Recertification APIs
Get Recertification Resources (GET)
Returns resources available for recertification.
Route
|
URI |
/api/v1/Recertification/Resources |
|
Method |
GET |
|
Result |
JSON – Array of RecertificationResourceModel |
Parameters
Query parameters for filtering resources.
Example
GET http://localhost/api/v1/Recertification/Resources
{
"FileServer": {
"DisplayName": "File server",
"Entries": [
{
"ResourceKey": {
"ResourceType": 2,
"ProviderName": "b-d01",
"UniqueObjectKey": "\\\\b-d01"
},
"Name": "b-d01",
"Description": "b-d01",
"Children": [
{
"ResourceKey": {
"ResourceType": 2,
"ProviderName": "b-d01",
"UniqueObjectKey": "\\\\b-d01\\SYSVOL"
},
"Name": "SYSVOL",
"Description": "\\\\b-d01\\SYSVOL",
"Children": [],
"UserDisplayNames": [
],
"RecertificationProgresItem": {
"UserName": "Dalip Shukla | Access: Full control",
"IsFinalized": false,
"CreationDate": "2025-11-05T08:24:49",
"LastModifiedDate": "2025-11-05T09:25:46",
"LastModifiedDateUtc": "2025-11-05T08:25:46"
},
"RecertificationCanBeExecuted": false
}
],
"RecertificationCanBeExecuted": false
}
]
}
}
Get Recertification Configuration (GET)
Returns recertification configuration settings.
Route
|
URI |
/api/v1/Recertification/Configuration |
|
Method |
GET |
|
Result |
JSON – RecertificationConfigurationModel |
Parameters
None
Example
GET http://localhost/api/v1/Recertification/Configuration
{
"Type": "Container",
"label": "Configuration",
"templates": [
{
"key": "PeriodDefinition",
"value": {
"Type": "Container",
"label": null,
"templates": [
{
"key": "RecertificationConfigurationPeriod_DateRange",
"value": {
"Type": "DateRangePicker",
"summary": "9/22/2025",
"startDate": "2025-09-22T22:00:00Z",
"endDate": null,
"isEndDateOptional": true,
"startDateMayBeInThePast": false,
"label": "Recertification date range",
"isEnabled": true,
"isEnabledRule": null,
"parsedIsEnabledRule": null,
"customAttributes": null,
"isHidden": false,
"isVisibleRule": null,
"parsedIsVisibleRule": null
}
}
],
"summary": null,
"customAttributes": null,
"isHidden": false,
"isVisibleRule": null,
"parsedIsVisibleRule": null
}
},
...
],
"summary": null,
"customAttributes": null,
"isHidden": false,
"isVisibleRule": null,
"parsedIsVisibleRule": null
}
Get Recertification Technology Display Names (GET)
Returns display names for technologies in recertification.
Route
|
URI |
/api/v1/Recertification/RecertificationTechnologyDisplayNames |
|
Method |
GET |
|
Result |
JSON – Dictionary<string, string> |
Parameters
None
Example
GET http://localhost/api/v1/Recertification/RecertificationTechnologyDisplayNames
{
"18896": "Teams",
"18889": "Entra ID",
"18892": "OneDrive",
"18894": "SharePoint",
"18895": "SharePoint Online",
"1": "Active Directory",
"2": "File server"
}
Get Recertification Result (GET)
Returns recertification results for a session.
Route
|
URI |
/api/v1/Recertification/{sessionId}/Result |
|
Method |
GET |
|
Result |
JSON – RecertificationResultModel |
Parameters
sessionId - The session identifier
Example
GET http://localhost/api/v1/Recertification/123e4567-e89b-12d3-a456-426614174000/Result
Get Recertification Result With Category (GET)
Returns recertification results with category information.
Route
|
URI |
/api/v1/Recertification/{sessionId}/ResultWithCategory |
|
Method |
GET |
|
Result |
JSON – RecertificationResultWithCategoryModel |
Parameters
sessionId - The session identifier
Example
GET http://localhost/api/v1/Recertification/123e4567-e89b-12d3-a456-426614174000/ResultWithCategory
Get Recertification Session Summary (GET)
Returns summary information for a recertification session.
Route
|
URI |
/api/v1/Recertification/Session/{sessionId}/Summary |
|
Method |
GET |
|
Result |
JSON – SessionSummaryModel |
Parameters
sessionId - The session identifier
Example
GET http://localhost/api/v1/Recertification/Session/123e4567-e89b-12d3-a456-426614174000/Summary
Get Supported Actions for Recertification (GET)
Returns actions supported for a specific resource type in recertification.
