My Requests

Okta Access Requests automate the process of requesting access to applications and resources.

Endusers may request entries in their resource catalog.

Manage this process directly with the following request APIs.

See Access Requests for more information on Access Requests and Identity Governance.

Create a request
OAuth 2.0: okta.accessRequests.request.manage

Creates a request for my catalog entry specified by entryId

Request
path Parameters
entryId
required
string = 20 characters

The id of the catalog entry

Request Body schema: application/json
required

Creates a resource access request for a given user

You can use this endpoint to create access requests managed by access request conditions.

If requestedBy and requestedFor are not the same, you must also enable the requestOnBehalfOfSettings property on the Access request settings. See Request Settings.

As part of the payload for the Create a request endpoint, include the following information:

  • The Okta user ID for the user who requires access. Add the user ID in the requestedFor.externalId parameter.
  • The Catalog entry ID of the resource required by the user. Add the catalog ID in the requested.entryId parameter.
  • If the request conditions include requester input fields, add the field and information for the field to the requesterFieldValues array. See Retrieve an entry's request fields.
  • Optional: The user ID of the person submitting the request. By default, this value is the admin user ID calling the endpoint and doesn't need to be provided. However, to add a different Okta user ID for the request, include the requestedBy.externalId parameter in the request body.
Array of objects

The requester input fields required by the approval system.

Note: The fields required are determined by the approval system.

For the Okta approval system, the required fields are defined in the approval sequence. Ensure that the requester input fields match up with this definition to avoid request approval flow failure.

For external approval systems, the requester input fields are for recording purposes only and do not affect the approval process.

Responses
202

Response when create request is accepted

400

When request fails as bad request

401

When authentication fails

404

When the requested resource was not found

post/governance/api/v2/my/catalogs/default/entries/{entryId}/requests
Request samples
application/json

When entry has no fields, empty object provided

{ }
Response samples
application/json

Request access for authenticated user by omitting requesterUserIds

{
  • "id": "req42kjDgk1EubTwo0g4",
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2022-05-05T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "status": "SUBMITTED",
  • "requestedBy": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requestedFor": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requested": {
    • "entryId": "cenb0oADRXTBKOLGLNR",
    • "resourceId": "0oafxqCAJWWGELFTYASJ",
    • "resourceType": "APPLICATION",
    • "accessScopeType": "APPLICATION",
    • "accessScopeId": "0oafxqCAJWWGELFTYASJ"
    },
  • "_links": {}
}

Retrieve my request
OAuth 2.0: okta.accessRequests.request.read

Retrieves a request

Request
path Parameters
entryId
required
string = 20 characters

The id of the catalog entry

requestId
required
string <rcar-request-id> = 20 characters

The id of the request

Example: reqb0oNGTSWTBKOLGLNR
Responses
200

A successful get request response

401

When authentication fails

404

When the requested resource was not found

get/governance/api/v2/my/catalogs/default/entries/{entryId}/requests/{requestId}
Request samples 
Response samples 
application/json
Submitted requests can't yet have an approvalSequenceId or requestConditionId.


{
  • "id": "req42kjDgk1EubTwo0g4",
  • "created": "2019-08-24T14:15:22Z",
  • "createdBy": "00ub0oNGTSWTBKOLGLNR",
  • "lastUpdated": "2022-05-05T14:15:22Z",
  • "lastUpdatedBy": "00ub0oNGTSWTBKOLGLNR",
  • "status": "SUBMITTED",
  • "requestedBy": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requestedFor": {
    • "type": "OKTA_USER",
    • "externalId": "00ub0oNGTSWTBKOLGLNR"
    },
  • "requesterFieldValues": [
    • {
      • "id": "05c87fe9-11f6-4d40-a033-b155b39dcdbe",
      • "label": "What is the business justification for the request?",
      • "type": "TEXT",
      • "value": "I need access to complete a task."
      }
    ],
  • "requested": {
    • "entryId": "cenb0oADRXTBKOLGLNR",
    • "resourceId": "0oafxqCAJWWGELFTYASJ",
    • "resourceType": "APPLICATION",
    • "accessScopeId": "0oafxqCAJWWGELFTYASJ",
    • "accessScopeType": "APPLICATION"
    },
  • "_links": {}
}