AccessRequest
/api/v1/operations/access-requestsA request to grant, modify, or revoke system access.
listgetcreateupdatedeleteapproveprovisionSchema
| Field | Type | Notes |
|---|---|---|
| id* | uuid | Server-assigned ULID with type prefix (e.g. per_…). |
| tenant_id* | string | Tenant scope — auto-stamped from the caller's JWT. |
| app_id | string | App scope. Stamped ONLY when the caller's JWT was minted for a specific Application (integration API keys). Absent for human-user sessions. Filters reads when present. |
| created_at* | date-time | Server stamp. |
| updated_at* | date-time | Server stamp; updated on every patch. |
| created_by | uuid | Person id from the caller's JWT (sub). |
| updated_by | uuid | Person id from the last writer's JWT (sub). |
| source | string | Provenance tag — defaults to 'edm'. |
| source_type | enum | frontend | backend | server | system | apiWhere the write originated. Defaults to 'api'. |
| is_deleted | boolean | Soft-delete flag. Excluded from default list queries. |
| deleted_at | date-time | Stamped when soft-deleted; null otherwise. |
| deleted_by | uuid | Person id who soft-deleted; null otherwise. |
| schema_version | number | Document schema version. Bumped on incompatible writes. |
| requester_id* | string | User ID of the person requesting access. |
| system_id* | string | Target system identifier (e.g., github, aws, slack). |
| access_type* | enum | new | modify | revokeType of access change requested. |
| status | enum | pending | approved | rejected | provisioned | completedRequest lifecycle status. |
| justification* | string | Business justification for the access request. |
| approver_id | string | User ID of the approver. |
| approved_at | date-time | ISO 8601 timestamp when approved. |
| provisioned_at | date-time | ISO 8601 timestamp when access was provisioned. |
| asset_id | uuid | UUID of the TechnologyAsset to which this entitlement grants access. |
| principal_id | uuid | UUID of the Person or Group that holds this entitlement. |
| principal_type | enum | person | groupWhether principal_id refers to a Person or a Group. |
| entitlement_type | string | The specific permission role or access level granted. |
| granted_at | date-time | ISO 8601 timestamp when this entitlement was originally granted. |
| granted_by_id | uuid | UUID of the Person who approved or provisioned this entitlement. |
| expires_at | date-time | ISO 8601 timestamp when this entitlement is scheduled to expire. |
| tags | json | Free-form tags. |
API
Loading manifest…