Components
The request string for a delegation request must be a JSON string that adheres to the following information:
Property | Value | Required | Details |
|---|---|---|---|
Timestamp | When to process the request | Yes | Must be an ISO 8601 extended format date and time in UTC and may be set to a value in the future to schedule the request.
|
Type | The type of request | Yes | Must be a string with the following value: Delegation |
Action | Action for the request | Yes | Must be one of the following approved verbs: |
Grant, |
Revoke | |||
Path | OU targetted by the request | Yes | Must be an OU under the |
Department OU of the department.
| |||
Principal | AD group in the delegation | Yes | Must be an Active Directory security group.
|
Delegation | Permissions for request | Yes | Must be one of the |
supported delegations (see: |
Supported Delegations) and must not contain any white space.
| |||
RequestedBy | User submitting the request | Yes | Must be the department administrator submitting the request. Validated against the |
Administrators group |
for the department.
| |||
Notes | Additional information | No | Text field to store information about the delegation request. |
Examples
The following JSON string is an example of a valid request string:
| Code Block |
|---|
{
"Timestamp":"2024-01-02T03:04:05.006Z",
"Type":"Delegation",
"Action":"Grant",
"Path":"OU=Computers,OU=EXAMPLE,OU=Departments,DC=austin,DC=utexas,DC=edu",
"Principal":"EXAMPLE-ComputerAdmins",
"Delegation":"Computers",
"RequestedBy":"EXAMPLE-abcd1234",
"Notes":"This is a test delegation"
} |