Skip to main content

Approvals

Use this API to implement approval functionality. With this functionality in place, you can get generic approvals and modify them.

The main advantages this API has vs Access Request Approvals are that you can use it to get generic approvals individually or in batches and make changes to those approvals.

All URIs are relative to https://sailpoint.api.identitynow.com/v2025

MethodHTTP requestDescription
Approve-V2025ApprovalPOST /generic-approvals/{id}/approvePost Approvals Approve
Get-V2025ApprovalGET /generic-approvals/{id}Get an approval
Get-V2025ApprovalsGET /generic-approvalsGet approvals
Deny-V2025ApprovalPOST /generic-approvals/{id}/rejectPost Approvals Reject
Update-V2025ApprovalsAttributesPOST /generic-approvals/{id}/attributesPost Approvals Attributes
Update-V2025ApprovalsCommentsPOST /generic-approvals/{id}/commentsPost Approvals Comments
Update-V2025ApprovalsReassignPOST /generic-approvals/{id}/reassignPost Approvals Reassign

approve-approval

Currently this endpoint only supports Entitlement Description Approvals. Approves a specified approval request on behalf of the caller. This endpoint is for generic approvals, unlike the access-request-approval endpoint, and does not include access-request-approvals. The approval request must be in a state that allows it to be approved. If called by an admin and the admin is not listed as an approver, the approval request will be reassigned from a random approver to the admin user.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathIdStringTrueApproval ID that correlates to an existing approval request that a user wants to approve
BodyApprovalApproveRequestApprovalApproveRequest(optional)

Return type

Approval

Responses

CodeDescriptionData Type
200Approval objectApproval
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | Approval ID that correlates to an existing approval request that a user wants to approve
$ApprovalApproveRequest = @"{
"comment" : "comment",
"additionalAttributes" : {
"additionalProp1" : "string",
"additionalProp2" : "string",
"additionalProp3" : "string"
}
}"@

# Post Approvals Approve

try {
Approve-V2025Approval -Id $Id

# Below is a request that includes all optional parameters
# Approve-V2025Approval -Id $Id -ApprovalApproveRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Approve-V2025Approval"
Write-Host $_.ErrorDetails
}

[Back to top]

get-approval

experimental

This API is currently in an experimental state. The API is subject to change based on feedback and further testing. You must include the X-SailPoint-Experimental header and set it to true to use this endpoint.

Currently this endpoint only supports Entitlement Description Approvals. Retrieve a single approval for a given approval ID. This endpoint is for generic approvals, different than the access-request-approval endpoint and does not include access-request-approvals.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathIdStringTrueID of the approval that is to be returned
XSailPointExperimentalStringTrue (default to "true")Use this header to enable this experimental API.

Return type

Approval

Responses

CodeDescriptionData Type
200Approval objectApproval
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | ID of the approval that is to be returned
$XSailPointExperimental = "true" # String | Use this header to enable this experimental API. (default to "true")

# Get an approval

try {
Get-V2025Approval -Id $Id -XSailPointExperimental $XSailPointExperimental

# Below is a request that includes all optional parameters
# Get-V2025Approval -Id $Id -XSailPointExperimental $XSailPointExperimental
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Approval"
Write-Host $_.ErrorDetails
}

[Back to top]

