Update Review Status

curl --request PUT \
  --url https://use.hoop.dev/api/reviews/{id} \
  --header 'Content-Type: application/json' \
  --data '
{
  "status": "APPROVED"
}
'

{
  "access_duration": 0,
  "created_at": "2024-07-25T15:56:35.317601Z",
  "id": "9F9745B4-C77B-4D52-84D3-E24F67E3623C",
  "review_groups_data": [
    {
      "group": "sre",
      "id": "20A5AABE-C35D-4F04-A5A7-C856EE6C7703",
      "review_date": "2024-07-25T19:36:41Z",
      "reviewed_by": {
        "email": "[email protected]",
        "id": "D5BFA2DD-7A09-40AE-AFEB-C95787BA9E90",
        "name": "John Wick",
        "slack_id": "U053ELZHB53"
      },
      "status": "APPROVED"
    }
  ],
  "revoke_at": "",
  "session": "35DB0A2F-E5CE-4AD8-A308-55C3108956E5",
  "status": "PENDING",
  "type": "onetime"
}

Reviews

Update Review Status

Update the status of a review resource by its resource ID or session ID. This endpoint is used to approve, reject, or revoke reviews for session execution requests.

Overview

When a user interacts with a session, a review resource is automatically created containing the configured review groups, each initially set to PENDING status. All groups must be approved before the session can be executed.

The review status updates affect each review group based on the caller’s context. Once all groups are APPROVED, or if any group becomes REJECTED or REVOKED, the overall resource status updates accordingly.

Review Groups

Review groups contain individual review entries that must be completed by authorized users from specific groups. Each entry represents a required approval from a designated reviewer group.

Initial State

When a review is created, each group entry is populated with the following structure:

{
    "id": "aaa257be-5cc9-401d-ae7e-18ae806d366a",
    "group": "banking",
    "status": "PENDING",
    "reviewed_by": null,
    "review_date": null
}

Completed Review State

After a review is completed, the entry includes the status, review timestamp, and reviewer information:

{
    "id": "a546dfba-d917-4c2b-bc38-7852a7932573",
    "group": "banking",
    "status": "REJECTED",
    "reviewed_by": {
        "id": "17e4ff1a-104c-482c-be68-3c01bfc7028e",
        "name": "John Doe",
        "email": "[email protected]",
        "slack_id": ""
    },
    "review_date": "2025-05-27T16:40:05.519754143Z"
}

Review States

User-Controlled States

These states are set directly by reviewers:

APPROVED - The resource has been approved by the reviewer
REJECTED - The resource is rejected and cannot be updated further
REVOKED - The resource is revoked and cannot be updated further

System-Controlled States

These states are managed automatically by the gateway:

PENDING - Initial state when the review is created
PROCESSING - Session is being executed; review cannot be updated
EXECUTED - Session completed successfully; review cannot be updated
UNKNOWN - Session executed but outcome is indeterminate

General Rules

Review Permissions

Reviews can only be performed when the resource status is PENDING or APPROVED
Resource owners cannot self-approve - approval requires another member of the same group
Users are only eligible to review if they are not the resource owner or are administrators

Multi-Group Reviews

If a user belongs to multiple groups, separate review entries are updated for each group
All group reviews must be completed before session execution

Status Transitions

Setting any review to REJECTED immediately changes the overall resource status and prevents further updates
APPROVED reviews can still be changed to REJECTED or REVOKED at any time by the resource owner or administrators
Once a review reaches REJECTED or REVOKED the resource is considered as immutable and it cannot be updated again

Final States

Reviews in PROCESSING, EXECUTED, or UNKNOWN states are immutable and cannot be modified.

