Delegate Reviewers

Configure delegate Veza users who will be assigned as certification reviewers whenever a specified user would have been assigned.

Method
Operation
syntax

GET

List User Delegations

/api/preview/awf/delegation/users

POST

Add User Delegations

/api/preview/awf/delegation/users:add

POST

Remove User Delegations

/api/preview/awf/delegation/users:remove

Administrators can configure delegate reviewers for managers who would otherwise be assigned or auto-assigned to certification results. Specifying a delegate reviewer for another Veza user allows them to fulfill the responsibilities of that user — for example, if a manager is on leave, out-of-office, or otherwise unavailable.

  • Any certification items assigned to the original reviewer are also assigned to the delegated reviewer.

  • Delegate reviewers are notified of the assignment and receive notifications in place of the original reviewer. They can review and sign-off on any results assigned to the original reviewer.

  • The original reviewer can still act on results, but will not receive assignment or reminder emails.

Examples

Add user delegations

curl -X POST 'https://{{VezaURL}}/api/preview/awf/delegation/users:add' \
-H 'authorization: Bearer '$TOKEN \
-d @configuration.json

The JSON payload contain pairs of original and delegate Workflow Users. You can use List Reviewer Infos to get all the required details for reviewers assigned to a certification.

Add delegation for Veza system users:

{
  "values": [
    {
      "original_user": {
        "user_type": "localCookieUser",
        "id": "2cdfb6e9-6f20-4198-925c-a045a3d690a0",
        "email": "original_reviewer@veza.com",
        "name": "External User"
      },
      "delegate_user": {
        "user_type": "localCookieUser",
        "id": "b8678b1b-0f31-40e4-9842-47b272694354",
        "email": "delegate_reviewer@veza.com",
        "name": "External User"
      }
    }
  ]
}

A successful response will be empty.

You can map both local Veza users and identities from an integrated identity provider.

Add delegation for Okta users (with IdP settings configured):

{
  "values": [
    {
      "original_user": {
        "user_type": "OktaUser",
        "id": "00upa6s0hSGtl1eGL5d5",
        "email": "Abel_Maclead@veza.com",
        "name": "Abel_Maclead@veza.com"
      },
      "delegate_user": {
        "user_type": "OktaUser",
        "id": "00u6h8rl61RiosYzi5d7",
        "email": "adam_lee@veza.com",
        "name": "adam_lee@veza.com"
      }
    }
  ]
}

Note that this assumes the IdP setting are configured to use "idp_unique_id" to correlate identities, as in the Okta example here.

List user delegations

curl 'https://{{VezaURL}}/api/preview/awf/delegation/users' \
-H 'authorization: Bearer '$TOKEN

A successful response will list all configured delegations, contained in a values array:

{
  "values": [
    {
      "original_user": {
        "user_type": "localCookieUser",
        "id": "2cdfb6e9-6f20-4198-925c-a045a3d690a0",
        "email": "original_reviewer@veza.com",
        "name": "Resource Manager"
      },
      "delegate_user": {
        "user_type": "localCookieUser",
        "id": "52c38da6-3b2e-44e9-9787-88ffa5ef398c",
        "email": "delegate_reviewer@veza.com",
        "name": "Backup Manager"
      }
    }
  ]
}

Remove user delegations

To remove delegations, post the configuration to /api/preview/awf/delegation/users:remove.

curl -X POST 'https://{{VezaURL}}/api/preview/awf/delegation/users:remove' \
-H 'authorization: Bearer '$TOKEN \
-d @configuration/to/remove.json

A successful response will be empty.

Last updated