Unable to update ReuestedBy for submit access request through API.
We are referring the url Create and validate access request through the API - #18 by colin_mckibben
Any inputs would be helpful.
What Colin is trying to show you is that you cannot directly set the requester when using the API access-requests to submit an access request. The requester will be the owner of the API key.
In the link, Colin is showing you that you can include the actual requester’s information in the clientMetadata section like
"clientMetadata": {
"requesterId": "3c918084660f45d6016617daa9210585",
"requesterName": "John Doe"
}
Then you can use the List Account Activities (account-activities) api to view the actual requester.
You might post your request body here so that we can see what you are trying.
Alicia
Hi Alicia,
Thank you for your quick response.
Below is the request body api
POST: {{baseUrl}}/access-requests
{
“requestedFor”: [
“2c918085asdsadsa7fff78340ssssss180044548796946”
],
“requestedItems”: [
{
“id”: “77c04716745c4918EEED33546436b2487adfa617a7ee”,
“type”: “ENTITLEMENT”,
“comment”: “Requesting Entilemt access through API”
}
],
“requestType”: “GRANT_ACCESS”,
“clientMetadata”: {
“requesterId”: “f861e592sdsadsadsad20e54ed7a3c211b21269eaa6”
“requesterName”: “John Doe”
}
}
Expectation is requester will be the Identity id specified in the clientMetadata requesterid
Thanks,
Suresh
I have tried to duplicate this. If I request a role with this body:
Through the account-activities, I can see:
I repeated the process with an ACCESS_PROFILE and can also see the client Metadata
However, if I submit for an entitlement the same way, client metadata is always null:
The documentation for create-access-request does not indicate any limitation of clientMetadata for ENTITLEMENTS. See: create-access-request | SailPoint Developer Community
Alicia
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.