Update Review Items
Update the state of review items in a given review.
POST https://instance.securid.com/aveksa/command.submit?cmd=updateReviewItems
note
Review should be in Active state and only review items that are reviewable by the user (specified by token) will be actionable using web service.
Request
Parameters
| updateReviewItems | |
| format | properties - (Default) key=value. most useful when requesting a single object. If multiple objects are returned, values is a csv. ie key=value1,value2,value3 where value1 is the value for the first object, value2 is the value for the 2nd object, etc.json - Useful format for parsing into javascript or other languages. See www.json.org for details. |
Headers
Bearer token | |
| Accept | application/json |
| Content-Type | application/json |
Body
<Review>
<ReviewResultName>value</ReviewResultName>
<SignOff>false</SignOff>
<UpdateCommentsOnly>false</UpdateCommentsOnly>
<ReviewItemChange state="revoke" comments="value">
<RevieweeUserId>value</RevieweeUserId>
<Entitlement resource="value" action="value" business-source="value"/>
</ReviewItemChange>
<ReviewItemChange state="maintain" comments="value" expires-on="DD-MMM-YYYY">
<RevieweeUserId>value</RevieweeUserId>
<ApplicationRole name="value" business-source="value"/>
</ReviewItemChange>
<ReviewItemChange state="none" comments="value">
<RevieweeUserId>value</RevieweeUserId>
<RevieweeAccount name="value" business-source="value"/>
<Group name="value" business-source="value"/>
</ReviewItemChange>
<ReviewItemChange state="custom" comments="value">
<RevieweeUserId>value</RevieweeUserId>
<GlobalRole name="value" role-set="value"/>
</ReviewItemChange>
</Review>
ReviewResultName | The name of the review. |
SignOff | true, false Enable sign off for the review. (Default) false |
UpdateCommentsOnly | true, false This parameter is used to update the comment only, if it is present with true value, then no state action will be considered. (Default) false |
Comments | Comments to sign off review components. |
RevieweeUserId | The UserId of the user who is being reviewed. |
RevieweeAccount |
business-source - The attribute must be the application raw name of users account being reviewed. |
ReviewItemChange |
expires-on - The attribute must be the expiration date of maintain state when allowed on review. |
Entitlement |
business-source - The attribute must be the raw name of business source the entitlement belongs. |
ApplicationRole |
business-source - The attribute must be the raw name of business source the application role belongs. |
Group |
business-source - The attribute must be the raw name of business source the group belongs. |
GlobalRole |
role-set - The attribute must be raw name of the role set to which global role belongs. |
Response
Parameters
type | Executed command name |
Status | The status of the operation. The command returns XML as an output specifying status for each review item. If any of the items are updated successfully, a status of success will be returned. The response will contain details of what items could be updated and what items failed. |
Examples
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=updateReviewItems&format=json" \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
--data-raw "<Review>
<ReviewResultName>UAR-3</ReviewResultName>
<SignOff>false</SignOff>
<UpdateCommentsOnly>false</UpdateCommentsOnly>
<ReviewItemChange state=\"revoke\" comments=\"Alice no longer needs this access\">
<RevieweeUserId>asmith</RevieweeUserId>
<RevieweeAccount name=\"mason.stewart@example.com\" business-source=\"Okta\"/>
<Group name=\"HR Department\" business-source=\"Okta\"/>
</ReviewItemChange>
<ReviewItemChange state=\"revoke\" comments=\"Alex no longer needs this access\">
<RevieweeUserId>achen</RevieweeUserId>
<RevieweeAccount name=\"TelemetryUser\" business-source=\"CyberArk (REST)\"/>
<Group name=\"Auditors\" business-source=\"CyberArk (REST)\"/>
</ReviewItemChange>
</Review>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "updateReviewItems",
"format": "json"
}
payload = """
<Review>
<ReviewResultName>UAR-3</ReviewResultName>
<SignOff>false</SignOff>
<UpdateCommentsOnly>false</UpdateCommentsOnly>
<ReviewItemChange state="revoke" comments="Alice no longer needs this access">
<RevieweeUserId>asmith</RevieweeUserId>
<RevieweeAccount name="mason.stewart@example.com" business-source="Okta"/>
<Group name="HR Department" business-source="Okta"/>
</ReviewItemChange>
<ReviewItemChange state="revoke" comments="Alex no longer needs this access">
<RevieweeUserId>achen</RevieweeUserId>
<RevieweeAccount name="TelemetryUser" business-source="CyberArk (REST)"/>
<Group name="Auditors" business-source="CyberArk (REST)"/>
</ReviewItemChange>
</Review>
"""
headers = {
'Authorization': 'Bearer <token>',
'Content-Type': 'application/xml'
}
response = requests.post(url, params=params, data=payload, headers=headers)
if response.status_code == 200:
data = response.json()
print(data)
else:
print(f"Request failed with status code {response.status_code}")
Response
- 200
- 412 Invalid Data
- 412 Not Actionable
{
"data": {
"type": "updateReviewItems",
"Status": "Success. Updated all 2 review components with specified states."
}
}
<html>
<head>
<title>Error</title>
</head>
<body>Could not find a review with name value
Query String=cmd=updateReviewItems&format=json</body>
</html>
<html>
<head>
<title>Error</title>
</head>
<body>The review is not an actionable state.
Query String=cmd=updateReviewItems&format=json</body>
</html>