> For the complete documentation index, see [llms.txt](https://hub.equipme.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://hub.equipme.io/development/api-reference-pro/security-or-authorization.md). # Security | Authorization ## List the authorization requests that you have submitted or for which you are responsible > Authorization requests are requests by a user or customer for certain permission grant.\ > Please check type definitions for current supported cases. ```json {"openapi":"3.0.4","info":{"title":"Equipme Supplier API","version":"v1"},"tags":[{"name":"Security | Authorization"}],"security":[{"ApiKey":[]}],"components":{"securitySchemes":{"ApiKey":{"type":"apiKey","description":"Required for authorization in every request. You can request an API-Key for your tenant in the integrations section of the equipme App.","name":"X-API-KEY","in":"header"}},"schemas":{"AuthorizationRequestSortParameter":{"enum":["creationDate"],"type":"string"},"SortOrder":{"enum":["asc","desc"],"type":"string","description":"Order in which the result of a list request is sorted."},"AuthorizationRequestList":{"required":["items","self","total"],"type":"object","properties":{"previous":{"$ref":"#/components/schemas/ResourceLink"},"next":{"$ref":"#/components/schemas/ResourceLink"},"items":{"type":"array","items":{"$ref":"#/components/schemas/AuthorizationRequest"},"description":"The list of result items."},"total":{"type":"integer","description":"The total number of items.","format":"int32"},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"ResourceLink":{"required":["href"],"type":"object","properties":{"href":{"minLength":1,"type":"string","description":"The target resource URI."},"method":{"type":"string","description":"The HTTP method to use for the request.","nullable":true}},"additionalProperties":false},"AuthorizationRequest":{"required":["id","self"],"type":"object","properties":{"requestingCompany":{"$ref":"#/components/schemas/CompanyReference"},"approvingCompany":{"$ref":"#/components/schemas/CompanyReference"},"creator":{"$ref":"#/components/schemas/EmployeeReference"},"processor":{"$ref":"#/components/schemas/EmployeeReference"},"type":{"$ref":"#/components/schemas/AuthorizationRequestType"},"status":{"$ref":"#/components/schemas/AuthorizationRequestStatus"},"created":{"type":"string","description":"The date and time the authorization request was created.","format":"date-time"},"completed":{"type":"string","description":"The date and time the authorization request was completed.","format":"date-time","nullable":true},"note":{"type":"string","description":"A note on the authorization request. Supports html formatted text including inline css styles.","nullable":true},"id":{"type":"integer","description":"The identifier of the authorization request.","format":"int64"},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"CompanyReference":{"required":["id","name","self"],"type":"object","properties":{"id":{"type":"integer","description":"The id to identify the company in the system.","format":"int64"},"name":{"maxLength":100,"minLength":0,"type":"string","description":"The name of the company."},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"EmployeeReference":{"required":["id","self","username"],"type":"object","properties":{"id":{"type":"integer","description":"The identifier of the employee.","format":"int32"},"firstName":{"maxLength":100,"minLength":0,"type":"string","description":"The first/given name of the employee.","nullable":true},"lastName":{"maxLength":100,"minLength":0,"type":"string","description":"The last/family name of the employee.","nullable":true},"fullName":{"maxLength":150,"minLength":0,"type":"string","description":"Combination of last and firstname","nullable":true,"readOnly":true},"email":{"maxLength":100,"minLength":0,"type":"string","description":"The contact and login mail address.","nullable":true},"username":{"maxLength":100,"minLength":0,"pattern":"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*\\.[a-zA-Z]{2,}$","type":"string","description":"The username to log in to the app. The value has to be an e-mail address."},"costCenter":{"maxLength":100,"minLength":0,"type":"string","description":"The cost center of the employee.","nullable":true},"costCenterId":{"type":"integer","description":"The identifier of the cost center.","format":"int32","nullable":true},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"AuthorizationRequestType":{"enum":["orderAuthorization"],"type":"string"},"AuthorizationRequestStatus":{"enum":["new","inprocess","approved","denied"],"type":"string"},"ErrorResponse":{"type":"object","properties":{"errorCode":{"type":"string","nullable":true},"errorDescription":{"type":"string","nullable":true},"data":{"nullable":true}},"additionalProperties":false}}},"paths":{"/v1/security/authorization-requests":{"get":{"tags":["Security | Authorization"],"summary":"List the authorization requests that you have submitted or for which you are responsible","description":"Authorization requests are requests by a user or customer for certain permission grant.