Access Request¶

Data Structures¶

`AccessRequestModel`¶
Attribute	Type	Required	Description
`id`	string		Unique and read-only object Identifier
`activated`	boolean		Read-only
`immediate_interval`	number {1-24}	if `type` == `immediate`	The amount of time the user will have access to the account, expressed in hours and counted from the moment the session is initiated. Read-only, expensive to use.
`starts_at`	string	if `type` == `scheduled`	The time from which the access period starts.
`expires_at`	string	if `type` == `scheduled`	The time at which the access expires.
`reason`	string	yes	Read-only.
`revoke_reason`	string		Read-only.
`required_votes`	number		Read-only. Number of votes required to acquire access to the account.
`status`	string {expired, granted, pending, rejected, revoked}		Read-only; expensive to use.
`operation`	string {account_access, account_share, secret_view, secret_share}	yes	Immutable.
`type`	string {immediate, scheduled, preview}	yes
`account_id`	string		Read-only. Requires `read` right on object type `account` for `GET` requests.
`account_name`	string		Read-only; expensive to use.
`safe_id`	string		Read-only. Requires `read` right on object type `safe` for `GET` requests.
`safe_name`	string		Read-only; expensive to use.
`pool_id`	string		Read-only; expensive to use. Requires `read` right on object type `pool` for `GET` requests.
`pool_name`	string		Read-only; expensive to use.
`protocol`	string		Read-only; expensive to use.
`server_id`	string		Read-only; expensive to use. Requires `read` right on object type `server` for `GET` requests.
`server_name`	string		Read-only; expensive to use.
`secret_id`	string		Read-only.
`secret_name`	string		Read-only; expensive to use.
`secret_domain`	string		Read-only; expensive to use.
`secret_login`	string		Read-only; expensive to use.
`secret_type`	string		Read-only; expensive to use.
`secret_description`	string		Read-only; expensive to use.
`secret_uris`	object-array		Read-only; expensive to use.
`collection_id`	string		Read-only; expensive to use. Requires `read` right on object type `collection` for `GET` requests.
`collection_name`	string		Read-only; expensive to use.
`listeners`	object-array		Read-only; expensive to use. JSON object array containing id, mode, name, hidden status, builtin status, and protocol of assigned listeners.
`listener_ids`	number-array		Read-only; expensive to use.
`listener_names`	string-array		Read-only; expensive to use.
`user_id`	string	yes	Immutable. Requires `read` right on object type `user` for `GET` requests.
`user_domain`	string		Read-only; expensive to use.
`user_name`	string		Read-only; expensive to use.
`requested_for_user_id`	string		Read-only.
`requested_for_user_domain`	string		Read-only; expensive to use.
`requested_for_user_name`	string		Read-only; expensive to use.
`votes`	object-array		Read-only; expensive to use. JSON object array containing reason, user_id, acceptance status, user_name, user_role, and user_domain of the voting user.
`webclient`	boolean		Read-only; expensive to use. Indicates if access is available via the web client.
`handled`	boolean		Read-only. Hidden; expensive to use. Has the request been handled (accepted by the current user or granted)?
`revoked_at`	string		Read-only.
`revoked_by_id`	string		Read-only. The identifier of the user who revoked the access obtained through this request.
`revoked_by_name`	string		Read-only; expensive to use. The name of the user who revoked the access obtained through this request.
`archival`	boolean	yes	Read-only; expensive to use. Is the request archival (i.e. expired, rejected or revoked)?
`created_at`	datetime		Read-only. Timestamp of creation.
`modified_at`	datetime		Read-only. Timestamp of modification.
`removed`	boolean		Read-only.
`builtin`	boolean		Read-only; expensive to use. Is object built-in? Built-in objects shouldn’t be editable.
`hidden`	boolean		Read-only; expensive to use. Shall the object be hidden in UI?

Retrieve Available Attributes of the AccessRequestModel¶

Request

Method	`GET`
Path	`/api/v2/objspec/access_request`

`AccessRequestVoteModel`¶
Attribute	Type	Required	Description
`id`	string		Unique and read-only object Identifier. Protected.
`access_request_id`	string	yes	Immutable. Uniqueness is required in the combination of attribute `access_request_id` with attribute `user_id`.
`accepted`	boolean	yes
`reason`	string	if `accepted` == `false`
`user_id`	string		Protected; read-only. Uniqueness is required in the combination of attribute `user_id` with attribute `access_request_id`. Requires `read` right on object type `user` for `POST` requests.
`created_at`	datetime		Read-only. Timestamp of creation.
`modified_at`	datetime		Read-only. Timestamp of modification.
`removed`	boolean		Read-only.

Retrieve Available Attributes of the AccessRequestVoteModel¶

Request

Method	`GET`
Path	`/api/v2/objspec/access_request_vote`

`AccessRequestRevokeModel`¶
Attribute	Type	Required	Description
`access_request_id`	string	yes
`revoke_reason`	string	yes

Retrieve Available Attributes of the AccessRequestRevokeModel¶

Request

Method	`GET`
Path	`/api/v2/objspec/access_request_revoke`

To check allowed methods, available URL parameters and possible responses please refer to the API Overview section.

Get Access Requests List¶

Request

Method	`GET`
Path	`/api/v2/access_request`

Example Request

GET /api/v2/access_request

curl -s -k -X GET \
  -H 'Authorization: sgfeea6jsaz4mum9su8w6' \
  'https://10.0.214.98/api/v2/access_request'

Revoking Access Requests¶

Request

Method	`POST`
Path	`/api/v2/access_request/<access_request_id>/revoke`
Headers	`Content-Type: Application/JSON`
Body	`AccessRequestRevokeModel`

Example Request

POST /api/v2/access_request/<id>/revoke

curl -s -k -X POST \
  -H 'Authorization: sgfeea6jsaz4mum9su8w6' \
  -H 'Content-Type: application/json' \
  'https://10.0.214.98/api/v2/access_request/5620492334958379010/revoke' \
  -d'{"revoke_reason":"AD maintenance."}'

Response

{
    "result": "success"
}

Responding to a Pending Access Request¶

Request

Method	`POST`
Path	`/api/v2/access_request/<access_request_id>/vote`
Headers	`Content-Type: Application/json`
Body	`AccessRequestVoteModel`

Example Request

POST /api/v2/access_request/<id>/vote

curl -s -k -X POST \
  -H 'Authorization: sgfeea6jsaz4mum9su8w6' \
  -H 'Content-Type: application/json' \
  'https://10.0.214.98/api/v2/access_request/5620492334958379011/vote' \
  -d'{"accepted":true}'

Response

{
    "result": "success"
}