Get details of an access review
get
/access-governance/access-reviews/20250331/accessReviews/{accessReviewId}
Returns details of the access review for a given accessReviewId.
Request
Path Parameters
-
accessReviewId(required): string
Unique access review identifier.
Header Parameters
-
opc-request-id: string
The client request ID for tracing. The only valid characters for request IDs are letters, numbers, underscore, and dash.
Response
Supported Media Types
- application/json
200 Response
The access review.
Headers
-
etag: string
For optimistic concurrency control. See `if-match`.
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : AccessReview
Type:
objectThe access review task.
Show Source
-
accountType:
string
Allowed Values:
[ "PRIMARY", "SERVICE" ]The type of the account. -
additionalAttributes:
object AdditionalAttributes
Additional attributes.
-
assignmentAttributes:
array assignmentAttributes
The attributes of the assignment.
-
assignmentDescription:
string
The description of the assignment.
-
assignmentId:
string
The id of the assignment to be reviewed.
-
assignmentName(required):
string
The name of the assignment to be reviewed.
-
assignmentType(required):
string
Allowed Values:
[ "ACCOUNT", "PERMISSION", "ROLE", "POLICY", "IC_STRUCTURAL", "UNMATCHED_ACCOUNT", "ORCH_SYSTEM", "AM_WORKFLOW", "ACCESS_GUARDRAIL" ]The type of the assignment to be reviewed. -
campaignName(required):
string
The campaign name.
-
campaignType(required):
string
Allowed Values:
[ "ACCESS", "OWNERSHIP" ]review task belongs to which campaign type (access or ownership). -
daysRemaining(required):
integer
The number of days remaining.
-
delegatedBy:
string
The task owner/reviewer.
-
delegatedTo:
string
The task delegated reviewer.
-
entityAttributes:
array entityAttributes
The attributes of the entity.
-
entityName(required):
string
The entity name.
-
entityType(required):
string
The entity type.
-
escalatedBy:
string
The task owner/reviewer.
-
escalatedTo:
object EscalationDetails
escalation details object.
-
grantType:
string
The type of grant mechanism.
-
hasSupportStatement:
boolean
Flag indicating the review task has supporting policy statements or not.
-
id(required):
string
Unique identifier that is immutable on creation.
-
isReassignable:
boolean
Flag indicating whether the review task can be reassigned or not.
-
justificationRule(required):
string
Allowed Values:
[ "REQUIRE_FOR_ALL", "REQUIRE_FOR_REVOKE", "OPTIONAL_FOR_ALL" ]The justification rule for the campaign. -
level:
integer
The reviewer level for this review task.
-
reassignedBy:
string
The task owner/reviewer display name of the original reviewer who reassigned the task.
-
recommendation:
string
Allowed Values:
[ "ACCEPT", "REVIEW" ]The risk level of the access review task. -
templateType:
string
Allowed Values:
[ "IDENTITY", "AG_IDENTITY", "EVENT", "AG_EVENT", "CLOUD_PROVIDER", "POLICY", "IC_STRUCTURAL", "AG_POLICY", "GOVERNANCE_SYSTEM", "AG", "GOVERNANCE_SYSTEM_EVENT", "CLOUD_PROVIDER_EVENT" ]The template type of the campaign. -
timeGranted:
string(date-time)
The date this assignment was given.
Nested Schema : AdditionalAttributes
Type:
objectAdditional attributes.
Show Source
-
description:
string
description.
-
ownerName:
string
name of the Owner.
-
timeCreated:
string(date-time)
creation time.
Nested Schema : assignmentAttributes
Type:
arrayThe attributes of the assignment.
Show Source
-
Array of:
object AssignmentAttribute
The assignment attribute.
Nested Schema : entityAttributes
Type:
arrayThe attributes of the entity.
Show Source
-
Array of:
object EntityAttribute
The entity attribute.
Nested Schema : EscalationDetails
Type:
objectescalation details object.
Show Source
-
level:
integer
escalation level.
-
name:
string
name of user or group.
Nested Schema : AssignmentAttribute
Type:
objectThe assignment attribute.
Show Source
-
type(required):
string
Allowed Values:
[ "PERMISSIONS", "ROLES", "RESOURCES", "POLICY_COUNT", "ROLE_COUNT", "PERMISSION_TYPE", "GRANTED_PERMISSION_TYPE", "OWNERSHIP_COLLECTION_ID" ]The type of the assignment attribute. -
values(required):
array values
The value of the assignment attribute.
Nested Schema : values
Type:
arrayThe value of the assignment attribute.
Show Source
-
Array of:
object ValueDetail
The assignment attribute.
Nested Schema : ValueDetail
Type:
objectThe assignment attribute.
Show Source
-
id:
string
The Id of the assignment attribute.
-
name(required):
string
The name of the assignment attribute.
Nested Schema : EntityAttribute
Type:
objectThe entity attribute.
Show Source
-
displayName:
string
The display name of the entity attribute.
-
format:
string
The format for date custom attribute, null for others.
-
isCustom(required):
boolean
Is the attribute custom attribute or not.
-
name:
string
The name of the entity attribute.
