> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create > Creates a new request catalog. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/catalogs openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/catalogs: post: tags: - Request Catalog summary: Create description: Creates a new request catalog. operationId: c1.api.requestcatalog.v1.RequestCatalogManagementService.Create requestBody: content: application/json: schema: $ref: >- #/components/schemas/c1.api.requestcatalog.v1.RequestCatalogManagementServiceCreateRequest responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.requestcatalog.v1.RequestCatalogManagementServiceGetResponse description: >- The request catalog management service get response returns a request catalog view with the expanded items in the expanded array indicated by the expand mask in the request. x-codeSamples: - lang: go label: Create source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.RequestCatalogManagement.Create(ctx, nil)\n if err != nil {\n log.Fatal(err)\n }\n if res.RequestCatalogManagementServiceGetResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.requestCatalogManagement.create(); console.log(result); } run(); components: schemas: c1.api.requestcatalog.v1.RequestCatalogManagementServiceCreateRequest: description: Create a request catalog. properties: description: description: The description of the new request catalog. readOnly: false type: string displayName: description: The display name of the new request catalog. readOnly: false type: string enrollmentBehavior: description: >- Defines how to handle the request policies of the entitlements in the catalog during enrollment. enum: - REQUEST_CATALOG_ENROLLMENT_BEHAVIOR_UNSPECIFIED - >- REQUEST_CATALOG_ENROLLMENT_BEHAVIOR_BYPASS_ENTITLEMENT_REQUEST_POLICY - >- REQUEST_CATALOG_ENROLLMENT_BEHAVIOR_ENFORCE_ENTITLEMENT_REQUEST_POLICY readOnly: false type: string x-speakeasy-unknown-values: allow expandMask: $ref: >- #/components/schemas/c1.api.requestcatalog.v1.RequestCatalogExpandMask grantPolicyId: description: The ID of the grant policy for access requests in this catalog. readOnly: false type: string published: description: Whether or not the new catalog should be created as published. readOnly: false type: boolean requestBundle: description: >- Whether all the entitlements in the catalog can be requests at once. Your tenant must have the bundles feature to use this. readOnly: false type: boolean unenrollmentBehavior: description: >- Defines how to handle the revocation of the entitlements in the catalog during unenrollment. enum: - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_UNSPECIFIED - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_LEAVE_ACCESS_AS_IS - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_REVOKE_ALL - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_REVOKE_UNJUSTIFIED readOnly: false type: string x-speakeasy-unknown-values: allow unenrollmentEntitlementBehavior: description: >- Defines how to handle the revoke policies of the entitlements in the catalog during unenrollment. enum: - REQUEST_CATALOG_UNENROLLMENT_ENTITLEMENT_BEHAVIOR_UNSPECIFIED - REQUEST_CATALOG_UNENROLLMENT_ENTITLEMENT_BEHAVIOR_BYPASS - REQUEST_CATALOG_UNENROLLMENT_ENTITLEMENT_BEHAVIOR_ENFORCE readOnly: false type: string x-speakeasy-unknown-values: allow visibleToEveryone: description: Whether or not the new catalog is visible to everyone by default. readOnly: false type: boolean required: - displayName title: Request Catalog Management Service Create Request type: object x-speakeasy-entity: Access_Profile x-speakeasy-name-override: RequestCatalogManagementServiceCreateRequest c1.api.requestcatalog.v1.RequestCatalogManagementServiceGetResponse: description: >- The request catalog management service get response returns a request catalog view with the expanded items in the expanded array indicated by the expand mask in the request. properties: expanded: description: List of serialized related objects. items: additionalProperties: true description: >- Contains an arbitrary serialized message along with a @type that describes the type of the serialized message. properties: '@type': description: The type of the serialized message. type: string readOnly: false type: object nullable: true readOnly: false type: array requestCatalogView: $ref: '#/components/schemas/c1.api.requestcatalog.v1.RequestCatalogView' title: Request Catalog Management Service Get Response type: object x-speakeasy-name-override: RequestCatalogManagementServiceGetResponse c1.api.requestcatalog.v1.RequestCatalogExpandMask: description: >- The RequestCatalogExpandMask includes the paths in the catalog view to expand in the return value of this call. properties: paths: description: >- An array of paths to be expanded in the response. May be any combination of "*", "created_by_user_id", "app_ids", and "access_entitlements". items: type: string nullable: true