List Identity Entitlements

Retrieve all entitlements (roles, groups, permissions) assigned to a specific identity

Endpoint

GET /api/private/lifecycle_management/policies/{policy_id}/identities/{id}:list_entitlements

Description

Returns all groups, roles, and Access Profiles assigned to an identity across connected applications. This includes the identity's direct group memberships, role assignments, and Veza Access Profile memberships discovered in the Access Graph.

The identity_entity_id query parameter is required - use the entity_id from the identity (e.g., 00u2clxic15YZbO9R0h8), not the identity's UUID.

Example Response

{
  "values": [
    {
      "policy_id": "bc11e591-e607-4af8-bcfb-329d7d6d3c7a",
      "policy_identity_id": "01986129-fa4a-7d9e-b867-7e1b0526ae0f",
      "lifecycle_management_datasource_id": "d14d85e9-342a-4670-b5ec-ae318b2ffbf6",
      "provider_external_id": "veza-internal",
      "local_user_entity_type": "OAA.UKG.HRISEmployee",
      "local_user_entity_id": "custom_provider:hris:0f50fc99-4576-4745-8d16-05b7a5699488:type:UKG:employee:[email protected]",
      "entity_type": "VezaAccessProfile",
      "entity_id": "be6dd1f5-9753-4896-8d80-cb9d7640f139",
      "entity_name": "AD Developers",
      "lifecycle_management_enabled": true,
      "created_from": "OTHER",
      "sync_relationship": null
    },
    {
      "policy_id": "bc11e591-e607-4af8-bcfb-329d7d6d3c7a",
      "policy_identity_id": "01986129-fa4a-7d9e-b867-7e1b0526ae0f",
      "lifecycle_management_datasource_id": "39ebe93a-4873-4173-ac0c-a1236fbd312f",
      "provider_external_id": "sigmacorpx.oktapreview.com",
      "local_user_entity_type": "OAA.UKG.HRISEmployee",
      "local_user_entity_id": "custom_provider:hris:0f50fc99-4576-4745-8d16-05b7a5699488:type:UKG:employee:[email protected]",
      "entity_type": "OktaGroup",
      "entity_id": "00g23a1fjtgDOVCgm0h8",
      "entity_name": "AI Team",
      "lifecycle_management_enabled": true,
      "created_from": "OTHER",
      "sync_relationship": null
    },
    {
      "policy_id": "bc11e591-e607-4af8-bcfb-329d7d6d3c7a",
      "policy_identity_id": "01986129-fa4a-7d9e-b867-7e1b0526ae0f",
      "lifecycle_management_datasource_id": "b436cdcc-79a1-4b3b-b04f-a6923241244b",
      "provider_external_id": "f487d4ab-e9b3-4afb-a93c-775907c9e155",
      "local_user_entity_type": "OAA.UKG.HRISEmployee",
      "local_user_entity_id": "custom_provider:hris:0f50fc99-4576-4745-8d16-05b7a5699488:type:UKG:employee:[email protected]",
      "entity_type": "AzureADGroup",
      "entity_id": "e36aefe5-3e9a-4161-b7cd-a77fd61ccc69",
      "entity_name": "All Company",
      "lifecycle_management_enabled": true,
      "created_from": "OTHER",
      "sync_relationship": null
    },
    {
      "policy_id": "bc11e591-e607-4af8-bcfb-329d7d6d3c7a",
      "policy_identity_id": "01986129-fa4a-7d9e-b867-7e1b0526ae0f",
      "lifecycle_management_datasource_id": "b436cdcc-79a1-4b3b-b04f-a6923241244b",
      "provider_external_id": "f487d4ab-e9b3-4afb-a93c-775907c9e155",
      "local_user_entity_type": "OAA.UKG.HRISEmployee",
      "local_user_entity_id": "custom_provider:hris:0f50fc99-4576-4745-8d16-05b7a5699488:type:UKG:employee:[email protected]",
      "entity_type": "AzureADRole",
      "entity_id": "6fb1defc-5c29-4153-a082-c9b3b3bda918",
      "entity_name": "Helpdesk Administrator",
      "lifecycle_management_enabled": true,
      "created_from": "OTHER",
      "sync_relationship": null
    },
    {
      "policy_id": "bc11e591-e607-4af8-bcfb-329d7d6d3c7a",
      "policy_identity_id": "01986129-fa4a-7d9e-b867-7e1b0526ae0f",
      "lifecycle_management_datasource_id": "39ebe93a-4873-4173-ac0c-a1236fbd312f",
      "provider_external_id": "sigmacorpx.oktapreview.com",
      "local_user_entity_type": "OAA.UKG.HRISEmployee",
      "local_user_entity_id": "custom_provider:hris:0f50fc99-4576-4745-8d16-05b7a5699488:type:UKG:employee:[email protected]",
      "entity_type": "OktaGroup",
      "entity_id": "00g17pcjcszZ250yb0h8",
      "entity_name": "Employees",
      "lifecycle_management_enabled": true,
      "created_from": "OTHER",
      "sync_relationship": null
    },
    {
      "policy_id": "bc11e591-e607-4af8-bcfb-329d7d6d3c7a",
      "policy_identity_id": "01986129-fa4a-7d9e-b867-7e1b0526ae0f",
      "lifecycle_management_datasource_id": "d14d85e9-342a-4670-b5ec-ae318b2ffbf6",
      "provider_external_id": "veza-internal",
      "local_user_entity_type": "OAA.UKG.HRISEmployee",
      "local_user_entity_id": "custom_provider:hris:0f50fc99-4576-4745-8d16-05b7a5699488:type:UKG:employee:[email protected]",
      "entity_type": "VezaAccessProfile",
      "entity_id": "6c27362b-f96c-4ac6-af52-c151600d0a3f",
      "entity_name": "Okta All Employee Access",
      "lifecycle_management_enabled": true,
      "created_from": "OTHER",
      "sync_relationship": null
    }
  ]
}

