Create

package main import( "context" "github.com/conductorone/conductorone-sdk-go/pkg/models/shared" conductoronesdkgo "github.com/conductorone/conductorone-sdk-go" "log" ) func main() { ctx := context.Background() s := conductoronesdkgo.New( conductoronesdkgo.WithSecurity(shared.Security{ BearerAuth: "<YOUR_BEARER_TOKEN_HERE>", Oauth: "<YOUR_OAUTH_HERE>", }), ) res, err := s.AccessReviewTemplate.Create(ctx, nil) if err != nil { log.Fatal(err) } if res.AccessReviewTemplateServiceCreateResponse != nil { // handle response } }

{ "accessReviewTemplate": { "accessReviewDuration": "<string>", "accuracyIssueAction": "ACCURACY_ISSUE_ACTION_UNSPECIFIED", "autoCloseCampaign": true, "autoCloseDecision": "CLOSE_DECISION_UNSPECIFIED", "autoGenerateReport": true, "autoStartCampaign": true, "columnConfig": { "columns": [ "ACCESS_REVIEW_TASK_COLUMN_UNSPECIFIED" ] }, "createdAt": "2023-11-07T05:31:56Z", "defaultView": "ACCESS_REVIEW_VIEW_TYPE_UNSPECIFIED", "deletedAt": "2023-11-07T05:31:56Z", "description": "<string>", "displayName": "<string>", "exemptCertifiedAccessConflicts": true, "id": "<string>", "inclusionScope": { "appUserStatuses": [ "APP_USER_STATUS_UNSPECIFIED" ], "appUserTypes": [ "APP_USER_TYPE_UNSPECIFIED" ], "managerIds": [ "<string>" ], "multiUserProfileAttributes": {}, "noAccountOwners": true, "userIds": [ "<string>" ], "userStatuses": [ "USER_UNKNOWN" ] }, "isCampaignScheduleEnabled": true, "nextScheduledCampaignAt": "2023-11-07T05:31:56Z", "notificationConfig": { "sendClose": true, "sendKickoff": true, "sendReminders": true }, "occurrences": 123, "policyId": "<string>", "recurrenceRule": { "endDate": "2023-11-07T05:31:56Z", "frequency": "FREQUENCY_UNSPECIFIED", "interval": 123, "occurrences": 123, "startDate": "2023-11-07T05:31:56Z" }, "reviewInstructions": "<string>", "scope": { "accountCelExpression": { "expression": "<string>" }, "accountCriteria": { "accountDomain": "APP_USER_DOMAIN_UNSPECIFIED", "accountTypes": [ "APP_USER_TYPE_UNSPECIFIED" ], "appUserStatuses": [ "APP_USER_STATUS_UNSPECIFIED" ], "noAccountOwner": true }, "allAccessConflicts": {}, "allAccounts": {}, "allGrants": {}, "allUsers": {}, "appAccess": {}, "appSelectionCriteria": { "complianceFrameworkAttributeValueIds": [ "<string>" ], "riskLevelAttributeValueIds": [ "<string>" ] }, "celExpression": { "expression": "<string>" }, "grantsByCriteria": { "accessProfileFilter": { "excludedAccessProfileIds": [ "<string>" ], "filterType": "ACCESS_PROFILE_FILTER_TYPE_UNSPECIFIED", "includedAccessProfileIds": [ "<string>" ] }, "daysSinceAdded": "<string>", "daysSinceLastUsed": "<string>", "daysSinceReviewed": "<string>", "grantsAddedBetween": { "endDate": "2023-11-07T05:31:56Z", "startDate": "2023-11-07T05:31:56Z" }, "sourceFilter": "GRANT_SOURCE_FILTER_UNSPECIFIED", "typeFilter": "GRANT_FILTER_TYPE_UNSPECIFIED" }, "resourceSelection": {}, "resourceTypeSelections": {}, "selectedUsers": { "userIds": [ "<string>" ] }, "specificAccessConflicts": {}, "specificResources": {}, "userCriteria": { "groupAppEntitlementsRef": [ { "appId": "<string>", "id": "<string>" } ], "managerUserIds": [ "<string>" ], "multiUserProfileAttributes": {}, "userStatus": [ "UNKNOWN" ] } }, "scopeType": "ACCESS_REVIEW_SCOPE_TYPE_UNSPECIFIED", "signatureConfig": { "meaningOfSignature": "<string>", "requireSignature": true, "stepUpProviderId": "<string>", "tspUrl": "<string>" }, "slackChannel": { "description": "<string>", "name": "<string>" }, "updatedAt": "2023-11-07T05:31:56Z", "usePolicyOverride": true } }

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization

string

header

required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

The AccessReviewTemplateServiceCreateRequest message.

accessReviewDuration

string<duration>

accuracyIssueAction

enum<string>

The accuracyIssueAction field.

