Deny Authorization

Authorization is in pended status can be brought back in the "Change" status by the unfinalize operation.

When an authorization is the status "Pended", a Deny link is added to the authorization resource:

   ... authorization properties ...
 "links": [
    {
      "href": "http://<host>:<port>/api/generic/authorizations/<id>",
      "rel": "self"
    },
    {
      "href": "http://<host>:<port>/api/authorizations/<authorization id>/unfinalize",
      "rel": "authorization:deny",
      "httpMethod": "POST"
    }
  ]
}

Clients must send one authorization Fatal message in the POST payload:

{
  "authorizationmessage": [
  {
    "sourceReference": "<source reference value>",
    "message": {
      "id": "<id of message>"
    }
  }

In the example, Famtal message is passed. Without a fatal message, HTTP Status 400 (Bad Request) is returned

Authorization

The operation in this section is protected by access restriction "authorization.deny IP". A grant must be given with both the Read and Update flag set. A Read grant must also be given to access restriction "authorizations API".

Response Message

Success: HTTP 303 SEE OTHER after the operation is completed successfully, request is redirected to authorizations API.
Failure

Response	Description
HTTP 401	Unauthorized
HTTP 404	Authorization form code {code} is unknown
HTTP 409	Authorization is not in a status that allows Deny

Response

Description

HTTP 401

Unauthorized

HTTP 404

Authorization form code {code} is unknown

HTTP 409

Authorization is not in a status that allows Deny

Please refer to the 'Response Messages' section in the HTTP API Integration Points part of the Common Features book for more details.