SailPoint API Guidelines

This site is a public hub for SailPoint's API style and design guidelines—built to help teams ship consistent, secure, evolvable APIs for customers and partners.

Start here

If you're new, begin with this page, then choose a path:

• Designing a new API: read the core principles, then work through the Rules categories as you model resources, errors, pagination, and security.
• Reviewing an API: use the Rules as a checklist (each rule has a stable ID you can cite in review comments and docs).
• Implementing an API: follow the Rules for the normative “must/should” requirements; use Guides for rationale and examples.
• Integrating with SailPoint APIs: use the Rules as a contract checklist and the Guides for practical patterns (pagination, errors, retries) and terminology.

What's in this hub?

Rules (normative)

Rules are the authoritative guard rails. They use RFC 2119 language (MUST/SHOULD/MAY) and preserve stable numeric IDs for durable references.

• Browse all Rules

Guides (non-normative)

Guides explain intent and provide patterns and examples that help teams apply the Rules.

• Read Guides

Appendices (reference)

Appendices provide reusable reference material: glossaries, checklists, and recipe-style guidance.

• Browse Appendices

Quick links

• Resource modeling & URLs
• Security & Authorization
• HTTP semantics
• Lifecycle & compatibility
• Requests & querying
• Payload conventions
• Data types & common objects