Configuring Manual Approval Rules heading-link-icon

As described in Registration Approval, membership groups A logical grouping of multiple Corda identities, which communicate and transact with each other using a specific set of CorDapps. can require that member Corda identity that has been granted admission to a membership group. Synonym for a virtual node or group member. registration requests are manually approved (or declined). This section describes how to manage manual registration rules using the Corda REST API.

To add a group approval rule, use the mgm/{holdingidentityshorthash}/approval/rules POST method of the REST API.

For example, to specify that all requests with changes to keys in the Corda namespace must be manually approved:

RULE_PARAMS='{"ruleParams":{"ruleRegex": "corda.*", "ruleLabel": "Review all changes to keys in the Corda namespace"}}'
curl -k -u $REST_API_USER:$REST_API_PASSWORD -d "$RULE_PARAMS" $REST_API_URL/mgm/$MGM_HOLDING_ID/approval/rules
Invoke-RestMethod -SkipCertificateCheck -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Method Post -Uri "$REST_API_URL/mgm/$MGM_HOLDING_ID/approval/rules" -Body (ConvertTo-Json -Depth 4 @{
    ruleLabel = "Review all changes to keys in the Corda namespace",
    ruleRegex = "corda.*"
    }
})

To retrieve all applied group approval rules, use the mgm/{holdingidentityshorthash}/approval/rules GET method.

curl -k -u $REST_API_USER:$REST_API_PASSWORD $REST_API_URL/mgm/$MGM_HOLDING_ID/approval/rules
Invoke-RestMethod -SkipCertificateCheck -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Uri "$REST_API_URL/mgm/$MGM_HOLDING_ID/approval/rules"

This method returns the rules in the following format:

{
  "ruleId": "string",
  "ruleLabel": "string",
  "ruleRegex": "string"
}

To delete an applied group approval rule, pass the ID of the rule to the mgm/{holdingidentityshorthash}/approval/rules/{ruleid} DELETE method. You can retrieve the ID of a rule from the response of creating the rule, or from the response of the GET method described in Viewing Current Group Approval Rules.

curl -k -u $REST_API_USER:$REST_API_PASSWORD -X DELETE $REST_API_URL/mgm/$MGM_HOLDING_ID/approval/rules/<RULE_ID>
Invoke-RestMethod -SkipCertificateCheck -Headers @{Authorization=("Basic {0}" -f $AUTH_INFO)} -Method Delete -Uri "$REST_API_URL/mgm/$MGM_HOLDING_ID/approval/rules/<RULE_ID>"

Was this page helpful?

Thanks for your feedback!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.

We're sorry this page wasn't helpful. Let us know how we can make it better!

Chat with us

Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.

Create an issue

Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.

Propose documentation improvements directly

Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.