Mark staff member account Not-In-Scope
The following how-to guide explains how to mark a staff account as Not-in-scope using the Sprinto API.
You can add staff members to your Sprinto account by integrating external HRMS or email service providers. When you link a system as a staff source, all its staff accounts are included in the audit scope by default unless you specify otherwise. If there are accounts you don't want in the audit scope, you can mark them as "not in scope." This ensures Sprinto won't perform any security tasks (like policy acceptance or training) for those accounts.
The Sprinto Developer API is in beta
- Endpoints may change as we add more functionality.
Before we begin
- Ensure that you are using a valid API key.
- Ensure that you have the email address of the staff member you want to mark as not in scope.
Mark staff as Not-In-scope
You need to have the staff member's email address you want to scope out. Below is the Mutation
code you can use to perform the query.
Enter a staff member's email address for the email
argument through the variable section on the Sprinto API Playground. If you don't enter a valid email address, you will receive an error response from the server.
mutation MarkStaffAsNotInScope($email: String!, $reason: String) {
markStaffAsNotInScope(email: $email, reason: $reason) {
user {
fullName
}
}
}
{
"email": "[email protected]", //Dummy email address
"reason": "Testing the API call"
}
Try yourself: United States: Europe: India
The above API call starts with the keyword mutation
, followed up with operation name markStaffAsNotInScope
showing that it is a writing data type API call to mark a staff account as not in scope.
The argument email
should be provided with the target staff member's email address.
Additionally, you may provide an optional reason to mark the email as not-in-scope.
Upon successfully marking the staff member as not in-scope, the API returns the user object, which was updated as part of this request.
Following are the response fields you can use for the following API call:
Response field | Type | Description |
---|---|---|
lastName | String | Last name of the staff member. |
firstName | String | First name of the staff member. |
fullName | String | Full name of the staff member. |
email | String | Email address of the staff member. |
Below is the list of response codes and response messages you can get from the server for your executed API call:
Response code | Status | Message | Reason |
---|---|---|---|
200 | Success | The account is marked as in scope. | |
200 | Error | Invalid email address or a non-staff account. | A staff member with this email isn’t in the system. Make sure you haven’t already marked this email as a non-staff account. |
200 | Error | The email was assigned to an offboarded staff member. | The staff member must be part of the organization to mark them as not-in-scope. They must not be offboarded. |
401 | Unauthorized | Invalid or expired API token. | The API key is invalid or disabled. |
429 | Too many requests | There are too many requests. Please try again after some time. | You’ve breached the rate limits for the API. Please refer to rate-limitation. |
Updated 12 months ago