\nPlease check type definitions for current supported cases.","parameters":[{"name":"requestingCompanies","in":"query","description":"Filter by one or more requesting company ids.","schema":{"type":"array","items":{"type":"integer","format":"int32"}}},{"name":"types","in":"query","description":"Filter by one or multiple specific types","schema":{"type":"array","items":{"type":"string"}}},{"name":"status","in":"query","description":"Filter by one or multiple specific statuses","schema":{"type":"array","items":{"type":"string"}}},{"name":"createdAfter","in":"query","description":"Filter the requests created after the specified date.","schema":{"type":"string","format":"date-time"}},{"name":"sortBy","in":"query","description":"Sort the requests by a given criterion","schema":{"$ref":"#/components/schemas/AuthorizationRequestSortParameter"}},{"name":"sortOrder","in":"query","description":"Sort the requests in a given order (asc|desc)","schema":{"$ref":"#/components/schemas/SortOrder"}},{"name":"offset","in":"query","description":"Specifies the index of the first item to return","schema":{"type":"integer","format":"int32","default":0}},{"name":"limit","in":"query","description":"Specifies the maximum number of items to return (min: 1; max: 1000)","schema":{"type":"integer","format":"int32","default":100}}],"responses":{"200":{"description":"OK: A list of authorization requests.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthorizationRequestList"}}}},"400":{"description":"Bad request: See response message for details.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized: Invalid api key.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden: Resource access denied or resource does not exist anymore.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Create an authorization request > Authorization requests are requests by a user or customer for certain permission grant.\ > Please check type definitions for current supported cases. ```json {"openapi":"3.0.4","info":{"title":"Equipme Supplier API","version":"v1"},"tags":[{"name":"Security | Authorization"}],"security":[{"ApiKey":[]}],"components":{"securitySchemes":{"ApiKey":{"type":"apiKey","description":"Required for authorization in every request. You can request an API-Key for your tenant in the integrations section of the equipme App.","name":"X-API-KEY","in":"header"}},"schemas":{"AuthorizationRequestCreate":{"required":["type"],"type":"object","properties":{"type":{"$ref":"#/components/schemas/AuthorizationRequestType"},"note":{"maxLength":10000,"minLength":0,"type":"string","description":"A note on the authorization request. Supports html formatted text including inline css styles.","nullable":true}},"additionalProperties":false},"AuthorizationRequestType":{"enum":["orderAuthorization"],"type":"string"},"AuthorizationRequest":{"required":["id","self"],"type":"object","properties":{"requestingCompany":{"$ref":"#/components/schemas/CompanyReference"},"approvingCompany":{"$ref":"#/components/schemas/CompanyReference"},"creator":{"$ref":"#/components/schemas/EmployeeReference"},"processor":{"$ref":"#/components/schemas/EmployeeReference"},"type":{"$ref":"#/components/schemas/AuthorizationRequestType"},"status":{"$ref":"#/components/schemas/AuthorizationRequestStatus"},"created":{"type":"string","description":"The date and time the authorization request was created.","format":"date-time"},"completed":{"type":"string","description":"The date and time the authorization request was completed.","format":"date-time","nullable":true},"note":{"type":"string","description":"A note on the authorization request. Supports html formatted text including inline css styles.","nullable":true},"id":{"type":"integer","description":"The identifier of the authorization request.","format":"int64"},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"CompanyReference":{"required":["id","name","self"],"type":"object","properties":{"id":{"type":"integer","description":"The id to identify the company in the system.","format":"int64"},"name":{"maxLength":100,"minLength":0,"type":"string","description":"The name of the company."},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"ResourceLink":{"required":["href"],"type":"object","properties":{"href":{"minLength":1,"type":"string","description":"The target resource URI."