Background
Delegation is a feature in Non-Employee Risk Management that allows a user to temporarily grant their privileges to another user. While this feature has long been available in the NERM User Interface, until now delegation has not been supported via the NERM API.
What has changed?
Non-Employee Risk Management has exposed endpoints that will allow authorized users to Create, Delete, Update, and List delegations via API. These endpoints, along with query parameters, response schema, and sample responses are now included in the NERM API documentation.
- List delegations
- Returns a list of delegations along with their details, optionally filtered by delegate, delegator, or expiration status. Please note that the data included in the response will list the user IDs only.
- Create a delegation
- Create a new delegation for a user, including an expiration.
- Get a single delegation
- Returns a single delegation record by its ID.
- Update a delegation
- Update the delegate or expiration of an existing delegation.
- Delete a delegation
- Delete an existing delegation. This will end the delegation, remove its history, and revoke all delegated permissions from the delegate.
What is coming next?
Additional work is planned to support including human-readable user details (nested within the responses) in a V2 API. This will allow an API response to deliver the name of delegator or delegate users, along with other relevant user data.