readOnly: false type: array title: Request Catalog Expand Mask type: object x-speakeasy-name-override: RequestCatalogExpandMask c1.api.requestcatalog.v1.RequestCatalogView: description: >- The request catalog view contains the serialized request catalog and paths to objects referenced by the request catalog. properties: accessEntitlementsPath: description: >- JSONPATH expression indicating the location of the access entitlement objects, that the request catalog allows users to request, in the array. readOnly: false type: string createdByUserPath: description: >- JSONPATH expression indicating the location of the User object, that created the request catalog, in the array. readOnly: false type: string memberCount: description: Total number of the members of the catalog format: int64 readOnly: false type: string requestCatalog: $ref: '#/components/schemas/c1.api.requestcatalog.v1.RequestCatalog' title: Request Catalog View type: object x-speakeasy-name-override: RequestCatalogView c1.api.requestcatalog.v1.RequestCatalog: description: >- The RequestCatalog is used for managing which entitlements are requestable, and who can request them. properties: accessEntitlements: description: >- An array of app entitlements that, if the user has, can view the contents of this catalog. items: $ref: '#/components/schemas/c1.api.app.v1.AppEntitlement' nullable: true readOnly: false type: array createdAt: format: date-time readOnly: true type: string createdByUserId: description: The id of the user this request catalog was created by. readOnly: false type: string deletedAt: format: date-time readOnly: true type: string description: description: The description of the request catalog. readOnly: false type: string displayName: description: The display name of the request catalog. readOnly: false type: string enrollmentBehavior: description: >- Defines how to handle the request policies of the entitlements in the catalog during enrollment. enum: - REQUEST_CATALOG_ENROLLMENT_BEHAVIOR_UNSPECIFIED - >- REQUEST_CATALOG_ENROLLMENT_BEHAVIOR_BYPASS_ENTITLEMENT_REQUEST_POLICY - >- REQUEST_CATALOG_ENROLLMENT_BEHAVIOR_ENFORCE_ENTITLEMENT_REQUEST_POLICY readOnly: false type: string x-speakeasy-unknown-values: allow grantPolicyId: description: |- The ID of the policy to use for access requests in this catalog. This is different from the catalog AppEntitlement's grant_policy_id, which is used for catalog membership grants. readOnly: false type: string id: description: The id of the request catalog. readOnly: false type: string published: description: Whether or not this catalog is published. readOnly: false type: boolean requestBundle: description: >- Whether all the entitlements in the catalog can be requests at once. Your tenant must have the bundles feature to use this. readOnly: false type: boolean unenrollmentBehavior: description: >- Defines how to handle the revocation of the entitlements in the catalog during unenrollment. enum: - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_UNSPECIFIED - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_LEAVE_ACCESS_AS_IS - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_REVOKE_ALL - REQUEST_CATALOG_UNENROLLMENT_BEHAVIOR_REVOKE_UNJUSTIFIED readOnly: false type: string x-speakeasy-unknown-values: allow unenrollmentEntitlementBehavior: description: >- Defines how to handle the revoke policies of the entitlements in the catalog during unenrollment. enum: - REQUEST_CATALOG_UNENROLLMENT_ENTITLEMENT_BEHAVIOR_UNSPECIFIED - REQUEST_CATALOG_UNENROLLMENT_ENTITLEMENT_BEHAVIOR_BYPASS - REQUEST_CATALOG_UNENROLLMENT_ENTITLEMENT_BEHAVIOR_ENFORCE readOnly: false type: string x-speakeasy-unknown-values: allow updatedAt: format: date-time readOnly: true type: string visibleToEveryone: description: If this is true, the access entitlement requirement is ignored. readOnly: false type: boolean title: Request Catalog type: object x-speakeasy-entity: Access_Profile x-speakeasy-name-override: RequestCatalog c1.api.app.v1.AppEntitlement: description: > The app entitlement represents one permission in a downstream App (SAAS) that can be granted. For example, GitHub Read vs GitHub Write. This message contains a oneof named max_grant_duration. Only a single field of the following list may be set at a time: - durationUnset - durationGrant properties: alias: description: >- The alias of the app entitlement used by Cone. Also exact-match queryable. readOnly: false type: string appId: description: The ID of the app that is associated with the app entitlement. readOnly: false type: string appResourceId: description: >- The ID of the app resource that is associated with the app entitlement readOnly: false type: string appResourceTypeId: description: >- The ID of the app resource type that is associated with the app entitlement readOnly: false type: string certifyPolicyId: description: >- The ID of the policy that will be used for certify tickets related to