> ## Documentation Index
> Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Campaign Scope And Entitlements

> GetCampaignScopeAndEntitlements retrieves the current scope configuration and selected entitlements for an access review campaign.



## OpenAPI

````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples get /api/v1/access_review/{access_review_id}/scope_and_entitlements
openapi: 3.1.0
info:
  description: The C1 API is a HTTP API for managing C1 resources.
  title: C1 API
  version: 0.1.0-alpha
servers:
  - description: The C1 API server for the current tenant.
    url: https://{tenantDomain}.conductor.one
    variables:
      tenantDomain:
        default: example
        description: The domain of the tenant to use for this request.
security:
  - bearerAuth: []
    oauth: []
paths:
  /api/v1/access_review/{access_review_id}/scope_and_entitlements:
    get:
      tags:
        - Access Review
      summary: Get Campaign Scope And Entitlements
      description: >-
        GetCampaignScopeAndEntitlements retrieves the current scope
        configuration and selected entitlements for an access review campaign.
      operationId: >-
        c1.api.accessreview.v1.AccessReviewSetupEntitlementService.GetCampaignScopeAndEntitlements
      parameters:
        - in: path
          name: access_review_id
          required: true
          schema:
            description: >-
              The ID of the access review campaign to retrieve scope and
              entitlements for.
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/c1.api.accessreview.v1.AccessReviewSetupEntitlementAndScopeServiceSetResponse
          description: Successful response
      x-codeSamples:
        - lang: go
          label: GetCampaignScopeAndEntitlements
          source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n    ctx := context.Background()\n\n    s := conductoronesdkgo.New(\n        conductoronesdkgo.WithSecurity(shared.Security{\n            BearerAuth: \"<YOUR_BEARER_TOKEN_HERE>\",\n            Oauth: \"<YOUR_OAUTH_HERE>\",\n        }),\n    )\n\n    res, err := s.AccessReviewSetupEntitlement.GetCampaignScopeAndEntitlements(ctx, operations.C1APIAccessreviewV1AccessReviewSetupEntitlementServiceGetCampaignScopeAndEntitlementsRequest{\n        AccessReviewID: \"<id>\",\n    })\n    if err != nil {\n        log.Fatal(err)\n    }\n    if res.AccessReviewSetupEntitlementAndScopeServiceSetResponse != nil {\n        // handle response\n    }\n}"
        - lang: typescript
          label: Typescript (SDK)
          source: >-
            import { ConductoroneSDKTypescript } from
            "conductorone-sdk-typescript";


            const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
              security: {
                bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
                oauth: "<YOUR_OAUTH_HERE>",
              },
            });


            async function run() {
              const result = await conductoroneSDKTypescript.accessReviewSetupEntitlement.getCampaignScopeAndEntitlements({
                accessReviewId: "<id>",
              });

              console.log(result);
            }


            run();
components:
  schemas:
    c1.api.accessreview.v1.AccessReviewSetupEntitlementAndScopeServiceSetResponse:
      description: The AccessReviewSetupEntitlementAndScopeServiceSetResponse message.
      properties:
        expanded:
          description: Related objects requested via the expand mask.
          items:
            additionalProperties: true
            description: >-
              Contains an arbitrary serialized message along with a @type that
              describes the type of the serialized message.
            properties:
              '@type':
                description: The type of the serialized message.
                type: string
            type: object
          type:
            - array
            - 'null'
        list:
          description: The current list of setup entitlements for the campaign.
          items:
            $ref: >-
              #/components/schemas/c1.api.accessreview.v1.AccessReviewSetupEntitlementView
          type:
            - array
            - 'null'
        scopeV2:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.AccessReviewScopeV2'
            - type: 'null'
      title: Access Review Setup Entitlement And Scope Service Set Response
      type: object
      x-speakeasy-name-override: AccessReviewSetupEntitlementAndScopeServiceSetResponse
    c1.api.accessreview.v1.AccessReviewSetupEntitlementView:
      description: The AccessReviewSetupEntitlementView message.
      properties:
        accessReviewEntitlement:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.AccessReviewSetupEntitlement
            - type: 'null'
        appPath:
          description: The appPath field.
          type:
            - string
            - 'null'
        entitlementPath:
          description: The entitlementPath field.
          type:
            - string
            - 'null'
        policyPath:
          description: The policyPath field.
          type:
            - string
            - 'null'
      title: Access Review Setup Entitlement View
      type: object
      x-speakeasy-name-override: AccessReviewSetupEntitlementView
    c1.api.accessreview.v1.AccessReviewScopeV2:
      description: >
        The AccessReviewScopeV2 message.