},"method":{"type":"string","description":"The HTTP method to use for the request.","nullable":true}},"additionalProperties":false},"EmployeeReference":{"required":["id","self","username"],"type":"object","properties":{"id":{"type":"integer","description":"The identifier of the employee.","format":"int32"},"firstName":{"maxLength":100,"minLength":0,"type":"string","description":"The first/given name of the employee.","nullable":true},"lastName":{"maxLength":100,"minLength":0,"type":"string","description":"The last/family name of the employee.","nullable":true},"fullName":{"maxLength":150,"minLength":0,"type":"string","description":"Combination of last and firstname","nullable":true,"readOnly":true},"email":{"maxLength":100,"minLength":0,"type":"string","description":"The contact and login mail address.","nullable":true},"username":{"maxLength":100,"minLength":0,"pattern":"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*\\.[a-zA-Z]{2,}$","type":"string","description":"The username to log in to the app. The value has to be an e-mail address."},"costCenter":{"maxLength":100,"minLength":0,"type":"string","description":"The cost center of the employee.","nullable":true},"costCenterId":{"type":"integer","description":"The identifier of the cost center.","format":"int32","nullable":true},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"AuthorizationRequestStatus":{"enum":["new","inprocess","approved","denied"],"type":"string"},"ErrorResponse":{"type":"object","properties":{"errorCode":{"type":"string","nullable":true},"errorDescription":{"type":"string","nullable":true},"data":{"nullable":true}},"additionalProperties":false}}},"paths":{"/v1/security/authorization-requests":{"post":{"tags":["Security | Authorization"],"summary":"Create an authorization request","description":"Authorization requests are requests by a user or customer for certain permission grant.\nPlease check type definitions for current supported cases.","requestBody":{"description":"The authorization request to be created.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthorizationRequestCreate"}}}},"responses":{"201":{"description":"Created: The created authorization request.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthorizationRequest"}}}},"400":{"description":"Bad request: See response message for details.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized: Invalid api key.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden: Resource access denied or resource does not exist anymore.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Retrieve a single authorization request by its id > Authorization requests are requests by a user or customer for certain permission grant.\ > Please check type definitions for current supported cases. ```json {"openapi":"3.0.4","info":{"title":"Equipme Supplier API","version":"v1"},"tags":[{"name":"Security | Authorization"}],"security":[{"ApiKey":[]}],"components":{"securitySchemes":{"ApiKey":{"type":"apiKey","description":"Required for authorization in every request. You can request an API-Key for your tenant in the integrations section of the equipme App.","name":"X-API-KEY","in":"header"}},"schemas":{"AuthorizationRequest":{"required":["id","self"],"type":"object","properties":{"requestingCompany":{"$ref":"#/components/schemas/CompanyReference"},"approvingCompany":{"$ref":"#/components/schemas/CompanyReference"},"creator":{"$ref":"#/components/schemas/EmployeeReference"},"processor":{"$ref":"#/components/schemas/EmployeeReference"},"type":{"$ref":"#/components/schemas/AuthorizationRequestType"},"status":{"$ref":"#/components/schemas/AuthorizationRequestStatus"},"created":{"type":"string","description":"The date and time the authorization request was created.","format":"date-time"},"completed":{"type":"string","description":"The date and time the authorization request was completed.","format":"date-time","nullable":true},"note":{"type":"string","description":"A note on the authorization request. Supports html formatted text including inline css styles.","nullable":true},"id":{"type":"integer","description":"The identifier of the authorization request.","format":"int64"},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"CompanyReference":{"required":["id","name","self"],"type":"object","properties":{"id":{"type":"integer","description":"The id to identify the company in the system.","format":"int64"},"name":{"maxLength":100,"minLength":0,"type":"string","description":"The name of the company."},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"ResourceLink":{"required":["href"],"type":"object","properties":{"href":{"minLength":1,"type":"string","description":"The target resource URI."