the app entitlement. readOnly: false type: string complianceFrameworkValueIds: description: >- The IDs of different compliance frameworks associated with this app entitlement ex (SOX, HIPAA, PCI, etc.) items: type: string nullable: true readOnly: false type: array createdAt: format: date-time readOnly: true type: string defaultValuesApplied: description: >- Flag to indicate if app-level access request defaults have been applied to the entitlement readOnly: false type: boolean deletedAt: format: date-time readOnly: true type: string deprovisionerPolicy: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy' description: description: The description of the app entitlement. readOnly: false type: string displayName: description: The display name of the app entitlement. readOnly: false type: string durationGrant: format: duration readOnly: false type: string durationUnset: nullable: true readOnly: false type: object emergencyGrantEnabled: description: >- This enables tasks to be created in an emergency and use a selected emergency access policy. readOnly: false type: boolean emergencyGrantPolicyId: description: >- The ID of the policy that will be used for emergency access grant tasks. readOnly: false type: string externalId: description: >- The upstream product's native external ID for this entitlement (e.g. an Okta group ID). Populated from the connector's external ID during sync. readOnly: true type: string grantCount: description: The amount of grants open for this entitlement format: int64 readOnly: true type: string grantPolicyId: description: >- The ID of the policy that will be used for grant tickets related to the app entitlement. readOnly: false type: string id: description: The unique ID for the App Entitlement. readOnly: true type: string isAutomationEnabled: description: >- Flag to indicate whether automation (for adding users to entitlement based on rules) has been enabled. readOnly: true type: boolean isManuallyManaged: description: Flag to indicate if the app entitlement is manually managed. readOnly: false type: boolean matchBatonId: description: >- An identifier used to match this entitlement to a connector-synced entitlement during sync. readOnly: false type: string overrideAccessRequestsDefaults: description: >- Flag to indicate if the app-level access request settings have been overridden for the entitlement readOnly: false type: boolean provisionerPolicy: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy' purpose: description: >- The purpose of this entitlement (e.g., assignment, permission, ownership). enum: - APP_ENTITLEMENT_PURPOSE_VALUE_UNSPECIFIED - APP_ENTITLEMENT_PURPOSE_VALUE_ASSIGNMENT - APP_ENTITLEMENT_PURPOSE_VALUE_PERMISSION - APP_ENTITLEMENT_PURPOSE_VALUE_OWNERSHIP readOnly: false type: string x-speakeasy-unknown-values: allow requestSchemaId: description: The ID of the request schema associated with this app entitlement. readOnly: false type: string revokePolicyId: description: >- The ID of the policy that will be used for revoke tickets related to the app entitlement readOnly: false type: string riskLevelValueId: description: The ID of the risk level assigned to this entitlement. readOnly: false type: string slug: description: >- The slug is displayed as an oval next to the name in the frontend of C1, it tells you what permission the entitlement grants. See https://www.conductorone.com/docs/product/admin/entitlements/ readOnly: false type: string sourceConnectorIds: additionalProperties: type: string description: Map to tell us which connector the entitlement came from. readOnly: false type: object systemBuiltin: description: This field indicates if this is a system builtin entitlement. readOnly: true type: boolean updatedAt: format: date-time readOnly: true type: string userEditedMask: nullable: true readOnly: false type: string title: App Entitlement type: object x-speakeasy-entity: Custom App Entitlement x-speakeasy-name-override: AppEntitlement c1.api.policy.v1.ProvisionPolicy: description: > ProvisionPolicy is a oneOf that indicates how a provision step should be processed. This message contains a oneof named typ. Only a single field of the following list may be set at a time: - connector - manual - delegated - webhook - multiStep - externalTicket - unconfigured - action properties: action: $ref: '#/components/schemas/c1.api.policy.v1.ActionProvision' connector: $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision' delegated: $ref: '#/components/schemas/c1.api.policy.v1.DelegatedProvision' externalTicket: $ref: '#/components/schemas/c1.api.policy.v1.ExternalTicketProvision' manual: $ref: '#/components/schemas/c1.api.policy.v1.ManualProvision' multiStep: $ref: '#/components/schemas/c1.api.policy.v1.MultiStep' unconfigured: $ref: '#/components/schemas/c1.api.policy.v1.UnconfiguredProvision' webhook: $ref: '#/components/schemas/c1.api.policy.v1.WebhookProvision' title: Provision Policy type: object