      • "id": "ass28w6vzKKultXP98g5",
      • "actor": "ACCESS_REQUEST",
      • "expirationTime": "2024-04-30T23:59:59Z",
      • "timeZone": "America/Toronto",
      • "assignmentType": "INDIVIDUAL",
      • "collectionId": "col28w6vzKKultXP98g5",
      • "principal": {
        },
      • "principalProfile": {
        }
      },
    • {
      • "id": "ass28w6vzKKultXP98g6",
      • "actor": "ACCESS_REQUEST",
      • "assignmentType": "INDIVIDUAL",
      • "collectionId": "col28w6vzKKultXP98g5",
      • "principal": {
        },
      • "principalProfile": {
        }
      }
    ],
  • "_links": {}
}
Assign a collection to principals
Beta
Admin roles: 
  • Entitlement Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Assigns a collection to principals


The assignment can be for a limited time or indefinite. This operation is idempotent. If the assignment already exists, it will be updated with the new values.


Request 
path Parameters
collectionId
required
string
The id of the collection


 
Request Body schema: application/json
required
Attributes of collection assignment


 Array ([ 1 .. 20 ] items)
actor
string
 Default:  "API"
The actor sending the grant request


 Enum: "ACCESS_REQUEST" "ADMIN" "API" "NONE"  
collectionId
string <collection-id>   = 20 characters 
The resource collection id


 
expirationTime
string <date-time> 
The date on which the principal's access expires. This property is specified in ISO 8601 duration format.


 
object
Representation of a principal


 
timeZone
string  [ 1 .. 64 ] characters 
The time zone, in IANA format, for the end date of the user access.


 
Responses 
201
A list of assigned principals


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


post/governance/api/v1/collections/{collectionId}/assignments
Request samples 
application/json
Assign principals to the collection. The assignment can be for a limited time or indefinite.


[
  • {
    • "actor": "ACCESS_REQUEST",
    • "principal": {
      • "externalId": "00u174cGuGxVFp4EY0g4",
      • "type": "OKTA_USER"
      },
    • "expirationTime": "2024-04-30T23:59:59Z",
    • "timeZone": "America/Toronto"
    },
  • {
    • "actor": "ACCESS_REQUEST",
    • "principal": {
      • "externalId": "00u174cGuGxVFp4EY0g5",
      • "type": "OKTA_USER"
      }
    }
]
Response samples 
application/json
List of assigned users to a collection


[
  • {
    • "id": "ass28w6vzKKultXP98g5",
    • "actor": "ACCESS_REQUEST",
    • "principal": {
      • "externalId": "00u174cGuGxVFp4EY0g4",
      • "type": "OKTA_USER"
      },
    • "expirationTime": "2024-04-30T23:59:59Z",
    • "timeZone": "America/Toronto",
    • "assignmentType": "INDIVIDUAL"
    },
  • {
    • "id": "ass28w6vzKKultXP98g6",
    • "actor": "ACCESS_REQUEST",
    • "principal": {
      • "externalId": "00u174cGuGxVFp4EY0g5",
      • "type": "OKTA_USER"
      },
    • "assignmentType": "INDIVIDUAL"
    }
]
Update a principal assignment
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Updates a principal assignment


Request 
path Parameters
assignmentId
required
string
The id of the collection assignment


 
collectionId
required
string
The id of the collection


 
Request Body schema: application/json
required
The writable attributes of a collection assignment


 Array ([ 1 .. 100 ] items)
op
required
string  non-empty 
The operation performed for the update


 Enum: "ADD" "REMOVE" "REPLACE"  
path
required
string
The path of the property that's updated. For example, /expirationTime and /timeZone for the assignment update.


 
value
string
The value of the property that's updated


 
Responses 
204
A successful collection response


400
A request failed validation


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


patch/governance/api/v1/collections/{collectionId}/assignments/{assignmentId}
Request samples 
application/json
Request body for adding an expiration time and time zone


[
  • {
    • "op": "ADD",
    • "path": "/expirationTime",
    • "value": "2024-04-30T23:59:59Z"
    },
  • {
    • "op": "ADD",
    • "path": "/timeZone",
    • "value": "America/Toronto"
    }
]
Response samples 
application/json
{
  • "errorCode": "string",
  • "errorId": "string",
  • "errorSummary": "string",
  • "errorLink": "string",
  • "errorCauses": [
    • {
      • "errorSummary": "string",
      • "reason": "string",
      • "location": "string",
      • "locationType": "string",
      • "domain": "string"
      }
    ]
}
Delete a principal assignment
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.manage
Deletes principal assignment


Request 
path Parameters
assignmentId
required
string
The id of the collection assignment


 
collectionId
required
string
The id of the collection


 
Responses 
204
A successful collection response


401
When authentication fails


403
When authorization fails


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


delete/governance/api/v1/collections/{collectionId}/assignments/{assignmentId}
Request samples 
Response samples 
application/json
{
  • "errorCode": "E0000004",
  • "errorSummary": "Authentication failed.",
  • "errorLink": "E0000004",
  • "errorId": "oaeWCGz73hpRCG75VHP6-RRXw",
  • "errorCauses": [ ]
}
List all assignments for all collections
Beta
Admin roles: 
  • Application Administrator
OAuth 2.0: 
  • okta.governance.collections.read
Lists assignments for all collections


Assignments for all collections are sorted by last assigned principals first.


Request 
query Parameters
after
string
The pagination cursor that points to the last record of the previous request.


 
 Example:  after=00u68w6vzKLultXS97g6
filter
string <scim-filter> 
A filter expression that filters principals based on principal or principalProfile properties.
The sw operator is supported for these properties.


Note: Query parameter percent encoding is required. See Percent-encoding.


  Examples: 
Filter for "00ub0oNGTSWTBKOLGLNR" external ID and "OKTA_USER" principal type 
filter=principal.externalId%20eq%20%2200ub0oNGTSWTBKOLGLNR%22%20AND%20principal.type%20eq%20%22OKTA_USER%22
filter=principalProfile.name%20sw%20%22John%22
limit
integer  [ 1 .. 200 ] 
 Default:  20
The maximum number of records returned in a response


 
Responses 
200
A successful list of assigned principals response


401
When authentication fails


403
When authorization fails


404
When the requested resource was not found


429
When the rate limit has been exceeded


500
When there is a server fault due to an unexpected error


get/governance/api/v1/collections/assignments
Request samples 
Response samples 
application/json
List of assigned principals to collection


{
  • "data": [
    • {
      • "id": "ass28w6vzKKultXP98g5",
      • "actor": "ACCESS_REQUEST",
      • "expirationTime": "2024-04-30T23:59:59Z",
      • "timeZone": "America/Toronto",
      • "assignmentType": "INDIVIDUAL",
      • "collectionId": "col28w6vzKKultXP98g5",
      • "principal": {
        },
      • "principalProfile": {
        }
      },
    • {
      • "id": "ass28w6vzKKultXP98g6",
      • "actor": "ACCESS_REQUEST",
      • "assignmentType": "INDIVIDUAL",
      • "collectionId": "col28w6vzKKultXP98g5",
      • "principal": {
        },
      • "principalProfile": {
        }
      }
    ],
  • "_links": {}
}