My Requests

Okta Access Requests automate the process of requesting access to applications and resources.

Endusers may request entries in their resource catalog.

Manage this process directly with the following request APIs.

See Access Requests for more information on Access Requests and Identity Governance.

Create a request
OAuth 2.0 scopes:
  • okta.accessRequests.request.manage

Creates a request for my catalog entry specified by entryId

Request
path Parameters
entryId
required
string = 20 characters

The ID of the catalog entry

Example: cenp2rjyxK1Js2Fc41d5
Request Body schema: application/json
required

Creates a resource access request for a given user.

Use this operation to create access requests managed by access request conditions.

If requestedBy and requestedFor aren't the same, then you must also enable the requestOnBehalfOfSettings parameter in the access request settings. See Update the resource request settings.

Include the following information in the payload:

  • The Okta user ID for the user who requires access. Add the user ID in the requestedFor.externalId parameter.
  • The catalog entry ID of the resource required by the user. Add the catalog ID in the requested.entryId parameter.
  • If the request conditions include requester input fields, add field information in the requesterFieldValues array. See Retrieve the request fields.
  • Optional: The user ID of the person submitting the request. By default, this value is the admin user ID requesting this operation and doesn't need to be provided. However, to add a different Okta user ID for the request, include the requestedBy.externalId parameter in the request body.
Array of objects

The requester input fields required by the approval system.

Note: The fields required are determined by the approval system.

For the Okta approval system, the required fields are defined in the approval sequence. Ensure that the requester input fields match up with this definition to avoid request approval flow failure.

For external approval systems, the requester input fields are for recording purposes only and do not affect the approval process.

Responses
202

Response when create request is accepted

400

When request fails as bad request

401

When authentication fails

404

When the requested resource wasn't found

post/governance/api/v2/my/catalogs/default/entries/{entryId}/requests
Request samples
application/json

When entry has no fields, empty object provided

{ }
Response samples
application/json

Request access for authenticated user by omitting requesterUserIds

{
  • "id": "req42kjDgk1EubTwo0g4",
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2022-05-05T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "status": "SUBMITTED",
  • "requestedBy": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requestedFor": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requested": {
    • "entryId": "cenb0oADRXTBKOLGLNR",
    • "resourceId": "0oafxqCAJWWGELFTYASJ",
    • "resourceType": "APPLICATION",
    • "accessScopeType": "APPLICATION",
    • "accessScopeId": "0oafxqCAJWWGELFTYASJ"
    },
  • "_links": {}
}

Retrieve my request
OAuth 2.0 scopes:
  • okta.accessRequests.request.read

Retrieves a request belonging to the authenticated requester

Request
path Parameters
entryId
required
string = 20 characters

The ID of the catalog entry

Example: cenp2rjyxK1Js2Fc41d5
requestId
required
string <rcar-request-id> = 20 characters

The id of the request

Example: reqp1pmpjhVdGEcVK1d5
Responses
200

A successful get request response

401

When authentication fails

404

When the requested resource wasn't found

get/governance/api/v2/my/catalogs/default/entries/{entryId}/requests/{requestId}
Request samples 
Response samples 
application/json
Submitted requests can't yet have an approvalSequenceId or requestConditionId.


{
  • "id": "req42kjDgk1EubTwo0g4",
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2022-05-05T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "status": "SUBMITTED",
  • "requestedBy": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requestedFor": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requesterFieldValues": [
    • {
      • "id": "05c87fe9-11f6-4d40-a033-b155b39dcdbe",
      • "label": "What is the business justification for the request?",
      • "type": "TEXT",
      • "value": "I need access to complete a task."
      }
    ],
  • "requested": {
    • "entryId": "cenb0oADRXTBKOLGLNR",
    • "resourceId": "0oafxqCAJWWGELFTYASJ",
    • "resourceType": "APPLICATION",
    • "accessScopeId": "0oafxqCAJWWGELFTYASJ",
    • "accessScopeType": "APPLICATION"
    },
  • "_links": {}
}