x-speakeasy-name-override: ProvisionPolicy c1.api.policy.v1.ActionProvision: description: >- This provision step indicates that account lifecycle action should be called to provision this entitlement. nullable: true properties: actionName: description: The actionName field. readOnly: false type: string appId: description: The appId field. readOnly: false type: string connectorId: description: The connectorId field. readOnly: false type: string displayName: description: The displayName field. readOnly: false type: string title: Action Provision type: object x-speakeasy-name-override: ActionProvision c1.api.policy.v1.ConnectorProvision: description: > Indicates that a connector should perform the provisioning. This object has no fields. This message contains a oneof named provision_type. Only a single field of the following list may be set at a time: - defaultBehavior - account - deleteAccount nullable: true properties: account: $ref: >- #/components/schemas/c1.api.policy.v1.ConnectorProvision.AccountProvision defaultBehavior: $ref: >- #/components/schemas/c1.api.policy.v1.ConnectorProvision.DefaultBehavior deleteAccount: $ref: >- #/components/schemas/c1.api.policy.v1.ConnectorProvision.DeleteAccount title: Connector Provision type: object x-speakeasy-name-override: ConnectorProvision c1.api.policy.v1.DelegatedProvision: description: >- This provision step indicates that we should delegate provisioning to the configuration of another app entitlement. This app entitlement does not have to be one from the same app, but MUST be configured as a proxy binding leading into this entitlement. nullable: true properties: appId: description: The AppID of the entitlement to delegate provisioning to. readOnly: false type: string entitlementId: description: The ID of the entitlement we are delegating provisioning to. readOnly: false type: string implicit: description: >- If true, a binding will be automatically created from the entitlement of the parent app. readOnly: false type: boolean title: Delegated Provision type: object x-speakeasy-name-override: DelegatedProvision c1.api.policy.v1.ExternalTicketProvision: description: >- This provision step indicates that we should check an external ticket to provision this entitlement nullable: true properties: appId: description: The appId field. readOnly: false type: string connectorId: description: The connectorId field. readOnly: false type: string externalTicketProvisionerConfigId: description: The externalTicketProvisionerConfigId field. readOnly: false type: string instructions: description: >- This field indicates a text body of instructions for the provisioner to indicate. readOnly: false type: string title: External Ticket Provision type: object x-speakeasy-name-override: ExternalTicketProvision c1.api.policy.v1.ManualProvision: description: >- Manual provisioning indicates that a human must intervene for the provisioning of this step. nullable: true properties: assignee: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionerAssignment' instructions: description: >- This field indicates a text body of instructions for the provisioner to indicate. readOnly: false type: string userIds: description: |- An array of users that are required to provision during this step. Deprecated: Use assignee field instead for dynamic provisioner assignment. items: type: string nullable: true readOnly: false type: array title: Manual Provision type: object x-speakeasy-name-override: ManualProvision c1.api.policy.v1.MultiStep: description: >- MultiStep indicates that this provision step has multiple steps to process. nullable: true properties: provisionSteps: description: The array of provision steps to process. items: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy' nullable: true readOnly: false type: array title: Multi Step type: object x-speakeasy-name-override: MultiStep c1.api.policy.v1.UnconfiguredProvision: description: The UnconfiguredProvision message. nullable: true title: Unconfigured Provision type: object x-speakeasy-name-override: UnconfiguredProvision c1.api.policy.v1.WebhookProvision: description: >- This provision step indicates that a webhook should be called to provision this entitlement. nullable: true properties: webhookId: description: The ID of the webhook to call for provisioning. readOnly: false type: string title: Webhook Provision type: object x-speakeasy-name-override: WebhookProvision c1.api.policy.v1.ConnectorProvision.AccountProvision: description: > The AccountProvision message. This message contains a oneof named storage_type. Only a single field of the following list may be set at a time: - saveToVault - doNotSave nullable: true properties: config: additionalProperties: true readOnly: false type: object connectorId: description: The connectorId field. readOnly: false type: string doNotSave: $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision.DoNotSave' saveToVault: $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision.SaveToVault' schemaId: description: The schemaId field. readOnly: false type: string title: Account Provision type: object x-speakeasy-name-override: AccountProvision c1.api.policy.v1.ConnectorProvision.DefaultBehavior: description: The DefaultBehavior message. nullable: true properties: connectorId: description: >- this checks if the entitlement is enabled by provisioning in a specific connector this can happen automatically and doesn't need any extra info readOnly: false type: string title: Default Behavior type: object x-speakeasy-name-override: DefaultBehavior c1.api.policy.v1.ConnectorProvision.DeleteAccount: description: The DeleteAccount message. nullable: true properties: connectorId: description: The connectorId field. readOnly: false type: string title: Delete Account type: object x-speakeasy-name-override: DeleteAccount c1.api.policy.v1.ProvisionerAssignment: description: > ProvisionerAssignment defines how a provisioner is dynamically assigned. This message contains a oneof named typ. Only a single field of the following list may be set at a time: - users - appOwners - group - manager - expression - entitlementOwners properties: appOwners: $ref: '#/components/schemas/c1.api.policy.v1.AppOwnerProvisioner' entitlementOwners: $ref: '#/components/schemas/c1.api.policy.v1.EntitlementOwnerProvisioner' expression: $ref: '#/components/schemas/c1.api.policy.v1.ExpressionProvisioner' group: $ref: '#/components/schemas/c1.api.policy.v1.GroupProvisioner' manager: $ref: '#/components/schemas/c1.api.policy.v1.ManagerProvisioner' users: $ref: '#/components/schemas/c1.api.policy.v1.UserProvisioner' title: Provisioner Assignment type: object x-speakeasy-name-override: ProvisionerAssignment c1.api.policy.v1.ConnectorProvision.DoNotSave: description: The DoNotSave message. nullable: true title: Do Not Save type: object x-speakeasy-name-override: DoNotSave c1.api.policy.v1.ConnectorProvision.SaveToVault: description: The SaveToVault message. nullable: true properties: vaultIds: description: The vaultIds field. items: type: string nullable: true readOnly: false type: array title: Save To Vault type: object x-speakeasy-name-override: SaveToVault c1.api.policy.v1.AppOwnerProvisioner: description: AppOwnerProvisioner resolves to app owners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean fallbackUserIds: description: Fallback user IDs if no app owners are found. items: type: string nullable: true readOnly: false type: array title: App Owner Provisioner type: object x-speakeasy-name-override: AppOwnerProvisioner c1.api.policy.v1.EntitlementOwnerProvisioner: description: EntitlementOwnerProvisioner resolves to entitlement owners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean fallbackUserIds: description: Fallback user IDs if no entitlement owners are found. items: type: string nullable: true readOnly: false type: array title: Entitlement Owner Provisioner type: object x-speakeasy-name-override: EntitlementOwnerProvisioner c1.api.policy.v1.ExpressionProvisioner: description: >- ExpressionProvisioner evaluates CEL expressions to determine provisioners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean expressions: description: The CEL expressions to evaluate. items: type: string nullable: true readOnly: false type: array fallbackUserIds: description: Fallback user IDs if expression evaluation yields no users. items: type: string nullable: true readOnly: false type: array title: Expression Provisioner type: object x-speakeasy-name-override: ExpressionProvisioner c1.api.policy.v1.GroupProvisioner: description: GroupProvisioner resolves to members of a specific group. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean appGroupId: description: The app group ID (entitlement ID). readOnly: false type: string appId: description: The app ID containing the group. readOnly: false type: string fallbackUserIds: description: Fallback user IDs if no group members are found. items: type: string nullable: true readOnly: false type: array title: Group Provisioner type: object x-speakeasy-name-override: GroupProvisioner c1.api.policy.v1.ManagerProvisioner: description: ManagerProvisioner resolves to the user's manager. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean fallbackUserIds: description: Fallback user IDs if no manager is found. items: type: string nullable: true readOnly: false type: array title: Manager Provisioner type: object x-speakeasy-name-override: ManagerProvisioner c1.api.policy.v1.UserProvisioner: description: UserProvisioner assigns specific users as provisioners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean userIds: description: The user IDs to assign as provisioners. items: type: string nullable: true readOnly: false type: array title: User Provisioner type: object x-speakeasy-name-override: UserProvisioner securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````