# Update Certification Result Apply a decision, note, sign-off, or reviewer change to a numbered certification result. Each row of the certification results can be annotated, marked as ACCEPTED, or REJECTED, signed-off, or assigned to a different reviewer. | Method | syntax | | ------ | ------------------------------------------------------------------------ | | PUT | {{base\_url}}/api/preview/awf/certifications/{certification\_id}/results | #### Parameters | Name | Type | In | Description | | --------- | ------ | ---- | ----------------------------------- | | `cert_id` | string | path | `id` of the certification to update | | `value` | object | body | Mutable fields to update | `value` must include the `result_id` and any mutable fields to update: | Name | Type | Req. | Description | | ------------------ | ----------------------------------------- | ---- | ------------------------------------------------------- | | `result_id` | int | Y | certification result number to update | | `decision` | enum | N | The decision to apply to the result | | `notes` | string | N | Send an empty string " " to clear the current note | | `signed_off_state` | string | N | Can be: `NOT_SIGNED_OFF`, `SIGNED_OFF` | | `reviewers` | [Reviewers](#re-assigning-reviewers)array | N | Contains `Workflow User` details for assigned reviewers | Valid decisions are: * `NONE` // No decision has been made * `ACCEPTED` // The access described in the result row is acceptable * `REJECTED` // The access described in the result row isn't correct * `FIXED` // The access was rejected but has been fixed > Adding a note overwrites the previous value. Historical notes are included in the action log when [Listing Certification Results](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/listaccesscertresults.md). When viewing the row in the UI, only the most recent note is shown. During the 7-day grace period after a certification completes or expires, updating row notes is permitted for the admin, Access Reviews Admin, and operator roles. Other update operations are restricted during this window. For a full summary of grace period permissions, see [Force Update Result](/4yItIzMvkpAvMVFAamTf/developers/api/workflows/forceupdateresult.md). ### Re-assigning `reviewers` A result’s reviewer can be reassigned by updating the `reviewers` field with a list of one or more Access Workflow User objects: | Name | Type | Req. | Description | | ----------- | ------ | ---- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `user_type` | string | Y | Must be the same `user_type` as configured for the [primary workflows Identity Provider](/4yItIzMvkpAvMVFAamTf/features/access-reviews/configuration/global-idp-settings.md#examples). Typical values are `OktaUser`, `CustomIDPUser`, or `AzureADUser`. | | `id` | string | Y | The `user_identity_property` set when configuring the workflows IdP is used to validate a Workflow Reviewer's `identity`. For an Okta user, this would be an `id` such as `00upa6s0hSGtl1eGL5d5`. For a Custom IdP user, this will typically be the IdP users [`identity`](/4yItIzMvkpAvMVFAamTf/developers/api/oaa/templates/custom-identity-provider-template.md#idp-users) set within the OAA payload. | | `email` | string | Y | Must match the `email` property on the local user or graph node. | | `name` | string | Y | Must match the `name` property on the local user or graph node. | ```bash curl -X PUT '{{baseurl}}/api/preview/awf/certifications/{{cert_id}}/results' \ -H 'authorization: Bearer ' $TOKEN \ --data-raw '{"value": {"result_id": 0,"reviewers": [{"user_type": "CustomIDPUser", "id": "125", "email": "cookiedemo@cookie.ai", "name": "Valid Reviewer"}]}}' ``` Note that all fields are required when assigning a reviewer. As of the current release, there is no customer-facing API to get local user `id`s. For this reason, API-based reviewer reassignment is recommended only when a graph IdP is configured as the [Global Workflows IdP](/4yItIzMvkpAvMVFAamTf/features/access-reviews/configuration/global-idp-settings.md#examples), and you can programmatically retrieve required identifiers such as user "name," "id," and "email." ### Examples #### Reject with note ```bash curl -X PUT '{{baseurl}}/api/preview/awf/certifications/f9123002-f056-491f-978f-f203bc9885ed/results' \ -H 'authorization: Bearer '$token \ --data-raw '{ "value": { "result_id": 0, "decision": "REJECTED", "notes": "Over-privileged" } }' ``` #### Change the reviewer to a Custom IdP user ```bash curl -X PUT '{{baseurl}}/api/preview/awf/certifications/{{cert_id}}/results' \ -H 'authorization: Bearer ' $TOKEN \ --data-raw '{"value": {"result_id": 0,"reviewers": [{"user_type": "CustomIDPUser", "id": "125", "email": "cookiedemo@cookie.ai", "name": "Valid Reviewer"}]}}' ``` #### Assign a local user as a reviewer ```bash curl -X PUT '{{baseurl}}/api/preview/awf/certifications/{{cert_id}}/results' \ -H 'authorization: Bearer ' $TOKEN \ --data-raw '{"value": {"result_id": 0,"reviewers": [{"user_type": "localCookieUser", "id": "0ffcfbc7-6339-4aed-afa4-ff3bea505485", "email": "cookie@cookie.ai", "name": "demo-auth0"}]}}' ``` #### Response A successful response will be empty: `{}`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/developers/api/workflows/updateaccesscertresult.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.