diff --git a/static/api-specs/idn/v2024/paths/access-requests.yaml b/static/api-specs/idn/v2024/paths/access-requests.yaml index fe215fb70..07510fc8b 100644 --- a/static/api-specs/idn/v2024/paths/access-requests.yaml +++ b/static/api-specs/idn/v2024/paths/access-requests.yaml @@ -35,9 +35,14 @@ post: * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. - * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source. + :::caution + + If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. + + ::: + __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. diff --git a/static/api-specs/idn/v2024/schemas/AccessRequest.yaml b/static/api-specs/idn/v2024/schemas/AccessRequest.yaml index 32505b7cc..ab0a3571f 100644 --- a/static/api-specs/idn/v2024/schemas/AccessRequest.yaml +++ b/static/api-specs/idn/v2024/schemas/AccessRequest.yaml @@ -13,7 +13,6 @@ properties: items: $ref: 'AccessRequestItem.yaml' minItems: 1 - maxItems: 25 clientMetadata: type: object additionalProperties: diff --git a/static/api-specs/idn/v2025/paths/access-requests.yaml b/static/api-specs/idn/v2025/paths/access-requests.yaml index fe215fb70..dadde5ae3 100644 --- a/static/api-specs/idn/v2025/paths/access-requests.yaml +++ b/static/api-specs/idn/v2025/paths/access-requests.yaml @@ -35,9 +35,14 @@ post: * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. - * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source. - + + :::caution + + If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. + + ::: + __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. diff --git a/static/api-specs/idn/v2025/schemas/AccessRequest.yaml b/static/api-specs/idn/v2025/schemas/AccessRequest.yaml index 32505b7cc..ab0a3571f 100644 --- a/static/api-specs/idn/v2025/schemas/AccessRequest.yaml +++ b/static/api-specs/idn/v2025/schemas/AccessRequest.yaml @@ -13,7 +13,6 @@ properties: items: $ref: 'AccessRequestItem.yaml' minItems: 1 - maxItems: 25 clientMetadata: type: object additionalProperties: diff --git a/static/api-specs/idn/v3/paths/access-requests.yaml b/static/api-specs/idn/v3/paths/access-requests.yaml index 74e0d47ba..597084aea 100644 --- a/static/api-specs/idn/v3/paths/access-requests.yaml +++ b/static/api-specs/idn/v3/paths/access-requests.yaml @@ -35,9 +35,14 @@ post: * Roles, access profiles and entitlements can be requested. * You can specify a `removeDate` to set or alter a sunset date-time on an assignment. The removeDate must be a future date-time, in the UTC timezone. Additionally, if the user already has the access assigned with a sunset date, you can also submit a request without a `removeDate` to request removal of the sunset date and time. * If a `removeDate` is specified, then the requested role, access profile, or entitlement will be removed on that date and time. - * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field 'requestedForWithRequestedItems' for users to specify account selections while requesting items where they have more than one account on the source. - + + :::caution + + If any entitlements are being requested, then the maximum number of entitlements that can be requested is 25, and the maximum number of identities that can be requested for is 10. If you exceed these limits, the request will fail with a 400 error. If you are not requesting any entitlements, then there are no limits. + + ::: + __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning. diff --git a/static/api-specs/idn/v3/schemas/AccessRequest.yaml b/static/api-specs/idn/v3/schemas/AccessRequest.yaml index 7e50074e0..09490887c 100644 --- a/static/api-specs/idn/v3/schemas/AccessRequest.yaml +++ b/static/api-specs/idn/v3/schemas/AccessRequest.yaml @@ -13,7 +13,6 @@ properties: items: $ref: 'AccessRequestItem.yaml' minItems: 1 - maxItems: 25 clientMetadata: type: object additionalProperties: