In the past I would write my own module to handle the API calls in Powershell, but since the community was kind enough to develop one, I thought I would take advantage of it.
I am having a difficult time piecing my way through it, and if someone can show me the key to this, I will HAPPILY prepare documentation for Powershell for the community to use.
That little rant over, I am trying to write a script that sends the approver a reminder email each day for 4 days and if they do not approve or deny the access request, it will cancel the request with a comment of “canceled because the approver(s) did not respond to the request.”
I started with a call to Get-AccessRequestStatus and looped until I had all the requests, then I filtered those with a state="EXECUTING" I see there is a Get-PendingApprovals call that goes a bit faster, and return similar data, but serveral of the properties have different names. Which is the correct call to use? I can make either call work in my script.
Next, I want to cancel the request if it is too old. There is no cancel-accessrequest function, but I do see Suspend-AccessRequest. My issue with that is what ID do I use?
When I use Get-AccessRequestStatus, I have a property called accountActivityItemID, but when I use it in the Suspend-AccessRequest call it fails as a bad request.
$b = Initialize-CancelAccessRequest -AccountActivityId $request.accountActivityItemId -Comment "Request denied due to lack of response by the approver(s)."
Suspend-AccessRequest -CancelAccessRequest $b