Available options:

ACCURACY_ISSUE_ACTION_UNSPECIFIED,

ACCURACY_ISSUE_ACTION_CONTINUE,

ACCURACY_ISSUE_ACTION_WAIT

autoCloseCampaign

boolean

The autoCloseCampaign field.

autoCloseDecision

enum<string>

The autoCloseDecision field.

Available options:

CLOSE_DECISION_UNSPECIFIED,

CLOSE_DECISION_REVOKED,

CLOSE_DECISION_SKIP,

CLOSE_DECISION_NO_ACTION

autoGenerateReport

boolean

auto generate report when campaign is closed

autoStartCampaign

boolean

The autoStartCampaign field.

columnConfig

Access Review Column Config · object

Configuration for which columns are visible in the reviewer task list.

Show child attributes

defaultView

enum<string>

The defaultView field.

Available options:

ACCESS_REVIEW_VIEW_TYPE_UNSPECIFIED,

ACCESS_REVIEW_VIEW_TYPE_BY_APP,

ACCESS_REVIEW_VIEW_TYPE_BY_USER,

ACCESS_REVIEW_VIEW_TYPE_UNSTRUCTURED,

ACCESS_REVIEW_VIEW_TYPE_BY_RESOURCE

description

string

An optional description providing context about the template.

displayName

string

The display name for the new template.

exemptCertifiedAccessConflicts

boolean

The exemptCertifiedAccessConflicts field.

isCampaignScheduleEnabled

boolean

The isCampaignScheduleEnabled field.

notificationConfig

Notification Config · object

Controls which email notifications are sent during the access review lifecycle.

Show child attributes

ownerIds

string[] | null

The IDs of the users who own this template. At least one owner is required.

policyId

string

The ID of the default review policy for campaigns created from this template.

recurrenceRule

Recurrence Rule · object

The RecurrenceRule message.

This message contains a oneof named end_condition. Only a single field of the following list may be set at a time:

endDate
occurrences

Show child attributes

reviewInstructions

string

The reviewInstructions field.

scope

Access Review Scope V 2 · object

The AccessReviewScopeV2 message.

This message contains a oneof named apps_and_resources_scope. Only a single field of the following list may be set at a time:

appAccess
specificResources
appSelectionCriteria
resourceTypeSelections

This message contains a oneof named users_scope. Only a single field of the following list may be set at a time:

allUsers
selectedUsers
userCriteria
celExpression

This message contains a oneof named accounts_scope. Only a single field of the following list may be set at a time:

allAccounts
accountCriteria
accountCelExpression

This message contains a oneof named grants_scope. Only a single field of the following list may be set at a time:

allGrants
grantsByCriteria

This message contains a oneof named access_conflicts_scope. Only a single field of the following list may be set at a time:

allAccessConflicts
specificAccessConflicts

This message contains a oneof named resource_scope. Only a single field of the following list may be set at a time:

resourceSelection

Show child attributes

scopeType

enum<string>

The scopeType field.

Available options:

ACCESS_REVIEW_SCOPE_TYPE_UNSPECIFIED,

ACCESS_REVIEW_SCOPE_TYPE_BY_ENTITLEMENTS,

ACCESS_REVIEW_SCOPE_TYPE_BY_ACCESS_CONFLICTS,

ACCESS_REVIEW_SCOPE_TYPE_BY_RESOURCE,

ACCESS_REVIEW_SCOPE_TYPE_BY_INHERITANCE

signatureConfig

Review Signature Config · object

Signature configuration for access review submissions

Show child attributes

usePolicyOverride

boolean

The usePolicyOverride field.

Response

200 - application/json

Successful response

The AccessReviewTemplateServiceCreateResponse message.

accessReviewTemplate

Access Review Template · object

A reusable template that defines the configuration for creating access review campaigns. Templates can optionally be scheduled to automatically create campaigns on a recurring basis.

This message contains a oneof named slack_channel_details. Only a single field of the following list may be set at a time:

slackChannel

Show child attributes

Welcome

Endpoints

Authorizations

Body

Response

Welcome

Endpoints

Documentation Index

Authorizations

Body

Response