Unfinalize Authorization

Authorizations in approved and denied status can be brought back in the "Change" status by the unfinalize operation. The steps of unfinalizing are described in Unfinalize Authorization

When an authorization is either in the status "Approved" or "Denied", an unfinalize link is added to the authorization resource:

   ... authorization properties ...
 "links": [
    {
      "href": "http://<host>:<port>/api/generic/authorizations/<id>",
      "rel": "self"
    },
    {
      "href": "http://<host>:<port>/api/authorizations/<authorization id>/unfinalize",
      "rel": "authorization:unfinalize",
      "httpMethod": "POST"
    }
  ]
}

Clients must send one authorization unfinalize reasons in the POST payload:

{
  "authorizationunfinalizeReason": [
  {
    "sourceReference": "<source reference value>",
    "unfinalizeReason": {
      "id": "<id of unfinalize reason>"
    }
  }

In the example, unfinalize reasons is passed. Without an unfinalize reason, HTTP Status 400 (Bad Request) is returned, with additional error message "AUT-IP-AUTI-015" - "An unfinalize reason is required when updating an authorization with status APPROVED or DENIED".

Unfinalize reasons are always protected by access restrictions. HTTP API operations enforces those access restrictions:

HTTP status 403 is returned if the current user does not have the access rights for all the unfinalize reasons in the payload.
If any rights are missing, no change is made at all to the authorization or any of its details.

The unfinalize reasons in the payload will replace possibly existing unfinalize reasons for the authorization. HTTP Status 200 is returned together with a representation of the authorization resource (which is now in status Change").

Authorization

The operation in this section is protected by access restriction "authorization.unfinalize IP". A grant must be given with both the Read and Update flag set. A Read grant must also be given to access restriction "authorizations API".

Response Message

Success: HTTP 303 SEE OTHER after the operation is completed successfully, request is redirected to authorizations API.
Failure

Response	Description
HTTP 401	Unauthorized
HTTP 404	Authorization form code {code} is unknown
HTTP 409	Authorization is not in a status that allows unfinalize

Response

Description

HTTP 401

Unauthorized

HTTP 404

Authorization form code {code} is unknown

HTTP 409

Authorization is not in a status that allows unfinalize

Please refer to the 'Response Messages' section in the HTTP API Integration Points part of the Common Features book for more details.