Route
|
URI |
/api/v1/Recertification/Scenario/{resourceType}/SupportedActions |
|
Method |
GET |
|
Result |
JSON – Array of ActionModel |
Parameters
resourceType - The resource type
Example
GET http://localhost/api/v1/Recertification/Scenario/AD/SupportedActions
Execute Recertification Action (POST)
Executes a recertification action.
Route
|
URI |
/api/v1/Recertification/Action/{resourceType}/{sessionId}/Execute |
|
Method |
POST |
|
Result |
JSON – ActionExecutionResult |
Parameters
|
Name |
Type |
Mandatory |
Description |
|
resourceType |
string |
Yes |
The resource type |
|
sessionId |
Guid |
Yes |
session identifier |
Example
POST http://localhost/api/v1/Recertification/Action/AD/123e4567-e89b-12d3-a456-426614174000/Execute
Content-Type: application/json
{action parameters}
Create New Recertification Session (POST)
Creates a new recertification session.
Route
|
URI |
/api/v1/Recertification/Session/New |
|
Method |
GET |
|
Result |
|
Parameters
Body: Session parameters
Example
GET http://localhost/api/v1/Recertification/Session/New
Content-Type: application/json
"aabcd706-f3fd-42a7-838b-d6824dfeb787"
Get Recertification Session List (GET)
Returns a list of recertification sessions.
Route
|
URI |
/api/v1/Recertification/Session/List |
|
Method |
GET |
|
Result |
JSON – Array of SessionModel |
Parameters
None
Example
GET http://localhost/api/v1/Recertification/Session/List
[
{
"SessionId": "abc123-def456-ghi789",
"User": {
"UriKey": "john.doe@contoso.com",
"DisplayName": "John Doe",
"ResourceTypeGuid": "...",
"SerializedAccountId": "...",
"IsGroup": false,
"TypeId": 1
},
"ExpiresAt": "2024-12-05T18:00:00Z"
}]
Get Recertification Session Item (GET)
Returns details of a specific recertification session item.
Route
|
URI |
/api/v1/Recertification/Session/Item |
|
Method |
GET |
|
Result |
JSON – SessionItemModel |
Parameters
Query parameters for session item identification.
Example
GET http://localhost/api/v1/Recertification/Session/Item?sessionId=aabcd706-f3fd-42a7-838b-d6824dfeb787
{
"$type": "pn.recertification.client.interfaces.RecertificationEnhancedSessionInfo, pn.recertification.client.interfaces",
"isOpenSessionOutdated": false,
"recertificationCanBeExecuted": true,
"entryPointsResourceTreeArray": [
{
"$type": "pn.framework.ResourceTree, libInterfaces",
"resourceKey": {
"Type": "CA4F57E3-4A27-448E-A57B-A45E7A7DC2C6",
"resourceType": 2,
"providerName": "brn-cld-arm-561",
"uniqueObjectKey": "\\\\brn-cld-arm-561\\C$\\System Volume Information"
},
"name": "\\\\brn-cld-arm-561\\C$\\System Volume Information",
"description": "\\\\brn-cld-arm-561\\C$\\System Volume Information",
"children": [],
"userDisplayNames": null,
"recertificationProgresItem": null,
"recertificationCanBeExecuted": true
}
],
"sessionId": "aabcd706-f3fd-42a7-838b-d6824dfeb787",
"gridParameters": {
"Type": "C80E7B78-CE90-4587-B82E-E68A30E442F6",
"typeDiscriminator": "StaticActions",
"actionDefinitions": [
{
"$type": "pn.analyze.client.interfaces.ScenarioActionDefinition, pn.analyze.client.interfaces",
"actionId": "a9f7a9c9-f1e7-4a60-b626-60e1e86fec15",
"label": "Accept",
"description": "The access right is correct and should remain as is.",
"typeId": 99960,
"targetObjectDisplayNameProperty": "Path",
"isWithoutComment": false,
"isDirectExecutable": false,
"actionParameterPropertyNames": [
"Path",
"AccountSid",
"Rights",
"Inheritance",
"Propagation",
"PreventionReason",
"EntryId",
"AccountDisplayName"
],
"numberOfSteps": 1,
"isForInfoOnly": false
},
{
"$type": "pn.analyze.client.interfaces.ScenarioActionDefinition, pn.analyze.client.interfaces",
"actionId": "2a45ed47-e005-406b-9f4c-2d7454ad8337",
"label": "Remove",
"description": "The access right should be removed as soon as possible.",
"typeId": 99970,
"targetObjectDisplayNameProperty": "Path",
"isWithoutComment": false,
"isDirectExecutable": false,
"actionParameterPropertyNames": [
"Path",
"AccountSid",
"Rights",
"Inheritance",
"Propagation",
"PreventionReason",
"EntryId",
"AccountDisplayName"
],
"numberOfSteps": 1,
"isForInfoOnly": false
}
],
"queryId": "b9430085-e547-4363-a1fa-0e793137e739",
"queryParameters": null,
"title": "Recertification",
"queryParametersSummary": "Path: \\\\brn-cld-arm-561\\C$\\System Volume Information",
"gridColumnDefinitions": [
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 0,
"propertyName": "Path",
"label": "Path",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2,
