Jump to

• Request
• Response
• Examples

Get an Access Request

get

/access-governance/access-controls/20250331/accessRequests/{accessRequestId}

Returns details of an access request with a given ID.

Request

Path Parameters

• accessRequestId(required): string
  Unique AccessRequest identifier

Header Parameters

• opc-request-id: string
  The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.

Back to Top

Response

Supported Media Types

• application/json

200 Response

The Access Request for the given id

Headers

• etag: string
  For optimistic concurrency control. See `if-match`.
• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : AccessRequest

Type: object

Description of AccessRequest.

Show Source

• accessBundles: array accessBundles
  list of Access bundle items.
• approvalRequests: array approvalRequests
  List of approval requests created as part of the access request
• attributes: object attributes
  Additional Properties Allowed: additionalProperties

  Attributes of the corresponding model. Example: `{"foo-namespace": {"bar-key": "value"}}`
• createdBy: string
  The user that created the request
• id(required): string
  The Unique Oracle ID (OCID) that is immutable on creation.
• identities: array identities
  list of identities
• justification: string
  Justification for creating or updating the access request
• permissionRoles: array permissionRoles
  list of Permission roles items.
• requestStatus: string
  Status of the access request
• timeCreated: string(date-time)
  The time the the AccessRequest was created. An RFC3339 formatted datetime string
• timeUpdated: string(date-time)
  The time the the AccessRequest was last updated. An RFC3339 formatted datetime string

{
    "type":"object",
    "required":[
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"The Unique Oracle ID (OCID) that is immutable on creation."
        },
        "justification":{
            "type":"string",
            "description":"Justification for creating or updating the access request"
        },
        "requestStatus":{
            "type":"string",
            "description":"Status of the access request"
        },
        "timeCreated":{
            "type":"string",
            "format":"date-time",
            "description":"The time the the AccessRequest was created. An RFC3339 formatted datetime string"
        },
        "timeUpdated":{
            "type":"string",
            "format":"date-time",
            "description":"The time the the AccessRequest was last updated. An RFC3339 formatted datetime string"
        },
        "createdBy":{
            "type":"string",
            "description":"The user that created the request"
        },
        "permissionRoles":{
            "type":"array",
            "description":"list of Permission roles items.",
            "items":{
                "$ref":"#/definitions/Info"
            }
        },
        "accessBundles":{
            "type":"array",
            "description":"list of Access bundle items.",
            "items":{
                "$ref":"#/definitions/AccessBundleInfo"
            }
        },
        "identities":{
            "type":"array",
            "description":"list of identities",
            "items":{
                "$ref":"#/definitions/Info"
            }
        },
        "attributes":{
            "type":"object",
            "description":"Attributes of the corresponding model. \nExample: `{\"foo-namespace\": {\"bar-key\": \"value\"}}`\n",
            "additionalProperties":{
                "type":"object",
                "properties":{
                }
            }
        },
        "approvalRequests":{
            "type":"array",
            "description":"List of approval requests created as part of the access request",
            "items":{
                "$ref":"#/definitions/ApprovalRequest"
            }
        }
    },
    "description":"Description of AccessRequest."
}

Nested Schema : accessBundles

Type: array

list of Access bundle items.

Show Source

• Array of: object AccessBundleInfo
  Generic information object.

{
    "type":"array",
    "description":"list of Access bundle items.",
    "items":{
        "$ref":"#/definitions/AccessBundleInfo"
    }
}

Nested Schema : approvalRequests

Type: array

List of approval requests created as part of the access request

Show Source

• Array of: object ApprovalRequest
  Details of an Approval Request.

{
    "type":"array",
    "description":"List of approval requests created as part of the access request",
    "items":{
        "$ref":"#/definitions/ApprovalRequest"
    }
}

Nested Schema : attributes

Type: object

Additional Properties Allowed

Show Source

• object additionalProperties

{
    "type":"object",
    "description":"Attributes of the corresponding model. \nExample: `{\"foo-namespace\": {\"bar-key\": \"value\"}}`\n",
    "additionalProperties":{
        "type":"object",
        "properties":{
        }
    }
}

Attributes of the corresponding model. Example: `{"foo-namespace": {"bar-key": "value"}}`

Nested Schema : identities

Type: array

list of identities

Show Source

• Array of: object Info
  Generic information object.