        This message contains a oneof named apps_and_resources_scope. Only a
        single field of the following list may be set at a time:
          - appAccess
          - specificResources
          - appSelectionCriteria
          - resourceTypeSelections


        This message contains a oneof named users_scope. Only a single field of
        the following list may be set at a time:
          - allUsers
          - selectedUsers
          - userCriteria
          - celExpression


        This message contains a oneof named accounts_scope. Only a single field
        of the following list may be set at a time:
          - allAccounts
          - accountCriteria
          - accountCelExpression


        This message contains a oneof named grants_scope. Only a single field of
        the following list may be set at a time:
          - allGrants
          - grantsByCriteria


        This message contains a oneof named access_conflicts_scope. Only a
        single field of the following list may be set at a time:
          - allAccessConflicts
          - specificAccessConflicts


        This message contains a oneof named resource_scope. Only a single field
        of the following list may be set at a time:
          - resourceSelection
      properties:
        accountCelExpression:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.CelExpressionScope'
            - type: 'null'
        accountCriteria:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.AccountCriteriaScope'
            - type: 'null'
        allAccessConflicts:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.AllAccessConflictsScope
            - type: 'null'
        allAccounts:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.AllAccountsScope'
            - type: 'null'
        allGrants:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.AllGrantsScope'
            - type: 'null'
        allUsers:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.AllUsersScope'
            - type: 'null'
        appAccess:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.ApplicationAccessScope
            - type: 'null'
        appSelectionCriteria:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.AppSelectionCriteriaScope
            - type: 'null'
        celExpression:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.CelExpressionScope'
            - type: 'null'
        grantsByCriteria:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.GrantsByCriteriaScope
            - type: 'null'
        resourceSelection:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.ResourceSelectionScope
            - type: 'null'
        resourceTypeSelections:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.ResourceTypeSelectionScope
            - type: 'null'
        selectedUsers:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.SelectedUsersScope'
            - type: 'null'
        specificAccessConflicts:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.SpecificAccessConflictsScope
            - type: 'null'
        specificResources:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.SpecificResourcesScope
            - type: 'null'
        userCriteria:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.UserCriteriaScope'
            - type: 'null'
      title: Access Review Scope V 2
      type: object
      x-speakeasy-name-override: AccessReviewScopeV2
    c1.api.accessreview.v1.AccessReviewSetupEntitlement:
      description: >-
        An entitlement that has been selected for inclusion in an access review
        campaign during setup.
      properties:
        accessReviewId:
          description: The ID of the access review campaign this entitlement belongs to.
          type:
            - string
            - 'null'
        appEntitlementId:
          description: The ID of the entitlement being reviewed.
          type:
            - string
            - 'null'
        appId:
          description: The ID of the application that owns the entitlement.
          type:
            - string
            - 'null'
        appResourceId:
          description: >-
            The ID of the specific resource associated with this entitlement, if
            applicable.
          type:
            - string
            - 'null'
        appResourceTypeId:
          description: >-
            The ID of the resource type associated with this entitlement, if
            applicable.
          type:
            - string
            - 'null'
        createdAt:
          format: date-time
          readOnly: true
          type:
            - string
            - 'null'
        customPolicyId:
          description: >-
            An override policy ID for this specific entitlement. Populated when
            use_policy_override is enabled on the campaign.
          type:
            - string
            - 'null'
        deletedAt:
          format: date-time
          readOnly: true
          type:
            - string
            - 'null'
        policyId:
          description: >-
            The ID of the review policy applied to this entitlement. Defaults to
            the campaign policy.
          type:
            - string
            - 'null'
        tenantId:
          description: The tenant that owns this setup entitlement.
          type:
            - string
            - 'null'
        updatedAt:
          format: date-time
          readOnly: true
          type:
            - string
            - 'null'
      title: Access Review Setup Entitlement
      type: object
      x-speakeasy-name-override: AccessReviewSetupEntitlement
    c1.api.accessreview.v1.CelExpressionScope:
      description: The CelExpressionScope message.
      properties:
        expression:
          description: The expression field.
          type:
            - string
            - 'null'
      title: Cel Expression Scope
      type: object
      x-speakeasy-name-override: CelExpressionScope
    c1.api.accessreview.v1.AccountCriteriaScope:
      description: The AccountCriteriaScope message.
      properties:
        accountDomain:
          description: The accountDomain field.
          enum:
            - APP_USER_DOMAIN_UNSPECIFIED
            - APP_USER_DOMAIN_EXTERNAL
            - APP_USER_DOMAIN_TRUSTED
          type:
            - string
            - 'null'
          x-speakeasy-unknown-values: allow
        accountTypes:
          description: The accountTypes field.
