data structure:
| Field | Type | Description |
|---|---|---|
id | string | The UUID of the access request |
affected_user | object | The user who will receive (or was denied) access |
requested_by | object | The user who submitted the request |
application | object | The application access was requested for |
object | object | The specific resource within the application |
entitlements | array | The entitlements (roles/permissions) requested |
request_reason | string | The reason provided by the requester |
created_at | string | ISO 8601 timestamp of when the request was created |
type | string | The request type (e.g. specific) |
- request.created
- request.approved
- request.denied
- request.granted
- request.rejected
Fired when a new access request is submitted.
Copy
{
"affected_user": {
"email": "john.doe@example.com",
"full_name": "John Doe",
"id": "8b15e986-84ac-4dbc-8e66-c82ebf3d2fc2"
},
"application": {
"id": "c4d5e6f7-a8b9-0123-cdef-456789abcdef",
"title": "GitHub"
},
"created_at": "2022-07-13T23:42:00Z",
"entitlements": [
{
"id": "e6f7a8b9-c0d1-2345-efab-6789abcdef01",
"title": "Read Access"
}
],
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"object": {
"id": "d5e6f7a8-b9c0-1234-defa-56789abcdef0",
"title": "Engineering Team"
},
"request_reason": "Need access for project work",
"requested_by": {
"email": "admin@example.com",
"full_name": "Admin User",
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26"
},
"type": "specific"
}
Fired when all required approvers have approved the request. Access provisioning has been initiated but may not yet be complete—listen for
request.granted to confirm access was provisioned.The data object includes additional fields:| Field | Type | Description |
|---|---|---|
approved_at | string | ISO 8601 timestamp of when the final approval was given |
approved_by | array | List of users who approved the request |
Copy
{
"affected_user": {
"email": "john.doe@example.com",
"full_name": "John Doe",
"id": "8b15e986-84ac-4dbc-8e66-c82ebf3d2fc2"
},
"application": {
"id": "c4d5e6f7-a8b9-0123-cdef-456789abcdef",
"title": "GitHub"
},
"approved_at": "2022-07-13T23:42:00Z",
"approved_by": [
{
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26",
"email": "admin@example.com",
"full_name": "Admin User"
}
],
"created_at": "2022-07-13T23:42:00Z",
"entitlements": [
{
"id": "e6f7a8b9-c0d1-2345-efab-6789abcdef01",
"title": "Read Access"
}
],
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"object": {
"id": "d5e6f7a8-b9c0-1234-defa-56789abcdef0",
"title": "Engineering Team"
},
"request_reason": "Need access for project work",
"requested_by": {
"email": "admin@example.com",
"full_name": "Admin User",
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26"
},
"type": "specific"
}
Fired when an approver denies the access request.The
data object includes additional fields:| Field | Type | Description |
|---|---|---|
approved_by | array | List of users who had already approved before the denial |
denied_at | string | ISO 8601 timestamp of when the request was denied |
denied_by | object | The user who denied the request |
Copy
{
"affected_user": {
"email": "john.doe@example.com",
"full_name": "John Doe",
"id": "8b15e986-84ac-4dbc-8e66-c82ebf3d2fc2"
},
"application": {
"id": "c4d5e6f7-a8b9-0123-cdef-456789abcdef",
"title": "GitHub"
},
"approved_by": [
{
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26",
"email": "admin@example.com",
"full_name": "Admin User"
}
],
"created_at": "2022-07-13T23:42:00Z",
"denied_at": "2022-07-13T23:42:00Z",
"denied_by": {
"email": "security@example.com",
"full_name": "Security Admin",
"id": "7c9e1f2a-3b4d-5e6f-8a9b-0c1d2e3f4a5b"
},
"entitlements": [
{
"id": "e6f7a8b9-c0d1-2345-efab-6789abcdef01",
"title": "Read Access"
}
],
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"object": {
"id": "d5e6f7a8-b9c0-1234-defa-56789abcdef0",
"title": "Engineering Team"
},
"request_reason": "Need access for project work",
"requested_by": {
"email": "admin@example.com",
"full_name": "Admin User",
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26"
},
"type": "specific"
}
Fired when access has been successfully provisioned after approval. This is the final confirmation that the user now has the requested access.The
data object includes additional fields:| Field | Type | Description |
|---|---|---|
approved_at | string | ISO 8601 timestamp of when the request was approved |
approved_by | array | List of users who approved the request |
granted_at | string | ISO 8601 timestamp of when access was provisioned |
provisioner | object | The actor who provisioned the access, including a type field (manual or automation) |
Copy
{
"affected_user": {
"email": "john.doe@example.com",
"full_name": "John Doe",
"id": "8b15e986-84ac-4dbc-8e66-c82ebf3d2fc2"
},
"application": {
"id": "c4d5e6f7-a8b9-0123-cdef-456789abcdef",
"title": "GitHub"
},
"approved_at": "2022-07-13T23:42:00Z",
"approved_by": [
{
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26",
"email": "admin@example.com",
"full_name": "Admin User"
}
],
"created_at": "2022-07-13T23:42:00Z",
"entitlements": [
{
"id": "e6f7a8b9-c0d1-2345-efab-6789abcdef01",
"title": "Read Access"
}
],
"granted_at": "2022-07-13T23:42:00Z",
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"object": {
"id": "d5e6f7a8-b9c0-1234-defa-56789abcdef0",
"title": "Engineering Team"
},
"provisioner": {
"email": "provisioner@example.com",
"full_name": "Provisioner User",
"id": "7c9e1f2a-3b4d-5e6f-8a9b-0c1d2e3f4a5b",
"type": "manual"
},
"request_reason": "Need access for project work",
"requested_by": {
"email": "admin@example.com",
"full_name": "Admin User",
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26"
},
"type": "specific"
}
Fired when a provisioner is unable to provision access after the request was approved. This can happen when an integration fails or a manual provisioner rejects the provisioning step.The
data object includes additional fields:| Field | Type | Description |
|---|---|---|
approved_at | string | ISO 8601 timestamp of when the request was approved |
approved_by | array | List of users who approved the request |
provisioner | object | The actor who attempted provisioning |
reject_reason | string | The reason given for the rejection |
rejected_at | string | ISO 8601 timestamp of when the provisioning was rejected |
Copy
{
"affected_user": {
"email": "john.doe@example.com",
"full_name": "John Doe",
"id": "8b15e986-84ac-4dbc-8e66-c82ebf3d2fc2"
},
"application": {
"id": "c4d5e6f7-a8b9-0123-cdef-456789abcdef",
"title": "GitHub"
},
"approved_at": "2022-07-13T23:42:00Z",
"approved_by": [
{
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26",
"email": "admin@example.com",
"full_name": "Admin User"
}
],
"created_at": "2022-07-13T23:42:00Z",
"entitlements": [
{
"id": "e6f7a8b9-c0d1-2345-efab-6789abcdef01",
"title": "Read Access"
}
],
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"object": {
"id": "d5e6f7a8-b9c0-1234-defa-56789abcdef0",
"title": "Engineering Team"
},
"provisioner": {
"email": "provisioner@example.com",
"full_name": "Provisioner User",
"id": "7c9e1f2a-3b4d-5e6f-8a9b-0c1d2e3f4a5b",
"type": "manual"
},
"reject_reason": "Access not available for this resource",
"rejected_at": "2022-07-13T23:42:00Z",
"request_reason": "Need access for project work",
"requested_by": {
"email": "admin@example.com",
"full_name": "Admin User",
"id": "5a3e57df-2d08-46be-b5bd-b3ea505a3d26"
},
"type": "specific"
}