Remove an access review
post
/access-governance/access-reviews/20250331/accessReviews/{accessReviewId}/actions/remove
Removing the unmatched account for the access review.
Request
Path Parameters
-
accessReviewId(required): string
Unique access review identifier.
Header Parameters
-
if-match: string
For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
-
opc-request-id: string
The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.
Details to remove the Access Review.
Root Schema : AcceptOrRevokeAccessReviewDetails
Type:
objectDetails to accept or revoke the access review.
Show Source
-
justification:
string
Maximum Length:
500The justification for the decision.
Response
Supported Media Types
- application/json
202 Response
Successfully submitted request to remove assignment of the access review.
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
400 Response
Bad Request
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
401 Response
Unauthorized
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
404 Response
Not Found
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
412 Response
Precondition failed
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
429 Response
Too Many Requests
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
500 Response
Internal Server Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Default Response
Unknown Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Examples
The following example shows how to remove an unmatched account. Select the Ownership task review ID for an Unmatched account. After removal, you can run /access-governance/access-reviews/20250331/accessReviews/{accessReviewId}/priorActions to view the audit trail for this access review task.
Note:
Generate Access Token usinggrant_type = password or Authorization code.
cURL Request Example
curl -i -X POST \
-H "Authorization:Bearer <your-access-token>" \
-H "Content-Type:application/json" \
-d \
'{
"justification": "Account not tied to any active identity."
}'
'<${service-instance-url}/access-governance/access-reviews/${version}/accessReviews/${accessReviewId}/actions/remove>'Sample Request Payload
Select
POST and add the following URL${si}/access-governance/access-reviews/${version}/accessReviews/${accessReviewId}/actions/remove{
"justification": "Account not tied to any active identity"
}Example of the Response Code
You'll receive 204 No Content response no body content.
Verify Removal through Audit Trail of an Access Review Task
Run the following API using the access review task
/access-governance/access-reviews/20250331/accessReviews/{accessReviewId}/priorActionsYou'll receive the following response:
{
"items": [
{
"campaignName": "Event - Unmatched Accounts Review - June 2025",
"level": 1,
"reviewerName": "John Doe",
"reviewerType": "CUSTOM_USER",
"action": "REMOVE",
"timeReviewed": "2025-06-12T11:18:11.626Z",
"isAutoActioned": null,
"isCompletionRuleActioned": null,
"justification": "Account not linked to any active identity",
"finalAction": "REMOVE",
"subLevel": null,
"hasSodViolation": false
}
]
}