get-approvals

Currently this endpoint only supports Entitlement Description Approvals. Get a list of approvals. This endpoint is for generic approvals, unlike the access-request-approval endpoint, and does not include access-request-approvals. Absence of all query parameters for non admins will will default to mine=true. Absence of all query parameters for admins will return all approvals in the org.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
QueryMineBoolean(optional) (default to $false)Returns the list of approvals for the current caller.
QueryRequesterIdString(optional)Returns the list of approvals for a given requester ID. Must match the calling user's identity ID unless they are an admin.
QueryRequesteeIdString(optional)Returns the list of approvals for a given requesteeId ID. Must match the calling user's identity ID unless they are an admin.
QueryApproverIdString(optional)Returns the list of approvals for a given approverId ID. Must match the calling user's identity ID unless they are an admin.
QueryCountBoolean(optional) (default to $false)Adds X-Total-Count to the header to give the amount of total approvals returned from the query.
QueryCountOnlyBoolean(optional) (default to $false)Adds X-Total-Count to the header to give the amount of total approvals returned from the query. Only returns the count and no approval objects.
QueryIncludeCommentsBoolean(optional) (default to $false)If set to true in the query, the approval requests returned will include comments.
QueryIncludeApproversBoolean(optional) (default to $false)If set to true in the query, the approval requests returned will include approvers.
QueryIncludeBatchInfoBoolean(optional) (default to $false)If set to true in the query, the approval requests returned will include batch information.
QueryIncludeBatchInfo2Boolean(optional) (default to $false)If set to true in the query, the approval requests returned will include batch information.
QueryFiltersString(optional)Filter results using the standard syntax described in V3 API Standard Collection Parameters Filtering is supported for the following fields and operators: status: eq referenceType: eq name: eq priority: eq type: eq medium: eq description: eq batchId: eq approvalId: eq tenantId: eq createdDate: eq dueDate: eq completedDate: eq search: eq referenceId: eq referenceName: eq requestedTargetType: eq requestedTargetRequestType: eq requestedTargetId: eq modifiedDate: eq requesterId: eq requesteeId: eq approverId: eq
QueryLimitInt32(optional) (default to 250)Max number of results to return. See V3 API Standard Collection Parameters for more information.
QueryOffsetInt32(optional) (default to 0)Offset into the full result set. Usually specified with limit to paginate through the results. See V3 API Standard Collection Parameters for more information.

Return type

Approval[]

Responses

CodeDescriptionData Type
200List of approvals.Approval[]
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Mine = $true # Boolean | Returns the list of approvals for the current caller. (optional) (default to $false)
$RequesterId = "17e633e7d57e481569df76323169deb6a" # String | Returns the list of approvals for a given requester ID. Must match the calling user's identity ID unless they are an admin. (optional)
$RequesteeId = "27e6334g757e481569df76323169db9sc" # String | Returns the list of approvals for a given requesteeId ID. Must match the calling user's identity ID unless they are an admin. (optional)
$ApproverId = "37e6334g557e481569df7g2d3169db9sb" # String | Returns the list of approvals for a given approverId ID. Must match the calling user's identity ID unless they are an admin. (optional)
$Count = $true # Boolean | Adds X-Total-Count to the header to give the amount of total approvals returned from the query. (optional) (default to $false)
$CountOnly = $true # Boolean | Adds X-Total-Count to the header to give the amount of total approvals returned from the query. Only returns the count and no approval objects. (optional) (default to $false)
$IncludeComments = $true # Boolean | If set to true in the query, the approval requests returned will include comments. (optional) (default to $false)
$IncludeApprovers = $true # Boolean | If set to true in the query, the approval requests returned will include approvers. (optional) (default to $false)
$IncludeBatchInfo = $true # Boolean | If set to true in the query, the approval requests returned will include batch information. (optional) (default to $false)
$IncludeBatchInfo2 = $true # Boolean | If set to true in the query, the approval requests returned will include batch information. (optional) (default to $false)
$Filters = 'filters=status eq PENDING' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **status**: *eq* **referenceType**: *eq* **name**: *eq* **priority**: *eq* **type**: *eq* **medium**: *eq* **description**: *eq* **batchId**: *eq* **approvalId**: *eq* **tenantId**: *eq* **createdDate**: *eq* **dueDate**: *eq* **completedDate**: *eq* **search**: *eq* **referenceId**: *eq* **referenceName**: *eq* **requestedTargetType**: *eq* **requestedTargetRequestType**: *eq* **requestedTargetId**: *eq* **modifiedDate**: *eq* **requesterId**: *eq* **requesteeId**: *eq* **approverId**: *eq* (optional)
$Limit = 250 # Int32 | Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 250)
$Offset = 0 # Int32 | Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to 0)

# Get approvals

try {
Get-V2025Approvals

# Below is a request that includes all optional parameters
# Get-V2025Approvals -Mine $Mine -RequesterId $RequesterId -RequesteeId $RequesteeId -ApproverId $ApproverId -Count $Count -CountOnly $CountOnly -IncludeComments $IncludeComments -IncludeApprovers $IncludeApprovers -IncludeBatchInfo $IncludeBatchInfo -IncludeBatchInfo2 $IncludeBatchInfo2 -Filters $Filters -Limit $Limit -Offset $Offset
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2025Approvals"
Write-Host $_.ErrorDetails
}

[Back to top]

reject-approval

Currently this endpoint only supports Entitlement Description Approvals. Rejects a specified approval request on behalf of the caller. If called by an admin and the admin is not listed as an approver, the approval request will be reassigned from a random approver to the admin user.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathIdStringTrueApproval ID that correlates to an existing approval request that a user wants to reject.
BodyApprovalRejectRequestApprovalRejectRequest(optional)

