Skip to main content

Decide on a Certification Item

POST 
/certifications/:id/decide

The API makes a decision to approve or revoke one or more identity campaign certification items. Reviewers for this certification can also call this API. This API does not support requests for certifications assigned to Governance Groups.

Request

Path Parameters

    id stringrequired

    The ID of the identity campaign certification on which to make decisions

    Example: ef38f94347e94562b5bb8424a56397d8

Body

array

required

A non-empty array of decisions to be made.

  • Array [

    • id stringrequired

    The id of the review decision

    decision CertificationDecision (string)required

    Possible values: [APPROVE, REVOKE]

    The decision to approve or revoke the review item

    proposedEndDate date-time

    The date at which a user's access should be taken away. Should only be set for REVOKE decisions.

    bulk booleanrequired

    Indicates whether decision should be marked as part of a larger bulk decision

    recommendation

    object

    nullable

    recommendation stringnullable

    The recommendation from IAI at the time of the decision. This field will be null if no recommendation was made.

    reasons string[]

    A list of reasons for the recommendation.

    timestamp date-time

    The time at which the recommendation was recorded.

    comments string

    Comments recorded when the decision was made

  • ]

Responses

An identity campaign certification object

Schema

    id string

    id of the certification

    name string

    name of the certification

    campaign

    object

    id stringrequired

    The unique ID of the campaign.

    name stringrequired

    The name of the campaign.

    type stringrequired

    Possible values: [CAMPAIGN]

    The type of object that is being referenced.

    campaignType stringrequired

    Possible values: [MANAGER, SOURCE_OWNER, SEARCH]

    The type of the campaign.

    description stringnullablerequired

    The description of the campaign set by the admin who created it.

    correlatedStatus stringrequired

    Possible values: [CORRELATED, UNCORRELATED]

    The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).

    mandatoryCommentRequirement stringrequired

    Possible values: [ALL_DECISIONS, REVOKE_ONLY_DECISIONS, NO_DECISIONS]

    Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.

    completed boolean

    Have all decisions been made?

    identitiesCompleted int32

    The number of identities for whom all decisions have been made and are complete.

    identitiesTotal int32

    The total number of identities in the Certification, both complete and incomplete.

    created date-time

    created date

    modified date-time

    modified date

    decisionsMade int32

    The number of approve/revoke/acknowledge decisions that have been made.

    decisionsTotal int32

    The total number of approve/revoke/acknowledge decisions.

    due date-time

    The due date of the certification.

    signed date-timenullable

    The date the reviewer signed off on the Certification.

    reviewer

    object

    id string

    The id of the reviewer.

    name string

    The name of the reviewer.

    email string

    The email of the reviewing identity.

    type string

    Possible values: [IDENTITY]

    The type of the reviewing identity.

    created date-timenullable

    The created date of the reviewing identity.

    modified date-timenullable

    The modified date of the reviewing identity.

    reassignment

    object

    nullable

    from

    object

    id string

    The id of the certification.

    name string

    The name of the certification.

    type string

    Possible values: [CERTIFICATION]

    reviewer

    object

    id string

    The id of the reviewer.

    name string

    The name of the reviewer.

    email string

    The email of the reviewing identity.

    type string

    Possible values: [IDENTITY]

    The type of the reviewing identity.

    created date-timenullable

    The created date of the reviewing identity.

    modified date-timenullable

    The modified date of the reviewing identity.

    comment string

    The comment entered when the Certification was reassigned

    hasErrors boolean

    Identifies if the certification has an error

    errorMessage stringnullable

    Description of the certification error

    phase CertificationPhase (string)

    Possible values: [STAGED, ACTIVE, SIGNED]

    The current phase of the campaign.

    • STAGED: The campaign is waiting to be activated.
    • ACTIVE: The campaign is active.
    • SIGNED: The reviewer has signed off on the campaign, and it is considered complete.
Loading...