          items:
            enum:
              - APP_USER_TYPE_UNSPECIFIED
              - APP_USER_TYPE_USER
              - APP_USER_TYPE_SERVICE_ACCOUNT
              - APP_USER_TYPE_SYSTEM_ACCOUNT
            type: string
            x-speakeasy-unknown-values: allow
          type:
            - array
            - 'null'
        appUserStatuses:
          description: The appUserStatuses field.
          items:
            enum:
              - APP_USER_STATUS_UNSPECIFIED
              - APP_USER_STATUS_ENABLED
              - APP_USER_STATUS_DISABLED
              - APP_USER_STATUS_DELETED
            type: string
            x-speakeasy-unknown-values: allow
          type:
            - array
            - 'null'
        noAccountOwner:
          description: The noAccountOwner field.
          type:
            - boolean
            - 'null'
      title: Account Criteria Scope
      type: object
      x-speakeasy-name-override: AccountCriteriaScope
    c1.api.accessreview.v1.AllAccessConflictsScope:
      description: The AllAccessConflictsScope message.
      title: All Access Conflicts Scope
      type: object
      x-speakeasy-name-override: AllAccessConflictsScope
    c1.api.accessreview.v1.AllAccountsScope:
      description: The AllAccountsScope message.
      title: All Accounts Scope
      type: object
      x-speakeasy-name-override: AllAccountsScope
    c1.api.accessreview.v1.AllGrantsScope:
      description: The AllGrantsScope message.
      title: All Grants Scope
      type: object
      x-speakeasy-name-override: AllGrantsScope
    c1.api.accessreview.v1.AllUsersScope:
      description: The AllUsersScope message.
      title: All Users Scope
      type: object
      x-speakeasy-name-override: AllUsersScope
    c1.api.accessreview.v1.ApplicationAccessScope:
      description: The ApplicationAccessScope message.
      title: Application Access Scope
      type: object
      x-speakeasy-name-override: ApplicationAccessScope
    c1.api.accessreview.v1.AppSelectionCriteriaScope:
      description: The AppSelectionCriteriaScope message.
      properties:
        complianceFrameworkAttributeValueIds:
          description: The complianceFrameworkAttributeValueIds field.
          items:
            type: string
          type:
            - array
            - 'null'
        riskLevelAttributeValueIds:
          description: The riskLevelAttributeValueIds field.
          items:
            type: string
          type:
            - array
            - 'null'
      title: App Selection Criteria Scope
      type: object
      x-speakeasy-name-override: AppSelectionCriteriaScope
    c1.api.accessreview.v1.GrantsByCriteriaScope:
      description: >
        The GrantsByCriteriaScope message.


        This message contains a oneof named criteria_filter. Only a single field
        of the following list may be set at a time:
          - daysSinceAdded
          - daysSinceReviewed
          - grantsAddedBetween
      properties:
        accessProfileFilter:
          oneOf:
            - $ref: >-
                #/components/schemas/c1.api.accessreview.v1.GrantAccessProfileFilter
            - type: 'null'
        daysSinceAdded:
          format: duration
          type:
            - string
            - 'null'
        daysSinceLastUsed:
          format: duration
          type:
            - string
            - 'null'
        daysSinceReviewed:
          format: duration
          type:
            - string
            - 'null'
        grantsAddedBetween:
          oneOf:
            - $ref: '#/components/schemas/c1.api.accessreview.v1.GrantsAddedBetween'
            - type: 'null'
        sourceFilter:
          description: The sourceFilter field.
          enum:
            - GRANT_SOURCE_FILTER_UNSPECIFIED
            - GRANT_SOURCE_FILTER_DIRECT
            - GRANT_SOURCE_FILTER_INHERITED
          type:
            - string
            - 'null'
          x-speakeasy-unknown-values: allow
        typeFilter:
          description: The typeFilter field.
          enum:
            - GRANT_FILTER_TYPE_UNSPECIFIED
            - GRANT_FILTER_TYPE_PERMANENT
            - GRANT_FILTER_TYPE_TEMPORARY
          type:
            - string
            - 'null'
          x-speakeasy-unknown-values: allow
      title: Grants By Criteria Scope
      type: object
      x-speakeasy-name-override: GrantsByCriteriaScope
    c1.api.accessreview.v1.ResourceSelectionScope:
      description: The ResourceSelectionScope message.
      title: Resource Selection Scope
      type: object
      x-speakeasy-name-override: ResourceSelectionScope
    c1.api.accessreview.v1.ResourceTypeSelectionScope:
      description: The ResourceTypeSelectionScope message.
      title: Resource Type Selection Scope
      type: object
      x-speakeasy-name-override: ResourceTypeSelectionScope
    c1.api.accessreview.v1.SelectedUsersScope:
      description: The SelectedUsersScope message.
      properties:
        userIds:
          description: The userIds field.
