grants.deny is used to deny a grant. This method can only be called on a grant when it's in the APPROVAL_AWAITED state. This operation can't be undone.
HTTP request
POST https://privilegedaccessmanager.googleapis.com/v1/{name=projects/*/locations/*/entitlements/*/grants/*}:deny
Required. Name of the grant resource which is being denied.
Request body
The request body contains data with the following structure:
JSON representation
{"reason": string}
Fields
reason
string
Optional. The reason for denying this grant. This is required if requireApproverJustification field of the ManualApprovals workflow used in this grant is true.
Response body
If successful, the response body contains an instance of Grant.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-21 UTC."],[[["\u003cp\u003eThis document describes the process of denying a grant using the \u003ccode\u003egrants.deny\u003c/code\u003e method, which is irreversible and only applicable to grants in the \u003ccode\u003eAPPROVAL_AWAITED\u003c/code\u003e state.\u003c/p\u003e\n"],["\u003cp\u003eThe HTTP request uses \u003ccode\u003ePOST\u003c/code\u003e with a specific URL structure that includes path parameters for the grant's name, utilizing gRPC Transcoding syntax.\u003c/p\u003e\n"],["\u003cp\u003eThe request body accepts a JSON structure containing an optional \u003ccode\u003ereason\u003c/code\u003e field, which is mandatory if the related workflow's \u003ccode\u003erequireApproverJustification\u003c/code\u003e is enabled.\u003c/p\u003e\n"],["\u003cp\u003eA successful request results in a response containing an instance of the \u003ccode\u003eGrant\u003c/code\u003e resource.\u003c/p\u003e\n"],["\u003cp\u003eThe operation requires the \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e OAuth scope for authorization.\u003c/p\u003e\n"]]],[],null,[]]
