Access Requests

Production - AccessRequestController - 10 endpoints at /api/v1/access-requests

The access request system provides a self-service workflow for users to request additional roles or permissions. Requests go through an approval flow with full audit trail.

6.4.15Request Workflow

Requester submits  -->  Approver reviews  -->  Access granted/denied
  POST /access-requests    POST /{id}/process      Role assigned

Create Request

curl -X POST http://localhost:8081/api/v1/access-requests \
  -H "Content-Type: application/json" \
  -H "X-Tenant-ID: 550e8400-e29b-41d4-a716-446655440000" \
  -H "X-User-ID: 42" \
  -d '{
    "requestedRoleId": 5,
    "reason": "Need admin access to configure dashboards for Q2 project",
    "approverId": 10
  }'

Process Request

# Approve
curl -X POST http://localhost:8081/api/v1/access-requests/{requestId}/approve \
  -H "X-User-ID: 10" \
  -d 'comment=Approved for Q2 project'
 
# Reject
curl -X POST http://localhost:8081/api/v1/access-requests/{requestId}/reject \
  -H "X-User-ID: 10" \
  -d 'comment=Insufficient justification'

Request Status Values

Status	Description
`PENDING`	Awaiting approval
`APPROVED`	Approved by approver
`REJECTED`	Rejected by approver
`CANCELLED`	Cancelled by requester
`REVOKED`	Previously approved access revoked
`ESCALATED`	Escalated to higher authority

View My Requests

curl -X GET "http://localhost:8081/api/v1/access-requests/my-requests?status=PENDING" \
  -H "X-Tenant-ID: 550e8400-e29b-41d4-a716-446655440000" \
  -H "X-User-ID: 42"

View Pending Approvals

curl -X GET http://localhost:8081/api/v1/access-requests/pending-approvals \
  -H "X-User-ID: 10"

Audit Trail

curl -X GET http://localhost:8081/api/v1/access-requests/{requestId}/audit \
  -H "X-Tenant-ID: 550e8400-e29b-41d4-a716-446655440000"

Returns the full AccessRequestAuditLog history for the request.

Error Codes

Code	HTTP Status	Description
`RESOURCE_NOT_FOUND`	404	Request not found
`ACCESS_DENIED`	403	Not authorized to process this request
`BUSINESS_RULE_VIOLATION`	400	Invalid state transition

Password Policies Overview