Return type

(empty response body)

Responses

CodeDescriptionData Type
204No content - indicates the request was successful but there is no content to be returned in the response.
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | Approval ID that correlates to an existing approval request that a user wants to reject.
$ApprovalRejectRequest = @"{
"comment" : "string"
}"@

# Post Approvals Reject

try {
Deny-V2025Approval -Id $Id

# Below is a request that includes all optional parameters
# Deny-V2025Approval -Id $Id -ApprovalRejectRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Deny-V2025Approval"
Write-Host $_.ErrorDetails
}

[Back to top]

update-approvals-attributes

Currently this endpoint only supports Entitlement Description Approvals. Allows for the edit/addition/removal of the key/value pair additional attributes map for an existing approval request.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathIdStringTrueApproval ID that correlates to an existing approval request that a user wants to change the attributes of.
BodyApprovalAttributesRequestApprovalAttributesRequestTrue

Return type

Approval

Responses

CodeDescriptionData Type
200Approval objectApproval
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | Approval ID that correlates to an existing approval request that a user wants to change the attributes of.
$ApprovalAttributesRequest = @"{
"removeAttributeKeys" : [ "string" ],
"comment" : "comment",
"additionalAttributes" : {
"additionalProp1" : "string",
"additionalProp2" : "string",
"additionalProp3" : "string"
}
}"@

# Post Approvals Attributes

try {
$Result = ConvertFrom-JsonToApprovalAttributesRequest -Json $ApprovalAttributesRequest
Update-V2025ApprovalsAttributes -Id $Id -ApprovalAttributesRequest $Result

# Below is a request that includes all optional parameters
# Update-V2025ApprovalsAttributes -Id $Id -ApprovalAttributesRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ApprovalsAttributes"
Write-Host $_.ErrorDetails
}

[Back to top]

update-approvals-comments

Currently this endpoint only supports Entitlement Description Approvals. Adds comments to a specified approval request.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathIdStringTrueApproval ID that correlates to an existing approval request that a user wants to add a comment to.
BodyApprovalCommentsRequestApprovalCommentsRequestTrue

Return type

Approval

Responses

CodeDescriptionData Type
200Approval objectApproval
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | Approval ID that correlates to an existing approval request that a user wants to add a comment to.
$ApprovalCommentsRequest = @"{
"comment" : "Approval comment."
}"@

# Post Approvals Comments

try {
$Result = ConvertFrom-JsonToApprovalCommentsRequest -Json $ApprovalCommentsRequest
Update-V2025ApprovalsComments -Id $Id -ApprovalCommentsRequest $Result

# Below is a request that includes all optional parameters
# Update-V2025ApprovalsComments -Id $Id -ApprovalCommentsRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ApprovalsComments"
Write-Host $_.ErrorDetails
}

[Back to top]

update-approvals-reassign

Currently this endpoint only supports Entitlement Description Approvals. Reassigns an approval request to another identity resulting in that identity being added as an authorized approver.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathIdStringTrueApproval ID that correlates to an existing approval request that a user wants to reassign.
BodyApprovalReassignRequestApprovalReassignRequestTrue

Return type

(empty response body)

Responses

CodeDescriptionData Type
204No content - indicates the request was successful but there is no content to be returned in the response.
400Client Error - Returned if the request body is invalid.ErrorResponseDto
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessProfiles401Response
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto
404Not Found - returned if the request URL refers to a resource or object that does not existErrorResponseDto
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessProfiles429Response
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$Id = "38453251-6be2-5f8f-df93-5ce19e295837" # String | Approval ID that correlates to an existing approval request that a user wants to reassign.
$ApprovalReassignRequest = @"{
"reassignTo" : "152354832eb6f8f539fd738592e19ec5",
"comment" : "comment",
"reassignFrom" : "384532516be25f8fdf935ce19e295837"
}"@

# Post Approvals Reassign

try {
$Result = ConvertFrom-JsonToApprovalReassignRequest -Json $ApprovalReassignRequest
Update-V2025ApprovalsReassign -Id $Id -ApprovalReassignRequest $Result

# Below is a request that includes all optional parameters
# Update-V2025ApprovalsReassign -Id $Id -ApprovalReassignRequest $Result
} catch {
Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Update-V2025ApprovalsReassign"
Write-Host $_.ErrorDetails
}

[Back to top]