Request Sets

Request sets are a grouping of requests to the same system and account with different access types (i.e. View and RDP). Requests in a request set are also accessible individually via GET requests.

Quick Navigation

GET RequestSets

Purpose

Lists request sets for the current user.

Query Parameters

status: (optional, default: all) Status of request sets to return (all, active, pending).

Request Body

None.

Response Body

Content-Type: application/json

[
    {
        RequestSetID: string,
        Requests:
        [
            {
                RequestID: int,
                RequestorName: string,
                SystemID: int,
                SystemName: string,
                AccountID: int,
                AccountName: string,
                DomainName: string,
                ApplicationID: int, // can be null,
                AliasID: int, // can be null
                RequestReleaseDate: date-formatted string,
                ApprovedDate: date-formatted string,
                CanceledDate: date-formatted string,
                ExpiresDate: date-formatted string,
                Status: string,
                AccessType: string,
                ApplicationID: int,
                Reason: string
            },
            …
        ]
    },
    …
]

Response Codes

  • 200 – Request successful. Requests in the response body.
  • 403 – Access forbidden. Response body contains a message or status code indicating the reason for this forbidden access:
    • 4033 – Approver Only API or account. Only Approvers can access this API or account.

For more information, please see Common Response Codes.

POST RequestSets

Purpose

Creates a new release request set.

Required Roles

  • Requestor or Requestor/Approver role to managed account referenced by ID.
  • Information Systems Administrator (ISA) role access.
For more information, please see:

Request Body

Content-Type: application/json

{
    AccessTypes: [ string, … ],
    SystemID: int,
    AccountID: int,
    ApplicationID: int, // can be null,
    DurationMinutes : int,
    Reason : string,
    TicketSystemID : int,
    TicketNumber : string
}

Request Body Details

  • AccessTypes: (at least two are required) A list of the types of access requested (View, RDP, SSH, App).
  • SystemID: (required) ID of the managed system to request.
  • AccountID: (required) ID of the managed account to request.
  • ApplicationID: (required when an AccessType is App) ID of the application to request.
  • DurationMinutes: (required) The request duration (in minutes).
  • Reason: (optional) The reason for the request.
  • TicketSystemID: ID of the ticket system. If omitted then default ticket system is used.
  • TicketNumber: Number of associated ticket. Can be required if ticket system is marked as required in the access policy used. Max string length is 20.

Response Body

Content-Type: application/json

{
    RequestSetID: string,
    Requests:
    [
        {
            RequestID: int,
            SystemID: int,
            SystemName: string,
            AccountID: int,
            AccountName: string,
            DomainName: string,
            ApplicationID: int, // can be null
            AliasID: int,
            RequestReleaseDate: date-formatted string,
            ApprovedDate: date-formatted string,
            ExpiresDate: date-formatted string,
            Status: string,
            AccessType: string
        },
        …
    ]
}

Response Codes

  • 201 – Request successful. Request set in the response body.
  • 403 – User does not have permissions to perform a request for the indicated account or the account does not have API access enabled. Response body contains a status code indicating the reason for this forbidden access:
    • 4031 – User does not have permission to request the account or the account is not valid for the system.
    • 4033 – Approver Only API or account. Only Approvers can access this API or account.
    • 4035 - Not enough approvers configured to approve a request.
  • 409 – Conflicting request exists. Another user has already requested a password for the specified account within the next <durationMinutes> window.

For more information, please see Common Response Codes.