Automated commit by github action: 4505030318

2025-12-10 04:19:42 +00:00 · 2023-03-23 20:40:54 +00:00
parent 905822b691
commit c55f8822dd
3 changed files with 9 additions and 4 deletions
--- a/static/api-specs/idn/v3/paths/access-requests.yaml
+++ b/static/api-specs/idn/v3/paths/access-requests.yaml
@@ -28,10 +28,11 @@ post:
    __REVOKE_ACCESS__
    * Can only be requested for a single identity at a time.
    * Does not support self request. Only manager can request to revoke access for their directly managed employees.
-    * If removeDate is specified, then the access will be removed on that date and time.
+    * If removeDate is specified, then the access will be removed on that date and time only for Roles and Access Profiles. Entitlements are currently unsupported for removeDate.
+    * Roles, Access Profiles, and Entitlements can be requested for revocation.
+    * Revoke requests for entitlements are limited to 1 entitlement per access request currently.
    * [Roles, Access Profiles] RemoveData can be specified only if access don't have a sunset date.
    * Allows a manager to request to revoke access for direct employees. A token with ORG_ADMIN authority can also request to revoke access from anyone.
-    * Roles and Access Profiles can be requested for revocation. Revoke request for entitlements are not supported currently.

    NOTE: There is no indication to the approver in the IdentityNow UI that the approval request is for a revoke action. Take this into consideration when calling this API.
    
--- a/static/api-specs/idn/v3/schemas/AccessRequestType.yaml
+++ b/static/api-specs/idn/v3/schemas/AccessRequestType.yaml
@@ -4,5 +4,5 @@ enum:
  - REVOKE_ACCESS
 description: >-
  Access request type. Defaults to GRANT_ACCESS.
-  REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field. Currently REVOKE_ACCESS is not supported for entitlements.
+  REVOKE_ACCESS type can only have a single Identity ID in the requestedFor field.
 example: GRANT_ACCESS
--- a/static/api-specs/idn/v3/schemas/CompletedApproval.yaml
+++ b/static/api-specs/idn/v3/schemas/CompletedApproval.yaml
@@ -45,8 +45,10 @@ properties:
    $ref: './CommentDto.yaml'
    description: The requester's comment.
  reviewerComment:
-    $ref: './CommentDto.yaml'
+    allOf:
+      - $ref: './CommentDto.yaml'
    description: The approval's reviewer's comment.
+    nullable: true
  previousReviewersComments:
    type: array
    items:
@@ -69,6 +71,7 @@ properties:
    description: The date the role or access profile is no longer assigned to the specified identity.
    format: 'date-time'
    example: '2020-07-11T00:00:00Z'
+    nullable: true
  removeDateUpdateRequested:
    type: boolean
    description: If true, then the request was to change the remove date or sunset date.
@@ -78,6 +81,7 @@ properties:
    description: The remove date or sunset date that was assigned at the time of the request.
    format: 'date-time'
    example: '2020-07-11T00:00:00Z'
+    nullable: true
  sodViolationContext:
    $ref: './SodViolationContextCheckCompleted.yaml'
    description: The details of the SOD violations for the associated approval.