Components
The request string for a delegation request must be a JSON string that adheres to the following information:
Property | Value | Required | Details |
|---|---|---|---|
Timestamp | When to process the request | Yes | Must be an ISO 8601 extended format date and time in UTC and may be set to a value in the future to schedule the request.
|
Type | The type of request | Yes | Must be a string with the following value: Delegation |
Action | Action for the request | Yes | Must be one of the following approved verbs: |
Grant, |
Revoke | |||
Path | OU targetted by the request | Yes | Must be an OU under the |
Department OU of the department.
| |||
Principal | AD group in the delegation | Yes | Must be an Active Directory security group.
|
Delegation | Permissions for request | Yes | Must be one of the |
supported delegations (see: Supported Delegations |
) and must not contain any white space.
|
|
|
RequestedBy | User submitting the request | Yes | Must be the department administrator submitting the request. Validated against the |
Administrators group |
for the department.
| |||
Notes | Additional information | No | Text field to store information about the delegation request. |
Examples
The following JSON string is an example of a valid request string:
| Code Block |
|---|
{ "Timestamp":"2024-01-02T03:04:05.006Z", "Type":"Delegation", "Action":"Grant", "Path":"OU=Computers,OU=EXAMPLE,OU=Departments,DC=austin,DC=utexas,DC=edu", "Principal":"EXAMPLE-ComputerAdmins", "Delegation":"Computers", "RequestedBy":"EXAMPLE-abcd1234", "Notes":"This is a test delegation" } |