POST /api/groups/requests/{MembershipRequestID}/actions

Executes an action that is available for a given membership request. The two possible actions are to approve or disapprove the request.

Authorization Roles/Permissions: This operation doesn't require any specific role; in theory, anyone can invoke the operation. However, the workflow action itself has requirements regarding who can execute it. The user invoking the operation must be authorized to execute the specific workflow action, or the operation will fail. For example, an app administrator can request an API contract for his/her own app, but not for another app. For more information, see Executing Workflow Actions.

Authorization token renewal: This operation changes information that is reflected in the authorization token; therefore, when invoking this operation, you must also renew the token.

This topic includes the following sections:

HTTP Method

POST

Back to top

URL

https://{hostname}/api/groups/requests/{MembershipRequestID}/actions

Back to top

Sample Request

The example below shows an invited user declining an invitation to join a group, and entering a comment in response to the invitation.

Request URL

https://{hostname}/api/groups/requests/group_member_req24576.acmepaymentscorp/actions

Sample request headers

POST /api/groups/requests/group_member_req24576.acmepaymentscorp/actions HTTP/1.1
Host: {hostname}
Accept: */*
Content-Type: application/json; charset=UTF-8
X-Csrf-Token_{tenant}: {TokenID}

Sample request body

{
  "ActionName":"group.membership.action.decline",
  "Comments":"Sorry, Jane, can't take this on right now. Appreciate the invite though."
}

Back to top

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept Any Accept header value that supports a response Content-Type of text/plain is valid; for example, */*.
Content-Type

Any one of the following media types is valid for the request Content-Type:

application/json, application/vnd.soa.v71+json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json

X-Csrf-Token_{fedmemberID} The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform.

Back to top

Request Parameters

Parameter Parm Type Data Type Required Description
MembershipRequestID Path string Required A unique ID assigned by the platform to the team membership request.
Action Body Action Required

Contains information about an action performed on a resource as part of a workflow-related activity.

For information on possible values, see All Groups: Valid Workflow Actions. ActionName is required.

Back to top

Response

If successful, this operation returns HTTP status code 200, with the MembershipRequestID as confirmation that the operation completed successfully.

Back to top

Sample Response

In the sample response below, the MembershipRequestID is returned as confirmation that the operation completed successfully.

Sample response headers

HTTP/1.1 200 OK
Content-Type: text/plain
Date: Fri, 14 Jun 2013 18:40:25 GMT
Atmo-Renew-Token: renew

Sample response body

group_member_req24576.acmepaymentscorp

Back to top

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Atmo-Renew-Token renew. This is a custom response header used when the action of the method causes a change in a value that's stored in the token. The token includes information on the user's apps, APIs, and groups, so actions such as adding an app or accepting an invitation to join an app team require update of the token. A value of renew means that the operation has changed some information that's stored in the token, and you must therefore renew the token using the POST /api/login/renewToken operation.
Content-Type text/plain

Back to top

Response Body

Name Type Description
MembershipRequestID string The unique ID assigned by the platform to the team membership request.

Back to top

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header.
404 The resource could not be found.
405 Method Not Allowed. For example, you might get this if you specified an invalid Accept header or omitted a required Content-Type header.
409 Invalid action for current resource state: the action attempted was not valid for the team member's current state.
500 An error occurred processing the call.

More information about Akana API Platform API error messages.

Back to top

Related Topics