Skip to content

Permission Assist API

The Permission Assist API allows you to integrate Permission Assist into your existing automation workflows. Instead of manually uploading files or creating records through the web interface, your automation tools call Permission Assist directly.

The API provides five resource areas:

  • Identities — List and retrieve identity records across all applications

  • Applications — List and retrieve application details, including connector configuration and last import status

  • Access Requests — List and retrieve access request details, including provisioning status, approval history, and related review items

  • Application Imports — Stage, cancel, or upload application imports on-demand from any automation tool. Permission Assist reads files from your shared directory, processes them using the rules you have already configured, and maintains the same audit trail as a scheduled import

  • Personnel Events — Create Personnel Events (Onboarding, Offboarding, Role Transition/Position Change, and Leave of Absence) from external systems such as HRIS platforms, ticketing systems, or automation scripts. The event enters the normal Personnel Event workflow automatically

All resources use a simple REST interface with JSON payloads and Bearer token authentication. You do not need to learn a new protocol or install additional software.

Who is the API for?

The API serves two audiences:

  • Security Officers and Application Managers who want to automate repetitive IAM tasks and increase the frequency of data refreshes without adding staff time

  • IT Automation Specialists who build scripts and workflows in tools like OpCon, VisualCron, PowerShell, or Python and need to connect those workflows to Permission Assist

You do not need deep Permission Assist knowledge to use the API. If you can make an HTTP request from a script or automation tool, you can use the API.

How it works

A typical API workflow follows these steps:

  1. An administrator enables the API in Permission Assist and generates an API token.
  2. An automation specialist adds an API call to an existing script or workflow.
  3. The script calls the Permission Assist API endpoint with a Bearer token in the Authorization header.
  4. Permission Assist validates the request, processes it using existing configurations, and returns a JSON response.
  5. The same audit trail and error handling that apply to manual operations apply to API-triggered operations.

No new infrastructure is required. The API runs on your existing Permission Assist server.

Before you begin

Before you can use the API, you need the following:

  • Permission Assist version 6.5 or later
  • The API feature enabled in System Configuration
  • A valid API token
  • Network access from your automation tool to the Permission Assist server

Next steps

If you are new to the Permission Assist API, start here:

If you are ready to work with a specific capability:

If you are looking for technical details:

  • API Reference — Endpoints, request and response formats, authentication, and error codes