IAM Governance Bundles

These APIs allow you to manage governance bundles for the Admin Console, and manage roles and resources associated with the bundles. For details on how governance bundles are supported from the Resource Management Access Platform (RAMP), see Entitlement Management.

List all governance bundles for the Admin Console
OAuth 2.0:
  • okta.roles.read

Lists all Governance Bundles for the Admin Console in your org

Request
query Parameters
after
string

The cursor used for pagination. It represents the last privileged resource ID returned in the previous fetch operation.

Example: after=oprbuthToCeLWOBwh0g4
limit
integer <int32> <= 1000
Default: 200

Specifies the batch size of the results to be returned

Responses
200

OK

403

Forbidden

429

Too Many Requests

get/api/v1/iam/governance/bundles
Request samples 
Response samples 
application/json
{}
Create a governance bundle for the Admin Console in RAMP
OAuth 2.0: 
  • okta.roles.manage
Creates a Governance Bundle for the Admin Console in RAMP


Request 
Request Body schema: application/json
required
description
string
 
Array of objects (IAMBundleEntitlement) 
 
 Array 
resourceSets
Array of strings
 
role
string
 
targets
Array of strings
 
name
string
 
Responses 
200
Success


400
Bad Request


403
Forbidden


429
Too Many Requests


post/api/v1/iam/governance/bundles
Request samples 
application/json
{
  • "name": "Group admin bundle",
  • "description": "Group bundle for administrative access",
  • "entitlements": {
    • "role": "GROUP_MEMBERSHIP_ADMIN"
    }
}
Response samples 
application/json
{}
Retrieve a governance bundle from RAMP
OAuth 2.0: 
  • okta.roles.read
Retrieves a Governance Bundle from RAMP


Request 
path Parameters
bundleId
required
string
The id of a bundle


 
 Example:  enbllojq9J9J105DL1d6
Responses 
200
OK


400
Bad Request


403
Forbidden


429
Too Many Requests


get/api/v1/iam/governance/bundles/{bundleId}
Request samples 
Response samples 
application/json
{}
Replace a governance bundle in RAMP
OAuth 2.0: 
  • okta.roles.manage
Replaces a Governance Bundle in RAMP


Request 
path Parameters
bundleId
required
string
The id of a bundle


 
 Example:  enbllojq9J9J105DL1d6
Request Body schema: application/json
required
description
string
 
Array of objects (IAMBundleEntitlement) 
 
 Array 
resourceSets
Array of strings
 
role
string
 
targets
Array of strings
 
name
string
 
Responses 
200
Success


400
Bad Request


403
Forbidden


429
Too Many Requests


put/api/v1/iam/governance/bundles/{bundleId}
Request samples 
application/json
{
  • "name": "Group admin bundle",
  • "description": "Group bundle for administrative access",
  • "entitlements": {
    • "role": "GROUP_MEMBERSHIP_ADMIN"
    }
}
Response samples 
application/json
{}
Delete a governance bundle from RAMP
OAuth 2.0: 
  • okta.roles.manage
Deletes a Governance Bundle from RAMP


Request 
path Parameters
bundleId
required
string
The id of a bundle


 
 Example:  enbllojq9J9J105DL1d6
Responses 
204
No Content


403
Forbidden


429
Too Many Requests


delete/api/v1/iam/governance/bundles/{bundleId}
Request samples 
Response samples 
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}
List all entitlements for a governance bundle
OAuth 2.0: 
  • okta.roles.read
Lists all Entitlements specific to a Governance Bundle


Request 
path Parameters
bundleId
required
string
The id of a bundle


 
 Example:  enbllojq9J9J105DL1d6
query Parameters
after
string
The cursor used for pagination. It represents the last privileged resource ID returned in the previous fetch operation.


 
 Example:  after=oprbuthToCeLWOBwh0g4
limit
integer <int32>   <= 1000 
 Default:  200
Specifies the batch size of the results to be returned


 
Responses 
200
OK


403
Forbidden


429
Too Many Requests


get/api/v1/iam/governance/bundles/{bundleId}/entitlements
Request samples 
Response samples 
application/json
{}
List all entitlement values for a bundle entitlement
OAuth 2.0: 
  • okta.roles.read
Lists all Entitlement Values specific to a Bundle Entitlement


Request 
path Parameters
bundleId
required
string
The id of a bundle


 
 Example:  enbllojq9J9J105DL1d6
entitlementId
required
string
The id of a bundle entitlement


 
 Example:  ent4rg7fltWSgrlDT8g6
query Parameters
after
string
The cursor used for pagination. It represents the last privileged resource ID returned in the previous fetch operation.


 
 Example:  after=oprbuthToCeLWOBwh0g4
limit
integer <int32>   <= 1000 
 Default:  200
Specifies the batch size of the results to be returned


 
Responses 
200
OK


403
Forbidden


429
Too Many Requests


get/api/v1/iam/governance/bundles/{bundleId}/entitlements/{entitlementId}/values
Request samples 
Response samples 
application/json
{}
Retrieve the opt-in status from RAMP
OAuth 2.0: 
  • okta.roles.read
Retrieves the opt-in status of the Admin Console from RAMP


Responses 
200
OK


403
Forbidden


429
Too Many Requests


get/api/v1/iam/governance/optIn
Request samples 
Response samples 
application/json
{}
Opt in the Admin Console to RAMP
OAuth 2.0: 
  • okta.roles.manage
Opts in the Admin Console to RAMP


Responses 
200
Success


403
Forbidden


429
Too Many Requests


post/api/v1/iam/governance/optIn
Request samples 
Response samples 
application/json
{}
Opt out the Admin Console from RAMP
OAuth 2.0: 
  • okta.roles.manage
Opts out the Admin Console from RAMP


Responses 
200
Success


403
Forbidden


429
Too Many Requests


post/api/v1/iam/governance/optOut
Request samples 
Response samples 
application/json
{}