-
type(required):
string
Allowed Values:
[ "TENANCY_NAME", "COMPARTMENT_NAME", "COMPARTMENT_FULL_NAME", "CREATED_BY", "PRIMARY_OWNER", "CREATED_ON", "DOMAIN_NAME", "SHARED_WITH_ORCHESTRATED_SYSTEM", "FIRST_NAME", "LAST_NAME", "ORCHESTRATED_SYSTEM_ID", "ORCHESTRATED_SYSTEM_NAME", "ORPHAN_INSIGHT", "IDENTITY_ATTRIBUTE", "ORCHESTRATED_SYSTEM_TYPE", "ORCHESTRATED_SYSTEM_MODE" ]The type of the entity attribute. -
values(required):
array values
The list of entity attribute values.
400 Response
Bad Request
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
401 Response
Unauthorized
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
404 Response
Not Found
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
429 Response
Too Many Requests
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
500 Response
Internal Server Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Default Response
Unknown Error
Headers
-
opc-request-id: string
Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Root Schema : Error
Type:
objectError Information.
Show Source
-
code(required):
string
A short error code that defines the error, meant for programmatic parsing.
-
message(required):
string
A human-readable error string.
Examples
The following example shows how to retrieve a details for a specific access review task. Replace placeholder values with actual values before running the sample command.
cURL Example - Without Query Parameters
curl -i -X GET \
-H "Authorization:Bearer <your access token>" \
'${service-instance-url}/access-governance/access-reviews/${version}/accessReviews/${accessReviewId}'Example of the Response Body
The following example shows the contents of the response body in JSON format:
{
"id": "ocid1.agcsreviewtask.oc1.iad.amaxxaaapzw5rdxxgmvpxxqbljwzv4rhmihoxro33shataodffzkn7nx2wr2a",
"entityName": "Jordan Pierce",
"entityType": "USER",
"entityAttributes": [
{
"type": "IDENTITY_ATTRIBUTE",
"values": [
"resource.OCI.f10xxf64-7c18-42de-a146-f55c8c363xxx.5d8f1ba6c8cd8a851e469fc65bc74f53"
],
"name": "compartmentId",
"displayName": "Compartment ID",
"format": null,
"isCustom": false
},
{
"type": "IDENTITY_ATTRIBUTE",
"values": [
"false"
],
"name": "agDelegation.hasDelegations",
"displayName": "Delegation",
"format": null,
"isCustom": false
},
{
"type": "IDENTITY_ATTRIBUTE",
"values": [
"resource.OCI.f10xxf64-7c18-42de-a146-f55c8c363xxx.ef9e00dc885c34b5390ee1e8bf65d933"
],
"name": "domainId",
"displayName": "Domain ID",
"format": null,
"isCustom": false
},
{
"type": "IDENTITY_ATTRIBUTE",
"values": [
"ocid1.domain.oc1..aaaaaxxxyrdl7hgnjeqbpi4nvt72hxtki4uw7o5zif4j3zfh7zpfc6truzoq"
],
"name": "domainOCID",
"displayName": "Domain OCID",
"format": null,
"isCustom": false
},
{
"type": "IDENTITY_ATTRIBUTE",
"values": [
"jordan.pierce@acmecloud.io"
],
"name": "primaryEmail",
"displayName": "Email",
"format": null,
"isCustom": false
},
{
"type": "PRIMARY_OWNER",
"values": [
null
],
"name": "PrimaryOwner",
"displayName": "Primary owner",
"format": null,
"isCustom": false
},
{
"type": "IDENTITY_ATTRIBUTE",
"values": [
"iad:us-ashburn-1"
],
"name": "region",
"displayName": "Region",
"format": null,
"isCustom": false
}
],
"assignmentId": "376a72xx-e735-4949-b406-f941f0cfxxxx",
"assignmentName": "InfraAuditRole_Prod",
"assignmentType": "ROLE",
"assignmentDescription": "Access role for auditing infrastructure resources",
"assignmentAttributes": [
{
"type": "PERMISSIONS",
"values": [
{
"id": "e350xxxx-3bcd-4dbe-89d6-e0748435xxxx",
"name": "ViewCompartmentUsage"
},
{
"id": "1c57xxxx-f45e-4225-9cd5-f190b73axxxx",
"name": "ManageIAMPolicies"
},
{
"id": "a773xxxx-a71c-4719-95b9-cb79212exxxx",
"name": "AuditDataFlow"
},
{
"id": "e2fexxxx-c65e-4100-98be-1e8999b4xxxx",
"name": "FullLogAnalyticsAccess"
}
]
}
],
"recommendation": "REVIEW",
"campaignName": "InfraOps_EntitlementReview Q2 FY26",
"daysRemaining": 3624,
"accountType": "SERVICE",
"timeGranted": "2024-10-25T03:31:00.000Z",
"grantType": "REQUEST",
"level": 1,
"justificationRule": "REQUIRE_FOR_ALL",
"templateType": "AG",
"campaignType": "ACCESS",
"delegatedBy": null,
"delegatedTo": null,
"hasSupportStatement": false,
"escalatedBy": null,
"escalatedTo": null,
"isReassignable": true,
"reassignedBy": null,
"additionalAttributes": null
}