{
    "type":"array",
    "description":"list of identities",
    "items":{
        "$ref":"#/definitions/Info"
    }
}

Nested Schema : permissionRoles

Type: array

list of Permission roles items.

Show Source

• Array of: object Info
  Generic information object.

{
    "type":"array",
    "description":"list of Permission roles items.",
    "items":{
        "$ref":"#/definitions/Info"
    }
}

Nested Schema : AccessBundleInfo

Type: object

Generic information object.

Show Source

• accountProfileId: string
  account profile id
• displayName: string
  display name of the entity
• id: string
  id of the entity.
• name: string
  name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"id of the entity."
        },
        "name":{
            "type":"string",
            "description":"name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"display name of the entity"
        },
        "accountProfileId":{
            "type":"string",
            "description":"account profile id"
        }
    },
    "description":"Generic information object."
}

Nested Schema : ApprovalRequest

Type: object

Details of an Approval Request.

Show Source

• accessStartTime: string(date-time)
  The temporal access start time
• assignmentDescription: string
  Description of the assignment that is being requested.
• assignmentName: string
  Name of the assignment that is being requested.
• assignmentType: string
  Allowed Values: [ "ACCESS_BUNDLE", "ROLE", "IDENTITY_GROUP", "ACTIVE_GROUP", "CONSUMER_GROUP", "AG_ORGANIZATION" ]

  Type of the assignment that is being requested.
• beneficiary: string
  Identifier of the beneficiary.
• beneficiaryEmail: string
  email of the beneficiary.
• failedDueToAccessGuardrailViolations: boolean
  Boolean flag set to true if request failed due to Access Guardrail violations.
• id(required): string
  process instance id.
• requestor: string
  Identifier of the requestor.
• requestType: string
  Allowed Values: [ "WORKFLOW", "NO_WORKFLOW" ]

  Type the request - workflow or no workflow.
• separationOfDutiesAnalysisRequests: object SeparationOfDutiesRequestCollection
  A collection of separation of duties request summaries.
• status: string
  Allowed Values: [ "PENDING_APPROVALS", "INFO_REQUESTED", "APPROVED", "REJECTED", "DELETED", "FAILED", "CANCELLED", "PENDING_SOD", "PROVISIONED", "PROVISIONING_IN_PROGRESS", "PROVISIONING_FAILED" ]

  The status of the approval process instance.
• timeUpdated: string(date-time)
  The last update date of the request.

{
    "type":"object",
    "required":[
        "id"
    ],
    "properties":{
        "id":{
            "type":"string",
            "description":"process instance id."
        },
        "requestor":{
            "type":"string",
            "description":"Identifier of the requestor."
        },
        "beneficiary":{
            "type":"string",
            "description":"Identifier of the beneficiary."
        },
        "beneficiaryEmail":{
            "type":"string",
            "description":"email of the beneficiary."
        },
        "status":{
            "type":"string",
            "description":"The status of the approval process instance.",
            "enum":[
                "PENDING_APPROVALS",
                "INFO_REQUESTED",
                "APPROVED",
                "REJECTED",
                "DELETED",
                "FAILED",
                "CANCELLED",
                "PENDING_SOD",
                "PROVISIONED",
                "PROVISIONING_IN_PROGRESS",
                "PROVISIONING_FAILED"
            ],
            "x-obmcs-top-level-enum":"#/definitions/RequestStatus"
        },
        "assignmentName":{
            "type":"string",
            "description":"Name of the assignment that is being requested."
        },
        "assignmentType":{
            "type":"string",
            "description":"Type of the assignment that is being requested.",
            "enum":[
                "ACCESS_BUNDLE",
                "ROLE",
                "IDENTITY_GROUP",
                "ACTIVE_GROUP",
                "CONSUMER_GROUP",
                "AG_ORGANIZATION"
            ],
            "x-obmcs-top-level-enum":"#/definitions/AssignmentType"
        },
        "assignmentDescription":{
            "type":"string",
            "description":"Description of the assignment that is being requested."
        },
        "requestType":{
            "type":"string",
            "description":"Type the request - workflow or no workflow.",
            "enum":[
                "WORKFLOW",
                "NO_WORKFLOW"
            ],
            "x-obmcs-top-level-enum":"#/definitions/RequestType"
        },
        "timeUpdated":{
            "type":"string",
            "format":"date-time",
            "description":"The last update date of the request."
        },
        "failedDueToAccessGuardrailViolations":{
            "type":"boolean",
            "description":"Boolean flag set to true if request failed due to Access Guardrail violations."
        },
        "accessStartTime":{
            "type":"string",
            "format":"date-time",
            "description":"The temporal access start time"
        },
        "separationOfDutiesAnalysisRequests":{
            "$ref":"#/definitions/SeparationOfDutiesRequestCollection"
        }
    },
    "description":"Details of an Approval Request."
}

Nested Schema : SeparationOfDutiesRequestCollection

Type: object

A collection of separation of duties request summaries.