"propertyName": "FolderName",
"label": "Folder",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 5,
"propertyName": "AccountTypeId",
"label": "Type",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 2
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 10,
"propertyName": "AccountDisplayName",
"label": "Account",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 13,
"propertyName": "IsDirectEntry",
"label": "Direct access entry",
"description": null,
"isInitiallyVisible": false,
"isHidden": false,
"gridColumnType": 8
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 15,
"propertyName": "MemberOf",
"label": "Member Of",
"description": null,
"isInitiallyVisible": false,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 20,
"propertyName": "AccountSamAccountName",
"label": "SAM-Account-Name",
"description": null,
"isInitiallyVisible": false,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 30,
"propertyName": "AccountProviderName",
"label": "Account Provider",
"description": null,
"isInitiallyVisible": false,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 40,
"propertyName": "RightsDisplayName",
"label": "Access Rights",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 50,
"propertyName": "PropagationInheritanceDisplayName",
"label": "Propagation",
"description": null,
"isInitiallyVisible": false,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 60,
"propertyName": "ExpirationDate",
"label": "Expiration Date",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 1
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 70,
"propertyName": "LastRecertificationDate",
"label": "Last Recertification",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 1
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 80,
"propertyName": "DeltaChangesType",
"label": "Status",
"description": null,
"isInitiallyVisible": true,
"isHidden": false,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "RightsDisplayPath",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "SessionId",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "DeltaChangesTypeSortId",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "AccountSid",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "Rights",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "Propagation",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "Inheritance",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "PreventionReason",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "PreventionReasonString",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "EntryPoint",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "IsCommitted",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "EntryId",
"label": null,
"description": null,
"isInitiallyVisible": true,
"isHidden": true,
"gridColumnType": 0
},
{
"Type": "8FF226EF-F85C-4ADB-99C2-CC44898A8D90",
"columnOrder": 2147483647,
"propertyName": "SupportedActionsFlags",
"label": "SupportedActionsFlags",
"description": null,
"isInitiallyVisible": false,
"isHidden": true,
"gridColumnType": 0
}
],
"dynamicGridColumnDefinitions": null,
"defaultGrouping": [
"DeltaChangesType",
"Path",
"RightsDisplayName"
]
},
"entryPoints": [
{
"Type": "CA4F57E3-4A27-448E-A57B-A45E7A7DC2C6",
"resourceType": 2,
"providerName": "brn-cld-arm-561",
"uniqueObjectKey": "\\\\brn-cld-arm-561\\C$\\System Volume Information"
}
],
"entryPointsDisplayNames": [
"\\\\brn-cld-arm-561\\C$\\System Volume Information"
],
"entryPointInfos": [
{
"$type": "System.Tuple`3[[pn.framework.ResourceKey, libInterfaces],[System.String, mscorlib],[System.String, mscorlib]], mscorlib",
"item1": {
"Type": "CA4F57E3-4A27-448E-A57B-A45E7A7DC2C6",
"resourceType": 2,
"providerName": "brn-cld-arm-561",
"uniqueObjectKey": "\\\\brn-cld-arm-561\\C$\\System Volume Information"
},
"item2": "\\\\brn-cld-arm-561\\C$\\System Volume Information",
"item3": "\\\\brn-cld-arm-561\\C$\\System Volume Information"
}
],
"userDisplayName": "Admin Norbert",
"userId": "722c8945-a68c-464d-8f94-39bd65e6a299",
"userAccountProvider": "lab.protected-networks.local",
"creationDateTimeUtc": "2026-01-08T06:25:33.3507612Z",
"modificationDateTimeUtc": "2026-01-08T06:25:33.49",
"modificationDateTime": "2026-01-08T07:25:33.49",
"creationDateTime": "2026-01-08T07:25:33.3507612",
"isFinalized": true,
"isOutDated": false
}
Get Current Recertification Session List (GET)
Returns the list of current active recertification sessions.
