API-triggered import¶
The API-Triggered Import capability allows you to trigger an existing import configuration on-demand from any automation tool. Instead of manually uploading files through the web interface or waiting for a scheduled import, your automation workflows call the Permission Assist API and the import runs immediately.
How API-triggered imports work¶
When you trigger an import through the API, Permission Assist does the following:
- Validates your request — Permission Assist checks your API credentials, confirms the application exists, and verifies the import configuration is valid.
- Stages the import — Permission Assist creates a Pending import record using the file paths from the application's existing import schedule.
- Processes the import — The background build job picks up the Pending import and applies the same import rules, mappings, and validation logic as a scheduled or manual import.
- Records the audit trail — The import generates the same audit records as any other import method. The audit trail records the name of the API token so you know which automation tool triggered the import.
The import runs asynchronously. When you make the API call, Permission Assist acknowledges the request and stages the import for background processing. Your automation tool does not need to wait for the import to finish.
Available operations¶
The API provides three import operations:
| Operation | Endpoint | Description |
|---|---|---|
| Stage | POST /api/application-imports/stage |
Trigger an import using the application's existing scheduled import configuration |
| Cancel | POST /api/application-imports/cancel |
Cancel a staged or in-progress import |
| Upload | POST /api/application-imports/upload |
Upload files directly for applications without a scheduled configuration |
What you need before you start¶
Before you can trigger an import through the API, you need all of the following:
- An existing import schedule — The stage endpoint uses import schedules that you have already set up in Permission Assist. The schedule defines the file paths and import settings. If you have not yet configured an import schedule for an application, do that first. Refer to Import application security data for instructions
- A data file in the shared directory — The API reads files from the same shared directory your scheduled imports use. Make sure the file is in place before you trigger the import
- API credentials — Refer to Getting started with the API if you have not generated a token yet
Common use cases¶
Organizations typically use API-triggered imports for workflows like these:
- Nightly automation — An automation tool (OpCon, VisualCron, or a scheduled script) runs application reports overnight, places the output files in a shared directory, and then calls the Permission Assist API to stage the import
- Event-driven refreshes — When a significant change occurs in an application (such as a batch of new user accounts), an automation workflow exports the updated data and triggers an immediate import so Permission Assist has fresh data for access reviews
- Increased import frequency — Instead of weekly manual uploads, automation tools trigger imports daily or even multiple times per day, improving data accuracy for reviews and compliance reporting
Next steps¶
- Trigger an import — Step-by-step instructions for staging and canceling imports through the API
- API Reference — Technical details for all endpoints, including listing and retrieving import records