Components
The request string for a delegation request must be a JSON string that adheres to the following information:
Property | Value | Required | Details |
|---|---|---|---|
Timestamp | When to process the request | Yes | Must be an ISO 8601 extended format date and time in UTC and may be set to a value in the future to schedule the request.
|
Type | The type of request | Yes | Must be a string with the following value: Delegation |
Action | Action for the request | Yes | Must be one of the following approved verbs: Grant, Revoke |
Path | OU targetted by the request | Yes | Must be an OU under the Department OU of the department.
|
|
| |||
Principal | AD group in the delegation | Yes | Must be an Active Directory security group.
|
|
|
| |||
Delegation | Permissions for request | Yes | Must be one of the supported delegations (see: Supported Delegations) and must not contain any white space.
|
| |||
RequestedBy | User submitting the request | Yes | Must be the department administrator submitting the request. Validated against the Administrators group for the department.
|
| |||
Notes | Additional information | No | Text field to store information about the delegation request. |
Examples
The following JSON string is an example of a valid request string:
| Code Block |
|---|
{
"Timestamp":"2024-0301-01T1202T03:0004:0005.000Z006Z",
"Type":"Delegation",
"Action":"Grant",
"Path":"OU=Test-DelegationComputers,OU=ALEXEXAMPLE,OU=Departments,DC=austin,DC=utexas,DC=edu",
"Principal":"ALEXEXAMPLE-AccountsComputerAdmins",
"Delegation":"GroupComputers",
"RequestedBy":"ALEX-barthag",
"RequestedFor":"barthagEXAMPLE-abcd1234",
"Notes":"This is a test delegation"
} |
...