POST /api/groups/requests/{MembershipRequestID}/actions
Executes an action that is available for a given membership request. The two possible actions are to approve or disapprove the request.
Authorization Roles/Permissions: This operation doesn't require any specific role; in theory, anyone can invoke the operation. However, the workflow action itself has requirements regarding who can execute it. The user invoking the operation must be authorized to execute the specific workflow action, or the operation will fail. For example, an app administrator can request an API contract for his/her own app, but not for another app. For more information, see Executing Workflow Actions.
Authorization token renewal: This operation changes information that is reflected in the authorization token; therefore, when invoking this operation, you must also renew the token.
This topic includes the following sections:
HTTP Method
POST
URL
https://{hostname}/api/groups/requests/{MembershipRequestID}/actions
Sample Request
The example below shows an invited user declining an invitation to join a group, and entering a comment in response to the invitation.
Sample Request URL
https://{hostname}/api/groups/requests/group_member_req24576.acmepaymentscorp/actions
Sample request headers
POST /api/groups/requests/group_member_req24576.acmepaymentscorp/actions HTTP/1.1
Host: {hostname}
Accept: */*
Content-Type: application/json; charset=UTF-8
X-Csrf-Token_acmepaymentscorp: TokenID%3D8ed70a13-8469-11e8-b37a-b155e4eabeb8%2CexpirationTime%3D153...
Sample request body
{
"ActionName":"group.membership.action.decline",
"Comments":"Sorry, Jane, can't take this on right now. Appreciate the invite though."
}
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept | Any Accept header value that supports a response Content-Type of text/plain is valid; for example, */*. |
| Content-Type |
Any one of the following media types is valid for the request Content-Type: application/json, application/vnd.soa.v71+json, application/vnd.soa.v72+json, application/vnd.soa.v80+json, application/vnd.soa.v81+json |
| Cookie | AtmoAuthToken_{fedmemberid}={cookie value, which usually starts with TokenID}—The platform cookie. This is the Akana API Platform authorization token, and must be sent with every API request that requires login. For more information and an example, see Session cookies. |
| X-Csrf-Token_{fedmemberID} | The CSRF prevention header; may or may not be required, depending on platform settings. See CSRF Prevention on the Platform. By default, the CSRF header is not required for GET operations and is required for all others, with a few exceptions relating to user login. |
Request Parameters
| Parameter | Parm Type | Data Type | Required | Description |
|---|---|---|---|---|
| MembershipRequestID | Path | string | Required | A unique ID assigned by the platform to the team membership request. |
| Action | Body | Action | Required |
Contains information about an action performed on a resource as part of a workflow-related activity. For information on possible values, see All Groups: Valid Workflow Actions. ActionName is required. |
Response
If successful, this operation returns HTTP status code 200, with the MembershipRequestID as confirmation that the operation completed successfully.
Sample Response
In the sample response below, the MembershipRequestID is returned as confirmation that the operation completed successfully.
Sample response headers
HTTP/1.1 200 OK Content-Type: text/plain Date: Fri, 14 Jun 2013 18:40:25 GMT Atmo-Renew-Token: renew
Sample response body
group_member_req24576.acmepaymentscorp
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | text/plain |
| Atmo-Renew-Token | renew |
Response Body
| Name | Type | Description |
|---|---|---|
| MembershipRequestID | string | The unique ID assigned by the platform to the team membership request. |
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 401 | Unauthorized. For example, you would get this response if you didn't include the custom X-Csrf-Token_{fedmemberID} header in the request, when it was required by the platform settings; or if you included an invalid or expired value for this header. You would also get this response for any operation that requires login (almost all) if the login cookie was missing. |
| 404 | The resource could not be found. |
| 405 | Method Not Allowed. You might get this if there is an error in the URL, or if you used the wrong HTTP verb. |
| 409 | Invalid action for current resource state: the action attempted was not valid for the team member's current state. |
| 500 | An error occurred processing the call. |
More information about Akana API Platform API error messages.