Components
The request string for a delegation request must be a JSON string that adheres to the following information:
| Property | Value | Required | Details |
|---|---|---|---|
| Timestamp | When to process the request | Yes | Must be an ISO 8601 extended format date and time in UTC and may be set to a value in the future to schedule the request.
|
| Type | The type of request | Yes | Must be a string with the following value: Delegation |
| Action | Action for the request | Yes | Must be one of the following approved verbs: Grant, Revoke |
| Path | OU targetted by the request | Yes | Must be an OU under the Department OU of the department.
|
| Principal | AD group in the delegation | Yes | Must be an Active Directory security group.
|
| Delegation | Permissions for request | Yes | Must be one of the supported delegations (see: Supported Delegations) and must not contain any white space.
|
| RequestedBy | User submitting the request | Yes | Must be the department administrator submitting the request. Validated against the Administrators group for the department.
|
| RequestedFor | EID requesting the delegation | Yes | Must be the EID of the user who requested the delegation. Validated against active EIDs in Active Directory. |
| Notes | Additional information | No | Text field to store information about the delegation request. |
Examples
The following JSON string is an example of a valid request string:
{
"Timestamp":"2024-03-01T12:00:00.000Z",
"Type":"Delegation",
"Action":"Grant",
"Path":"OU=Test-Delegation,OU=ALEX,OU=Departments,DC=austin,DC=utexas,DC=edu",
"Principal":"ALEX-Accounts",
"Delegation":"Group",
"RequestedBy":"ALEX-barthag",
"RequestedFor":"barthag",
"Notes":"This is a test delegation"
}