API Reference

get

Authorizations

AuthorizationstringRequired

Veza API key for authentication. Generate keys in Administration > API Keys.

Path parameters

policy_idstringRequired

idstringRequired

Query parameters

identity_entity_idstringOptional

Responses

200

application/json

default

Default error response

application/json

get

/api/private/lifecycle_management/policies/{policy_id}/identities/{id}:list_entitlements

GET /api/private/lifecycle_management/policies/{policy_id}/identities/{id}:list_entitlements HTTP/1.1
Host: your-tenant.vezacloud.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "values": [
    {
      "policy_id": "text",
      "policy_identity_id": "text",
      "lifecycle_management_datasource_id": "text",
      "provider_external_id": "text",
      "local_user_entity_type": "text",
      "local_user_entity_id": "text",
      "entity_type": "text",
      "entity_id": "text",
      "entity_name": "text",
      "lifecycle_management_enabled": true,
      "created_from": 1,
      "sync_relationship": {
        "synced_relationship": {
          "entity_type": "text",
          "entity_id": "text",
          "attributes": {
            "ANY_ADDITIONAL_PROPERTY": "text"
          },
          "assigned_to_entity_type": "text",
          "assigned_to_entity_id": "text",
          "entity_name": "text",
          "error_message": "text",
          "unique_identifiers": [
            "text"
          ],
          "datasource_id": "text"
        },
        "synced_identity_entity": {
          "entity_type": "text",
          "entity_id": "text",
          "attributes": {
            "ANY_ADDITIONAL_PROPERTY": "text"
          },
          "assigned_to_entity_type": "text",
          "assigned_to_entity_id": "text",
          "entity_name": "text",
          "error_message": "text",
          "unique_identifiers": [
            "text"
          ],
          "datasource_id": "text"
        },
        "datasource_id": "text",
        "action_name": "text",
        "synced_at": "2026-03-13T23:03:30.066Z",
        "updated_at": "2026-03-13T23:03:30.066Z",
        "created_at": "2026-03-13T23:03:30.066Z",
        "created_from": 1,
        "workflow": "text"
      }
    }
  ]
}

PreviousGet Identity NextParallel Execution Settings

Last updated 1 month ago

Was this helpful?

hashtagEndpoint

hashtagDescription

hashtagAPI Reference

Endpoint

Description

API Reference