# Access Review Settings {% hint style="warning" %} These endpoints can be called by providing a Veza admin user API key. See [Authentication](/4yItIzMvkpAvMVFAamTf/developers/api/authentication.md) to generate a bearer token for use in requests. Note that API operations in the `private` namespace are subject to change as features are added or modified. {% endhint %} Use these APIs to configure [Access Reviews Settings](/4yItIzMvkpAvMVFAamTf/features/access-reviews/configuration/access-review-settings.md) for Veza Access Reviews. The settings that can be configured by a Veza administrator are: * [Review Auto-Complete Settings](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewautocompletesettings.md): Automatically complete reviews once all rows have a signed-off decision, or a non-rejected signed-off decision. * [Review Completion Settings](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewcompletionsettings.md): Enable review completion at any time, or only when all rows are signed off with a non-rejected decision. * [Data Source Acknowledgement](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/datasourceacknowledgement.md): Require review creators to view and acknowledge the data source status shown at review creation. * [Expire Overdue Reviews](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/expireoverduereviews.md): Enable or disable expiration of overdue reviews. * [Review Expiration Behavior](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewexpirationbehavior.md): Reject and sign off incomplete rows when a review expires. * [Self Review Prevention](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/selfreviewprevention.md): Prevent users from being assigned as reviewers for rows that relate to their own access and permissions. * [Review Column Defaults](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewcolumndefaults.md): Configure default columns which reviewers will see when they open a review. * [Review UI Customizations](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewuicustomizations.md): Set whether notes are required when approving or rejecting access. * [Review Sort Order](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewsortorder.md): Set the default sort order and sorting column when opening a review. * [Predefined Decision Notes](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/predefineddecisionnotes.md): Add suggested notes as menu options when reviewers approve or reject rows. * [Review Row Grouping](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewrowgrouping.md): Configure default grouping behavior for review rows to organize data by column values. * [Outlier Detection](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/outlierdetection.md): Configure outlier detection to identify anomalous access patterns by comparing users to peer groups (Early Access, API-only). * [Reviewer Export Settings](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewerexportsettings.md): Control whether reviewers can export review data to CSV or PDF formats. * [Reviewer Bulk Actions Settings](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/reviewerbulkactionssettings.md): Control which bulk actions (approve, reject, sign off, clear decisions, add note, reassign) are available to reviewers. * [Mandatory Due Date Settings](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/mandatoryduedate.md): Configure whether due dates are required when creating or editing access reviews. * [Column Name Overrides](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/columnnameoverrides.md): Customize column display names in the reviewer interface to match your organization's terminology. * [Alternate Reviewer Settings](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/alternatereviewersettings.md): Configure the fallback reviewer selection methods used when a valid reviewer cannot be assigned (Early Access). * [Action Allow List](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings/actionallowlist.md): Restrict which users can delete in-progress reviews or modify their due dates, independent of their Veza role. For each endpoint, a GET request returns the current setting, and a PUT request updates the setting. Use your unique Veza URL and API key (see [Authentication](/4yItIzMvkpAvMVFAamTf/developers/api/authentication.md)) in your request, for example: ```bash curl -X PUT 'https://your-organization.vezacloud.com/api/private/workflows/access/global_settings/cert_completion_settings' \ -H 'authorization: Bearer mZ1eqKMACtP...' \ -d '{"value": "AUTO_COMPLETE_DISABLED"}' ``` ### Postman Collection Use the Postman collection as an alternative to cURL commands for testing and configuring Veza Access Reviews global settings: {% file src="/files/PeY26z3abIYrRavlvCxJ" %} #### Import Instructions To import the collection into Postman: {% tabs %} {% tab title="Import Button" %} 1. Open Postman and click **Import** in the sidebar 2. In the Import modal, click **Choose Files** 3. Select the `access-reviews-global-settings.postman_collection.json` file 4. Click **Import** to complete the process 5. The collection appears in your Collections tab {% endtab %} {% tab title="Drag & Drop" %} 1. Download the collection file to your computer 2. Drag and drop the `.json` file directly into the Postman interface 3. The collection is automatically imported and appears in your Collections tab {% endtab %} {% endtabs %} #### Configure Variables Before using the collection, configure these required variables on the **Variables** tab: | Variable | Description | Example | | ------------- | ------------------------------------------- | ----------------------------------------- | | `baseUrl` | Your Veza instance URL | `https://your-organization.vezacloud.com` | | `apiToken` | Veza admin user API key | `mZ1eqKMACtP...` | | `Workflow ID` | Specific review configuration ID (optional) | `8ae1c414-3a76-46cb-950a-925316b3f264` | The collection uses Bearer token authentication. Your `apiToken` variable automatically populates the Authorization header for all requests. {% hint style="warning" %} **Important:** Use HTTPS (not HTTP) for your `baseUrl` to avoid redirect issues that can drop request bodies in PUT/POST operations. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/developers/api/workflows/access-review-settings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.