Get Request Items
Get the individual changes within a change request or approval. The user specified by the token must have access to the change request or approval.
GET https://instance.securid.com/aveksa/command.submit?cmd=getRequestItems
Either approval-id or request-id must be provided. When using a trusted application token, auth-user-id is required when using request-id. It is not required when using approval-id. When both approval-id and request-id are provided, request-id takes precedence and auth-user-id is required. The default response format is XML. Pass format=json to receive JSON.
Request
Parameters
| getRequestItems | |
| format | xml - (Default) Returns the response as XML.json - Returns the response as JSON. |
| approval-id | The ID of the approval work item, in id:WPDS:n format. Retrieve this from Get Approvals for User or Find Approvals. Either approval-id or request-id must be provided. |
| request-id | The numeric ID of the change request. Retrieve this from Create Change Request. Either approval-id or request-id must be provided. |
| auth-user-id | The ID of the user who submitted the change request. Required for trusted application tokens when using request-id. Use System if no auth-user-id was specified in the original createChangeRequest call. |
| page-size | Number of request items per page. (Default) 20 |
| start-page | Starting page number. (Default) 1 |
Headers
Bearer token |
Response
Parameters
NumRequestItems | Total number of request items in the change request. |
WorkItemId | The approval work item ID used in the query, in id:WPDS:n format. Empty string when queried by request-id. |
RequestId | Numeric ID of the change request. |
RequestStatus | Current status of the change request. For example: Approvals Phase Completed. |
RequestItems.RequestItem | A single object when 1 request item is returned. An array of objects when multiple request items are returned. An empty string when the requested page is beyond the result set. |
RequestItem.ItemId | Unique numeric ID of the request item. |
RequestItem.TypeDescription | Human-readable description of the change type. For example: Add application role to user Add user to group. |
RequestItem.Operation | The operation being performed. For example: Add Remove. |
RequestItem.OperandType | The type of object the operation targets. For example: User Account. |
RequestItem.ValueType | The type of the entitlement or value being changed. For example: ApplicationRole UserGroup. |
RequestItem.EntitlementType | Display name of the entitlement type. For example: Application Role Group. |
RequestItem.EntitlementName | Display name of the entitlement. |
RequestItem.EntitlementRawName | Raw/unformatted name of the entitlement. |
RequestItem.BusinessSource | Name of the business source for the entitlement. |
RequestItem.BusinessSourceAltName | Alternate display name for the business source. |
RequestItem.State | Current state of the request item. For example: Pending Approval Completed. |
RequestItem.ItemDescription | Description of the request item. Empty string if not set. |
RequestItem.DerivedType | How the entitlement is assigned. For example: Direct. |
RequestItem.IsChangeToApprove | true when queried by approval-id and this item is in scope for the approver. false when queried by request-id. |
RequestItem.UserName | Display name of the user, in LastName, FirstName format. Empty string when OperandType is Account. |
RequestItem.UserId | Numeric ID of the user. Present when OperandType is User. |
RequestItem.AccountName | Login name of the account. Empty string when OperandType is User. |
RequestItem.ApplicationRoleName | Application role name. Empty string if not applicable. |
RequestItem.UserGroupName | User group name. Empty string if not applicable. |
RequestItem.GlobalRoleName | Global role name. Empty string if not applicable. |
RequestItem.GlobalRoleSetName | Global role set name. Empty string if not applicable. |
RequestItem.Data_Resource_Name | Data resource name. Empty string if not applicable. |
Examples
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=getRequestItems&format=json&approval-id=1001:WPDS:1" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "getRequestItems",
"format": "json",
"approval-id": "1001:WPDS:1"
}
headers = {
'Authorization': 'Bearer <token>'
}
response = requests.get(url, params=params, headers=headers)
if response.status_code == 200:
data = response.json()
print(data)
else:
print(f"Request failed with status code {response.status_code}")
const axios = require('axios');
const url = "https://instance.securid.com/aveksa/command.submit";
const params = {
cmd: "getRequestItems",
format: "json",
"approval-id": "1001:WPDS:1"
};
const headers = {
'Authorization': 'Bearer <token>'
};
axios.get(url, { params, headers })
.then(response => {
if (response.status === 200) {
console.log(response.data);
} else {
console.log(`Request failed with status code ${response.status}`);
}
})
.catch(error => {
console.error('Error:', error);
});
Response
- 200 by approval-id
- 200 by request-id
- 200 XML
- 401 Invalid Token
- 412 Missing ID
- 412 Missing auth-user-id
- 412 approval-id Not Found
Pending approval. IsChangeToApprove is true and WorkItemId is populated.
