Skip to main content
POST
/
api
/
v1
/
role-mining
/
access-profiles
CreateAccessProfileFromCohort
package main

import(
	"context"
	"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
	conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
	"log"
)

func main() {
    ctx := context.Background()

    s := conductoronesdkgo.New(
        conductoronesdkgo.WithSecurity(shared.Security{
            BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
            Oauth: "<YOUR_OAUTH_HERE>",
        }),
    )

    res, err := s.RoleMiningManagement.CreateAccessProfileFromCohort(ctx, nil)
    if err != nil {
        log.Fatal(err)
    }
    if res.CreateAccessProfileFromCohortResponse != nil {
        // handle response
    }
}
{
  "accessProfileId": "<string>",
  "celExpression": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization
string
header
required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

The CreateAccessProfileFromCohortRequest message.

celExpression
string | null

Optional CEL expression for dynamic membership. When non-empty, used instead of auto-generating from profile_filters.

createTasks
boolean | null

If true, the automation will create JIT tasks for access changes. If false, users are synced to membership without creating tasks.

description
string | null

Description for the access profile.

displayName
string | null

Display name for the access profile.

enableAutomation
boolean | null

If true, enable the dynamic membership automation immediately.

entitlements
Cohort Entitlement · object[] | null

Entitlements to add to the access profile.

profileFilters
Profile Filter · object[] | null

Profile filters defining the cohort for dynamic membership.

suggestionId
string | null

Optional suggestion ID to mark as accepted after creating the profile.

Response

200 - application/json

Successful response

The CreateAccessProfileFromCohortResponse message.

accessProfileId
string | null

The ID of the created access profile.

celExpression
string | null

The CEL expression generated for dynamic membership.