Remove Entitlement from Account

POST 
/removeAccountToEntitlement

This method deprovisions one or more "Entitlements" from an "Account". The "Entitlements" and "Account" correspond to a particular IT Application (e.g Microsoft Active Directory) which is modeled in SSM as "Endpoint" of a "Security System". Mandatory params: securitysystem - Name of the Security System for the relevant IT Application modeled in SSM. endpoint- Name of the Endpoint corresponding to the Security System. accountname - Account name from which the entitlements should be deprovisioned. entitlementtype - Entitlement type for the entitlements which are to be deprovisioned. e.g. AD Groups, EBS Responsibilities, SAP Roles etc. entitlementvalue - Names of the actual entitlements which are to be deprovisioned. The Authorization must have Bearer followed by Token.

Request

application/x-www-form-urlencoded

Body

accountnamestring
Example: johnWS
endpointstring
Example: System1
entitlementtypestring
Example: Access
entitlementvaluestring
Example: Entitlement1
securitysystemstring
Example: System1

Responses

200

Removes Entitlement from Account Success / Removes Entitlement from Account Failure

Response Headers

• Date

  string

• Server

  string

• Set-Cookie

  string

application/json

Schema

Schema

errorCodestring
Example: 0
messagestring
Example: SUCCESS

Example (from schema)

{
  "errorCode": "0",
  "message": "SUCCESS"
}

Removes Entitlement from Account Failure

{
  "errorCode": "1",
  "message": "Account (johnWS) has NO Entitlement (Entitlement1)"
}

Removes Entitlement from Account Success

{
  "errorCode": "0",
  "message": "SUCCESS"
}