PUT

reviews

{id}

Update Review Status

curl --request PUT \
  --url https://use.hoop.dev/api/reviews/{id} \
  --header 'Content-Type: application/json' \
  --data '
{
  "status": "APPROVED"
}
'

{
  "access_duration": 0,
  "created_at": "2024-07-25T15:56:35.317601Z",
  "id": "9F9745B4-C77B-4D52-84D3-E24F67E3623C",
  "review_groups_data": [
    {
      "group": "sre",
      "id": "20A5AABE-C35D-4F04-A5A7-C856EE6C7703",
      "review_date": "2024-07-25T19:36:41Z",
      "reviewed_by": {
        "email": "[email protected]",
        "id": "D5BFA2DD-7A09-40AE-AFEB-C95787BA9E90",
        "name": "John Wick",
        "slack_id": "U053ELZHB53"
      },
      "status": "APPROVED"
    }
  ],
  "revoke_at": "",
  "session": "35DB0A2F-E5CE-4AD8-A308-55C3108956E5",
  "status": "PENDING",
  "type": "onetime"
}

Path Parameters

string

required

Resource identifier of the review

Body

application/json

The request body resource

status

enum<string>

required

The reviewed status

APPROVED - Approve the review resource
REJECTED - Reject the review resource
REVOKED - Revoke an approved review

Available options:

APPROVED,

REJECTED,

REVOKED

Example:

"APPROVED"

Response

access_duration

integer

default:1800000000000

The amount of time (nanoseconds) to allow access to the connection. It's valid only for jit type reviews

Example:

0

created_at

string

The time the resource was created

Example:

"2024-07-25T15:56:35.317601Z"

string<uuid>

Resource identifier

Example:

"9F9745B4-C77B-4D52-84D3-E24F67E3623C"

review_groups_data

object[]

Contains the groups that requires to approve this review

Show child attributes

review_groups_data.group

string

The group to approve this review

Example:

"sre"

review_groups_data.id

string<uuid>

The resource identifier

Example:

"20A5AABE-C35D-4F04-A5A7-C856EE6C7703"

review_groups_data.review_date

string

The date which this review was performed

Example:

"2024-07-25T19:36:41Z"

review_groups_data.reviewed_by

object

The review owner

Show child attributes

review_groups_data.reviewed_by.email

string

The email of the owner

Example:

"[email protected]"

review_groups_data.reviewed_by.id

string<uuid>

The resource identifier

Example:

"D5BFA2DD-7A09-40AE-AFEB-C95787BA9E90"

review_groups_data.reviewed_by.name

string

The display name of the owner

Example:

"John Wick"

review_groups_data.reviewed_by.slack_id

string

The Slack ID of the owner

Example:

"U053ELZHB53"

review_groups_data.status

enum<string>

The reviewed status

APPROVED - Approve the review resource
REJECTED - Reject the review resource
REVOKED - Revoke an approved review

Available options:

APPROVED,

REJECTED,

REVOKED

Example:

"APPROVED"

revoke_at

string

The time when this review was revoked

Example:

""

session

string<uuid>

The id of session

Example:

"35DB0A2F-E5CE-4AD8-A308-55C3108956E5"

status

enum<string>

The status of the review

PENDING - The resource is waiting to be reviewed
APPROVED - The resource is fully approved
REJECTED - The resource is fully rejected
REVOKED - The resource was revoked after being approved
PROCESSING - The review is being executed
EXECUTED - The review was executed
UNKNOWN - Unable to know the status of the review

Available options:

PENDING,

APPROVED,

REJECTED,

REVOKED,

PROCESSING,

EXECUTED,

UNKNOWN

type

enum<string>

The type of the review

onetime - Represents a one time execution
jit - Represents a time based review

Available options:

onetime,

jit

Get Review Update Review Status By Sid

⌘I

Agents

Authentication

Connections

Data Masking Rules

AWS

Features

Guard Rails

Server Management

Jira

Organization Management

Plugins

Runbooks

Proxy Manager

Reports

Resources

Reviews

Search

User Management

Sessions

Update Review Status

Overview

Review Groups

Initial State

Completed Review State

Review States

User-Controlled States

System-Controlled States

General Rules

Review Permissions

Multi-Group Reviews

Status Transitions

Final States

Path Parameters

Body

Response