POST /api/groups/requests/{MembershipRequestID}/actions

Executes an action that is available for a given membership request. The two possible actions are to approve or disapprove the request.

Authorization Roles/Permissions: This operation doesn't require any specific role; in theory, anyone can invoke the operation. However, the workflow action itself has requirements regarding who can execute it. The user invoking the operation must be authorized to execute the specific workflow action, or the operation will fail. For example, an app administrator can request an API contract for his/her own app, but not for another app. For more information, see Executing Workflow Actions.

Authorization token renewal: This operation changes information that is reflected in the authorization token; therefore, when invoking this operation, you must also renew the token.

This topic includes the following sections:

HTTP Method

POST

URL

https://{hostname}/api/groups/requests/{MembershipRequestID}/actions

Sample Request

The example below shows an invited user declining an invitation to join a group, and entering a comment in response to the invitation.

Sample Request URL

https://{hostname}/api/groups/requests/group_member_req24576.acmepaymentscorp/actions

Sample request headers

POST /api/groups/requests/group_member_req24576.acmepaymentscorp/actions HTTP/1.1
Host: {hostname}
Accept: */*
Content-Type: application/json; charset=UTF-8
X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...

Sample request body

{
  "ActionName":"group.membership.action.decline",
  "Comments":"Sorry, Jane, can't take this on right now. Appreciate the invite though."
}

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept Any Accept header value that supports a response Content-Type of text/plain is valid; for example, */*.
Content-Type

Any one of the following media types is valid for the request Content-Type:

application/json, application/vnd.soa.v71+json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json

Cookie AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies.
X-Csrf-Token_{fedmemberID} The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login.

Request Parameters

Parameter Parm Type Data Type Required Description
MembershipRequestID Path string Required A unique ID assigned by the platform to the team membership request.
Action Body Action Required

Contains information about an action performed on a resource as part of a workflow-related activity.

For information on possible values, see All Groups: Valid Workflow Actions. ActionName is required.

Response

If successful, this operation returns HTTP status code 200, with the MembershipRequestID as confirmation that the operation completed successfully.

Sample Response

In the sample response below, the MembershipRequestID is returned as confirmation that the operation completed successfully.

Sample response headers

HTTP/1.1 200 OK
Content-Type: text/plain
Date: Fri, 14 Jun 2013 18:40:25 GMT
Atmo-Renew-Token: renew

Sample response body

group_member_req24576.acmepaymentscorp

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type text/plain
Atmo-Renew-Token renew

Response Body

Name Type Description
MembershipRequestID string The unique ID assigned by the platform to the team membership request.

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing.
404 The resource could not be found.
405 Method Not Allowed. You might get this if there is an error in the URL, or if you used the wrong HTTP verb.
409 Invalid action for current resource state: the action attempted was not valid for the team member's current state.
500 An error occurred processing the call.

More information about Akana API Platform API error messages.