          items:
            type: string
          type:
            - array
            - 'null'
      title: Selected Users Scope
      type: object
      x-speakeasy-name-override: SelectedUsersScope
    c1.api.accessreview.v1.SpecificAccessConflictsScope:
      description: The SpecificAccessConflictsScope message.
      title: Specific Access Conflicts Scope
      type: object
      x-speakeasy-name-override: SpecificAccessConflictsScope
    c1.api.accessreview.v1.SpecificResourcesScope:
      description: The SpecificResourcesScope message.
      title: Specific Resources Scope
      type: object
      x-speakeasy-name-override: SpecificResourcesScope
    c1.api.accessreview.v1.UserCriteriaScope:
      description: The UserCriteriaScope message.
      properties:
        groupAppEntitlementsRef:
          description: The groupAppEntitlementsRef field.
          items:
            $ref: '#/components/schemas/c1.api.app.v1.AppEntitlementRef'
          type:
            - array
            - 'null'
        managerUserIds:
          description: The managerUserIds field.
          items:
            type: string
          type:
            - array
            - 'null'
        multiUserProfileAttributes:
          additionalProperties:
            $ref: >-
              #/components/schemas/c1.api.accessreview.v1.IncludedUserAttributeValues
          description: The multiUserProfileAttributes field.
          type: object
        userStatus:
          description: The userStatus field.
          items:
            enum:
              - UNKNOWN
              - ENABLED
              - DISABLED
              - DELETED
            type: string
            x-speakeasy-unknown-values: allow
          type:
            - array
            - 'null'
      title: User Criteria Scope
      type: object
      x-speakeasy-name-override: UserCriteriaScope
    c1.api.accessreview.v1.GrantAccessProfileFilter:
      description: The GrantAccessProfileFilter message.
      properties:
        excludedAccessProfileIds:
          description: |-
            Access profile IDs to EXCLUDE from the campaign
             Used when filter_type = EXCLUDE_SPECIFIC
             Max 32 profile IDs
          items:
            type: string
          type:
            - array
            - 'null'
        filterType:
          description: The filterType field.
          enum:
            - ACCESS_PROFILE_FILTER_TYPE_UNSPECIFIED
            - ACCESS_PROFILE_FILTER_TYPE_INCLUDE_ALL
            - ACCESS_PROFILE_FILTER_TYPE_EXCLUDE_ALL
            - ACCESS_PROFILE_FILTER_TYPE_EXCLUDE_SPECIFIC
            - ACCESS_PROFILE_FILTER_TYPE_INCLUDE_SPECIFIC
          type:
            - string
            - 'null'
          x-speakeasy-unknown-values: allow
        includedAccessProfileIds:
          description: |-
            Access profile IDs to INCLUDE in the campaign
             Used when filter_type = INCLUDE_SPECIFIC
             Max 32 profile IDs
          items:
            type: string
          type:
            - array
            - 'null'
      title: Grant Access Profile Filter
      type: object
      x-speakeasy-name-override: GrantAccessProfileFilter
    c1.api.accessreview.v1.GrantsAddedBetween:
      description: The GrantsAddedBetween message.
      properties:
        endDate:
          format: date-time
          type:
            - string
            - 'null'
        startDate:
          format: date-time
          type:
            - string
            - 'null'
      title: Grants Added Between
      type: object
      x-speakeasy-name-override: GrantsAddedBetween
    c1.api.app.v1.AppEntitlementRef:
      description: The AppEntitlementRef message.
      properties:
        appId:
          description: The appId field.
          type:
            - string
            - 'null'
        id:
          description: The id field.
          type:
            - string
            - 'null'
      title: App Entitlement Ref
      type: object
      x-speakeasy-name-override: AppEntitlementRef
    c1.api.accessreview.v1.IncludedUserAttributeValues:
      description: The IncludedUserAttributeValues message.
      properties:
        values:
          description: The values field.
          items:
            $ref: >-
              #/components/schemas/c1.api.accessreview.v1.IncludedUserAttributeValue
          type:
            - array
            - 'null'
      title: Included User Attribute Values
      type: object
      x-speakeasy-name-override: IncludedUserAttributeValues
    c1.api.accessreview.v1.IncludedUserAttributeValue:
      description: The IncludedUserAttributeValue message.
      properties:
        value:
          description: The value field.
          type:
            - string
            - 'null'
      title: Included User Attribute Value
      type: object
      x-speakeasy-name-override: IncludedUserAttributeValue
  securitySchemes:
    bearerAuth:
      scheme: bearer
      type: http
    oauth:
      description: >-
        This API uses OAuth2 with the Client Credential flow.

        Client Credentials must be sent in the BODY, not the headers.

        For an example of how to implement this, refer to the
        [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187)
        function.
      flows:
        clientCredentials:
          scopes: {}
          tokenUrl: /auth/v1/token
      type: oauth2

````