{
"getRequestItems": {
"RequestItems": {
"RequestItem": {
"EntitlementName": "Reporting Users",
"UserName": "Smith, Alex",
"ValueType": "ApplicationRole",
"EntitlementRawName": "Reporting Users",
"GlobalRoleName": "",
"ApplicationRoleName": "",
"GlobalRoleSetName": "",
"BusinessSourceAltName": "HR System",
"Operation": "Add",
"ItemId": 101,
"ItemDescription": "",
"OperandType": "User",
"State": "Pending Approval",
"UserId": 0,
"UserGroupName": "",
"DerivedType": "Direct",
"IsChangeToApprove": true,
"TypeDescription": "Add application role to user",
"BusinessSource": "HR System",
"EntitlementType": "Application Role",
"Data_Resource_Name": "",
"AccountName": ""
}
},
"NumRequestItems": 1,
"RequestId": 1001,
"WorkItemId": "1001:WPDS:1",
"RequestStatus": "Approvals Phase"
}
}
Queried by request-id with auth-user-id. IsChangeToApprove is false and WorkItemId is empty.
{
"getRequestItems": {
"RequestItems": {
"RequestItem": {
"EntitlementName": "Reporting Users",
"UserName": "",
"ValueType": "ApplicationRole",
"EntitlementRawName": "Reporting Users",
"GlobalRoleName": "",
"ApplicationRoleName": "",
"GlobalRoleSetName": "",
"BusinessSourceAltName": "HR System",
"Operation": "Add",
"ItemId": 101,
"ItemDescription": "",
"OperandType": "Account",
"State": "Completed",
"UserGroupName": "",
"DerivedType": "Direct",
"IsChangeToApprove": false,
"TypeDescription": "Add application role to account",
"BusinessSource": "HR System",
"EntitlementType": "Application Role",
"Data_Resource_Name": "",
"AccountName": "jsmith"
}
},
"NumRequestItems": 1,
"RequestId": 1001,
"WorkItemId": "",
"RequestStatus": "Completed"
}
}
Default format when format is omitted. Field order differs from JSON: NumRequestItems appears first, followed by WorkItemId, RequestId, RequestStatus, then RequestItems.
<?xml version="1.0" encoding="UTF-8"?>
<getRequestItems>
<NumRequestItems>1</NumRequestItems>
<WorkItemId>1001:WPDS:1</WorkItemId>
<RequestId>1001</RequestId>
<RequestStatus>Approvals Phase</RequestStatus>
<RequestItems>
<RequestItem>
<ItemId>101</ItemId>
<TypeDescription>Add application role to user</TypeDescription>
<Operation>Add</Operation>
<OperandType>User</OperandType>
<ValueType>ApplicationRole</ValueType>
<EntitlementType>Application Role</EntitlementType>
<EntitlementName>Reporting Users</EntitlementName>
<EntitlementRawName>Reporting Users</EntitlementRawName>
<BusinessSource>HR System</BusinessSource>
<BusinessSourceAltName>HR System</BusinessSourceAltName>
<State>Pending Approval</State>
<ItemDescription/>
<DerivedType>Direct</DerivedType>
<IsChangeToApprove>true</IsChangeToApprove>
<UserName>Smith, Alex</UserName>
<ApplicationRoleName/>
<UserGroupName/>
<GlobalRoleName/>
<GlobalRoleSetName/>
<Data_Resource_Name/>
<AccountName/>
</RequestItem>
</RequestItems>
</getRequestItems>
<html>
<head>
<title>Error</title>
</head>
<body>The token is not valid for the command 'getRequestItems'. Token is invalid or expired</body>
</html>
Returned when neither approval-id nor request-id is provided.
<html>
<head>
<title>Error</title>
</head>
<body>Either the 'approval-id' or the 'request-id' parameter must be provided.
Query String=cmd=getRequestItems&format=json</body>
</html>
Returned when using a trusted application token with request-id and auth-user-id is absent.
<html>
<head>
<title>Error</title>
</head>
<body>The parameter auth-user-id is required.
Query String=cmd=getRequestItems&format=json&request-id=1001</body>
</html>
<html>
<head>
<title>Error</title>
</head>
<body>The work item could not be retrieved
Query String=cmd=getRequestItems&format=json&approval-id=99999:WPDS:1</body>
</html>
Verified with RSA Governance & Lifecycle version 8.0.0.188886 P10_HF01.
See Also
- Find Approvals: Search for approval IDs
- Get Approvals for User: List approvals for a user
- Get Approval Details: Retrieve full details for a specific approval
- Perform Approval: Accept or reject an approval