Route
|
URI |
/api/v1/Recertification/Session/List/Current |
|
Method |
GET |
|
Result |
JSON – Array of SessionModel |
Parameters
None
Example
GET http://localhost/api/v1/Recertification/Session/List/Current
{
"SessionId": "abc123-def456-ghi789",
"User": {
"UriKey": "john.doe@contoso.com",
"DisplayName": "John Doe",
"ResourceTypeGuid": "...",
"SerializedAccountId": "...",
"IsGroup": false,
"TypeId": 1
},
"ExpiresAt": "2024-12-05T18:00:00Z"
}
Get Current Recertification Period (GET)
Returns the current recertification period information.
Route
|
URI |
/api/v1/Recertification/Periode/Current |
|
Method |
GET |
|
Result |
JSON – PeriodModel |
Parameters
None
Example
GET http://localhost/api/v1/Recertification/Periode/Current
[
"Tuesday, September 23, 2025",
"Thursday, October 23, 2025"
]
Resume Recertification Session (POST)
Resumes a paused recertification session.
Route
|
URI |
/api/v1/Recertification/Session/{sessionId}/Resume |
|
Method |
POST |
|
Result |
JSON – SessionResumeResult |
Parameters
sessionId - The session identifier
Example
POST http://localhost/api/v1/Recertification/Session/123e4567-e89b-12d3-a456-426614174000/Resume
{
"SessionId": "abc123-def456-ghi789",
"User": {
"UriKey": "john.doe@contoso.com",
"DisplayName": "John Doe",
"ResourceTypeGuid": "...",
"SerializedAccountId": "...",
"IsGroup": false,
"TypeId": 1
},
"ExpiresAt": "2024-12-05T18:00:00Z"
}
Save Recertification Session (POST)
Saves the current state of a recertification session.
Route
|
URI |
/api/v1/Recertification/Session/{sessionId}/Save |
|
Method |
POST |
|
Result |
JSON – SessionSaveResult |
Parameters
-
sessionId - The session identifier
-
Body - Session data to save
Example
POST http://localhost/api/v1/Recertification/Session/123e4567-e89b-12d3-a456-426614174000/Save
Content-Type: application/json
{
"SessionId": "abc123-def456-ghi789",
"User": {
"UriKey": "john.doe@contoso.com",
"DisplayName": "John Doe",
"ResourceTypeGuid": "...",
"SerializedAccountId": "...",
"IsGroup": false,
"TypeId": 1
},
"ExpiresAt": "2024-12-05T18:00:00Z"
}
Get Recertification Email Types (GET)
Returns available email types for recertification notifications.
Route
|
URI |
/api/v1/Recertification/Session/GetEmailTypes |
|
Method |
GET |
|
Result |
JSON – Array of EmailTypeModel |
Parameters
None
Example
GET http://localhost/api/v1/Recertification/Session/GetEmailTypes
[
{
"MailTypeValue": 0,
"EmailType": 0,
"IsActive": true,
"TemplateName": "recert_kickoff"
},
{
"MailTypeValue": 1,
"EmailType": 1,
"IsActive": true,
"TemplateName": "recert_50reminder_do"
},
{
"MailTypeValue": 2,
"EmailType": 2,
"IsActive": true,
"TemplateName": "recert_90reminder_do"
}
]
Send Recertification Simulation (POST)
Sends a simulation email for recertification.
Route
|
URI |
/api/v1/Recertification/Session/SendSimulation |
|
Method |
POST |
|
Result |
JSON – SimulationResult |
Parameters
Body: Simulation parameters
Example
POST http://localhost/api/v1/Recertification/Session/SendSimulation
Content-Type: application/json
{simulation parameters}
Drop Recertification Sessions (DELETE)
Drops (deletes) one or more recertification sessions.
Route
|
URI |
/api/v1/Recertification/Sessions/Drop |
|
Method |
DELETE |
|
Result |
JSON – SessionDeletionResult |
Parameters
Query parameters or body with session IDs.
Example
DELETE http://localhost/api/v1/Recertification/Sessions/Drop
Content-Type: application/json
["sessionId1", "sessionId2"]