Approve an approval request.

  • Published on Jul 22, 2025
  • 1 minute(s) read
Prev Next
Post
/sys/v1/approval_requests/{req_id}/approve

If the quorum policy was configured to require extra things like 2FA, then, relevant info needs to be added to the request.

Security
HTTP
Type bearer
API Key: apiKeyAuth
Header parameter nameAuthorization
Path parameters
req_id
string (uuid) Required
Body parameters
Expand All
object
password
string

Password is required if the approval policy requires password authentication.

u2f
object
keyHandle
string (byte) Required
signatureData
string (byte) Required
clientData
string (byte) Required
fido2_auth_request
object
id
string (byte)
type
string

https://www.w3.org/TR/webauthn-2/#enum-credentialType

This enum defines valid cred types.

Valid values[ "public-key" ]
response
object
clientDataJSON
string (byte) Required
authenticatorData
string (byte) Required
signature
string (byte) Required
userHandle
string (byte)
get_client_extension_results
object
appidExclude
boolean | null

Response of appidExclude extension. See [AuthenticationExtensionsClientInputs::appid_exclude].

appid
boolean | null

Response of appid extension. See [AuthenticationExtensionsClientInputs::appid].

body
object | null

Data associated with the approval

Responses
2XX

Success result

object
acct_id
string (uuid)
approvers
Array of object (ReviewerPrincipal)

A Principal who can approve or deny an approval request.

OneOf
ReviewerPrincipalVariantApp
object (ReviewerPrincipalVariantApp)
app
string (uuid)
ReviewerPrincipalVariantUser
object (ReviewerPrincipalVariantUser)
user
string (uuid)
body
object | null
created_at
string
Pattern^\d{4}\d{2}\d{2}T\d{2}\d{2}\d{2}Z$
Example20170509T070912Z
denial_reason
string | null
denier

A Principal who can approve or deny an approval request.

OneOf
ReviewerPrincipalVariantApp
object (ReviewerPrincipalVariantApp)
app
string (uuid)
ReviewerPrincipalVariantUser
object (ReviewerPrincipalVariantUser)
user
string (uuid)
description
string | null
expiry
string
Pattern^\d{4}\d{2}\d{2}T\d{2}\d{2}\d{2}Z$
Example20170509T070912Z
method
string
operation
string
request_id
string (uuid)
requester

A security principal.

OneOf
PrincipalVariantApp
object (PrincipalVariantApp)
app
string (uuid)
PrincipalVariantUser
object (PrincipalVariantUser)
user
string (uuid)
PrincipalVariantPlugin
object (PrincipalVariantPlugin)
plugin
string (uuid)
PrincipalVariantUserViaApp
object (PrincipalVariantUserViaApp)
userviaapp
object
user_id
string (uuid)
scopes
Array of string (OauthScope)
string

OAuth scope.

Valid values[ "app", "openid", "email", "profile" ]
string
string
Valid values[ "system" ]
string
string
Valid values[ "unregistereduser" ]
result_viewed
boolean
reviewers
Array of object (Reviewer) | null
requires_password
boolean | null
requires_2fa
boolean | null
OneOf
ReviewerPrincipalVariantApp
object (ReviewerPrincipalVariantApp)
app
string (uuid)
ReviewerPrincipalVariantUser
object (ReviewerPrincipalVariantUser)
user
string (uuid)
status
string

Approval request status.

Valid values[ "PENDING", "APPROVED", "DENIED", "FAILED" ]
subjects
Array of object (ApprovalSubject) | null

Identifies an object acted upon by an approval request.

OneOf
ApprovalSubjectVariantGroup
object (ApprovalSubjectVariantGroup)
group
string (uuid)
ApprovalSubjectVariantSobject
object (ApprovalSubjectVariantSobject)
sobject
string (uuid)
ApprovalSubjectVariantApp
object (ApprovalSubjectVariantApp)
app
string (uuid)
ApprovalSubjectVariantPlugin
object (ApprovalSubjectVariantPlugin)
plugin
string (uuid)
ApprovalSubjectVariantAccount
object (ApprovalSubjectVariantAccount)
account
string (uuid)
string
string
Valid values[ "newaccount" ]
ApprovalSubjectVariantRole
object (ApprovalSubjectVariantRole)
role
string (uuid)