Running an Access Request Command<\/h2>\n\n\n\n

The following is a sample command to create an access request. This will grant the user temporary admin privileges on the specified device that will be automatically revoked at the expiry time.  <\/p>\n\n\n\n

\n

curl –location ‘https:\/\/console.jumpcloud.com\/api\/v2\/accessrequests’ \\
–header ‘x-api-key: $JC_API_KEY’ \\
–header ‘X-Org-Id: $JC_ORG_ID’ \\
–header ‘Content-Type: application\/json’ \\
–data ‘{
  “requestorId”: “$JC_User_ID”,
  “resourceId”: “$JC_Device_ID”,
  “resourceType”: “device”,
  “remarks”: “”,
  “expiry”: “2024-05-10T13:57:45.497Z”,
  “operationId”: “ff487bda-e18f-42ed-9d6c-5c7cafd6adf9”,
  “additionalAttributes”: {
    “sudo”: {
      “enabled”: true,
      “withoutPassword”: false
    }
  }
}’<\/p>\n<\/div><\/div>\n\n\n\n

You\u2019ll need to enter the relevant information into the following fields to create the access request:<\/p>\n\n\n\n

\n
• x-api-key<\/kbd>\n
  \n
  • Your API key.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
  • X-Org-Id<\/kbd>\n
    \n
    • Your JumpCloud Organizational ID.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
    • requestorId<\/kbd>\n
      \n
      • The objectID of the user you\u2019re granting temporary elevated privileges.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
      • resourceId<\/kbd>\n
        \n
        • The objectID of the user\u2019s device.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
        • resourceType<\/kbd>\n
          \n
          • This is defined as \u201cdevice\u201d for this request.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
          • expiry<\/kbd>\n
            \n
            • The time in UTC when the user\u2019s temporary elevated privileges will expire.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n

              Successful completion of the command will create the access request and return an accessID which can be used to query, update, or revoke it ahead of expiration.<\/p>\n\n\n\n

              \n

              {
                  “id”: “$ACCESS_ID”
              }<\/p>\n<\/div><\/div>\n\n\n\n

              Querying an Access Request<\/h2>\n\n\n\n

              You can use the accessID returned in the previous step to query the status of the access request. Replace the $ACCESS_ID<\/kbd> below with the returned value.<\/p>\n\n\n\n

              \n

              curl –location ‘https:\/\/console.jumpcloud.com\/api\/v2\/accessrequests\/$ACCESS_ID\u2019 \\
              –header ‘Accept: application\/json’ \\
              –header ‘x-api-key: $JC_API_KEY<\/p>\n<\/div><\/div>\n\n\n\n

              This will return details of the access request:<\/p>\n\n\n\n

              \n

              {
                  “id”: 16839,
                  “applicationIntId”: “”,
                  “accessId”: “ACCESS_ID”,
                  “onBehalfOfUserId”: “redacted”,
                  “requestorId”: “$JC_User_ID”,
                  “tempGroupId”: “”,
                  “resourceId”: “$JC_Device_ID”,
                  “resourceType”: “device”,
                  “accessState”: “granted”,
                  “remarks”: “”,
                  “expiry”: “2024-05-10T13:57:45Z”,
                  “version”: 0,
                  “createdBy”: “redacted”,
                  “updatedBy”: “redacted”,
                  “operationId”: “ff487bda-e18f-42ed-9d6c-5c7cafd6adf9”,
                  “additionalAttributes”: “eyJzdWRvIjogeyJlbmFibGVkIjogdHJ1ZSwgIndpdGhvdXRQYXNzd29yZCI6IGZhbHNlfX0=”,
                  “duration”: 148664,
                  “metadata”: “”,
                  “jobId”: “ZjvjIVIlzQABNQxS”,
                  “companyId”: “YkX0p4k4MlRDoC8n”
              }<\/p>\n<\/div><\/div>\n\n\n\n

              Updating an Access Request<\/h2>\n\n\n\n

              You can also use the accessID to update an existing access request. For example, you can extend the duration of the user\u2019s temporary admin access. This example extends the expiry 1 day past the original command from 2024-05-10 to 2024-05-11.<\/p>\n\n\n\n

              \n

              curl –location –request PUT ‘https:\/\/console.jumpcloud.com\/api\/v2\/accessrequests\/$ACCESS_ID’ \\
              –header ‘Content-Type: application\/json’ \\
              –header ‘Accept: application\/json’ \\
              –header ‘x-api-key: $JC_API_KEY’ \\
              –data ‘{
                “additionalAttributes”: {},
                “expiry”: “2024-05-11T19:42:30.404Z”,
                “organizationObjectId”: “$JC_Device_ID”,
                “requestorId”: “redacted”,
                “remarks”: “<string>”
              }’<\/p>\n<\/div><\/div>\n\n\n\n

              Revoking an Access Request<\/h2>\n\n\n\n

              To revoke an access request and remove a user\u2019s temporary admin access ahead of the expiration, use the following command. Replace the $ACCESS_ID<\/kbd> below with the returned value in the first step after creating the access request:<\/p>\n\n\n\n

              \n

              curl –location –request POST ‘https:\/\/console.jumpcloud.com\/api\/v2\/accessrequests\/$ACCESS_ID\/revoke’ \\
              –header ‘Accept: application\/json’ \\
              –header ‘x-api-key: $JC_API_KEY’<\/p>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"

              This article explains how to use the JumpCloud API to set temporary elevated device privileges for a user in your […]<\/p>\n","protected":false},"author":218,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"2normal","inline_featured_image":false,"footnotes":""},"support_category":[2917,2856,3003,2850],"support_tag":[],"coauthors":[3011],"acf":[],"yoast_head":"\n