Show Source

• items(required): array items
  List of separation of duties request summaries.

{
    "type":"object",
    "required":[
        "items"
    ],
    "properties":{
        "items":{
            "type":"array",
            "description":"List of separation of duties request summaries.",
            "items":{
                "$ref":"#/definitions/SeparationOfDutiesRequestSummary"
            }
        }
    },
    "description":"A collection of separation of duties request summaries."
}

Nested Schema : items

Type: array

List of separation of duties request summaries.

Show Source

• Array of: object SeparationOfDutiesRequestSummary
  A summary for a separation of duties request.

{
    "type":"array",
    "description":"List of separation of duties request summaries.",
    "items":{
        "$ref":"#/definitions/SeparationOfDutiesRequestSummary"
    }
}

Nested Schema : SeparationOfDutiesRequestSummary

Type: object

A summary for a separation of duties request.

Show Source

• requestId(required): string
  A string representing a separation of duties work request. Get updates on the status of a request by using the 'Check status of the separation of duties request(s)' endpoint.
• status(required): string
  The status of the separation of duties work request.

{
    "type":"object",
    "required":[
        "requestId",
        "status"
    ],
    "properties":{
        "requestId":{
            "type":"string",
            "description":"A string representing a separation of duties work request. Get updates on the status of a request by\nusing the 'Check status of the separation of duties request(s)' endpoint.\n"
        },
        "status":{
            "type":"string",
            "description":"The status of the separation of duties work request."
        }
    },
    "description":"A summary for a separation of duties request."
}

Nested Schema : additionalProperties

Type: object

Show Source

{
    "type":"object",
    "properties":{
    }
}

Nested Schema : Info

Type: object

Generic information object.

Show Source

• displayName: string
  Display Name of the entity.
• id: string
  id of the entity.
• name: string
  name of the entity.

{
    "type":"object",
    "properties":{
        "id":{
            "type":"string",
            "description":"id of the entity."
        },
        "name":{
            "type":"string",
            "description":"name of the entity."
        },
        "displayName":{
            "type":"string",
            "description":"Display Name of the entity."
        }
    },
    "description":"Generic information object."
}

400 Response

Bad Request

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

401 Response

Unauthorized

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

404 Response

Not Found

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

429 Response

Too Many Requests

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

500 Response

Internal Server Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Default Response

Unknown Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

Error Information.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing.
• message(required): string
  A human-readable error string.

{
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "description":"Error Information."
}

Back to Top

Examples

The following example shows how to retrieve details on a specific Access Request. Replace placeholder values with actual values before running the sample command.

cURL Example

curl -i -X \
 GET \
   -H \
 "Authorization:Bearer <your access token>" \
 '${service-instance-url}/access-governance/access-controls/${version}/accessRequests/${accessRequestID}'

Sample GET command using REST Client

http://${si}/access-governance/access-controls/${version}/accessRequests/${accessRequestID}

Example of the Response Body with SOD Violations

{
"id": "NOWORKFLOW_f45b5228-d5e0-xxxx-aff1-e8c7a71bxxxa",
"requestor": "Amel Maclead",
"beneficiary": "Carmel StJohn",
"beneficiaryEmail": "test@example.com",
"status": "PROVISIONED",
"assignmentName": "AB-ODT",
"assignmentType": "ACCESS_BUNDLE",
"assignmentDescription": "AB-ODT",
"requestType": "NO_WORKFLOW",
"timeUpdated": "2026-03-03T09:37:04.069Z",
"failedDueToAccessGuardrailViolations": false,
"accessStartTime": null,
"separationOfDutiesAnalysisRequests":{
"items":[
{
"requestId": "xx-7axxx-b3f96b3a67fcad5f145",
"status": "SUCCESS"
}
]
}

Back to Top