},"method":{"type":"string","description":"The HTTP method to use for the request.","nullable":true}},"additionalProperties":false},"EmployeeReference":{"required":["id","self","username"],"type":"object","properties":{"id":{"type":"integer","description":"The identifier of the employee.","format":"int32"},"firstName":{"maxLength":100,"minLength":0,"type":"string","description":"The first/given name of the employee.","nullable":true},"lastName":{"maxLength":100,"minLength":0,"type":"string","description":"The last/family name of the employee.","nullable":true},"fullName":{"maxLength":150,"minLength":0,"type":"string","description":"Combination of last and firstname","nullable":true,"readOnly":true},"email":{"maxLength":100,"minLength":0,"type":"string","description":"The contact and login mail address.","nullable":true},"username":{"maxLength":100,"minLength":0,"pattern":"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*\\.[a-zA-Z]{2,}$","type":"string","description":"The username to log in to the app. The value has to be an e-mail address."},"costCenter":{"maxLength":100,"minLength":0,"type":"string","description":"The cost center of the employee.","nullable":true},"costCenterId":{"type":"integer","description":"The identifier of the cost center.","format":"int32","nullable":true},"self":{"$ref":"#/components/schemas/ResourceLink"}},"additionalProperties":false},"AuthorizationRequestType":{"enum":["orderAuthorization"],"type":"string"},"AuthorizationRequestStatus":{"enum":["new","inprocess","approved","denied"],"type":"string"},"ErrorResponse":{"type":"object","properties":{"errorCode":{"type":"string","nullable":true},"errorDescription":{"type":"string","nullable":true},"data":{"nullable":true}},"additionalProperties":false}}},"paths":{"/v1/security/authorization-requests/{requestId}":{"get":{"tags":["Security | Authorization"],"summary":"Retrieve a single authorization request by its id","description":"Authorization requests are requests by a user or customer for certain permission grant.\nPlease check type definitions for current supported cases.","parameters":[{"name":"requestId","in":"path","description":"The identifier of the authorization request.","required":true,"schema":{"type":"integer","format":"int32"}}],"responses":{"200":{"description":"OK: The requested authorization request.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthorizationRequest"}}}},"400":{"description":"Bad request: See response message for details.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized: Invalid api key.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden: Resource access denied or resource does not exist anymore.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"NotFound: Requested resource could not be found.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Update an existing authorization request > Authorization requests are requests by a user or customer for certain permission grant.\ > Please check type definitions for current supported cases. ```json {"openapi":"3.0.4","info":{"title":"Equipme Supplier API","version":"v1"},"tags":[{"name":"Security | Authorization"}],"security":[{"ApiKey":[]}],"components":{"securitySchemes":{"ApiKey":{"type":"apiKey","description":"Required for authorization in every request. You can request an API-Key for your tenant in the integrations section of the equipme App.","name":"X-API-KEY","in":"header"}},"schemas":{"Operation":{"type":"object","properties":{"value":{"nullable":true},"path":{"type":"string","nullable":true},"op":{"type":"string","nullable":true},"from":{"type":"string","nullable":true}},"additionalProperties":false},"ErrorResponse":{"type":"object","properties":{"errorCode":{"type":"string","nullable":true},"errorDescription":{"type":"string","nullable":true},"data":{"nullable":true}},"additionalProperties":false}}},"paths":{"/v1/security/authorization-requests/{requestId}":{"patch":{"tags":["Security | Authorization"],"summary":"Update an existing authorization request","description":"Authorization requests are requests by a user or customer for certain permission grant.\nPlease check type definitions for current supported cases.","parameters":[{"name":"requestId","in":"path","description":"The identifier of the authorization request.","required":true,"schema":{"type":"integer","format":"int32"}}],"requestBody":{"description":"JSON patch object to update the authorization request note or status.","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/Operation"}}}}},"responses":{"204":{"description":"NoContent: Request has succeeded."},"400":{"description":"Bad request: See response message for details.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized: Invalid api key.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden: Resource access denied or resource does not exist anymore.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"NotFound: Requested resource could not be found.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://hub.equipme.io/development/api-reference-pro/security-or-authorization.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.