> ## Documentation Index
> Fetch the complete documentation index at: https://hoopdev-feat-new-runbook-parameters.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Review

> Get review resource by the id or session id



## OpenAPI

````yaml https://use.hoop.dev/api/openapiv3.json get /reviews/{id}
openapi: 3.0.3
info:
  contact:
    email: help@hoop.dev
    name: Help
    url: https://help.hoop.dev
  description: >-
    Hoop.dev is an access gateway for databases and servers with an API for
    packet manipulation
  license:
    name: MIT
    url: https://opensource.org/license/mit
  termsOfService: https://hoop.dev/docs/legal/tos
  title: Hoop Api
  version: 1.54.3
servers:
  - url: https://use.hoop.dev/api
security: []
tags:
  - description: >
      Hoop implements Oauth2 and OIDC protocol to authenticate users in the
      system. To obtain a valid access token users need to authenticate in their
      own identity provider which is generated as a JSON response to the
      endpoint `http(s)://use.hoop.dev/api/login`. The identity provider them
      redirects the user to the callback endpoint containing the access token.


      The recommended approach of obtaining an access token is by visiting the
      Webapp main's page or using the **Hoop command line**. Example:


      ```sh

      hoop config create --api-url https://use.hoop.dev

      # save the token after authenticating at $HOME/.hoop/config.toml

      hoop login

      # show token information

      hoop config view --raw

      ```


      With an access token you could use any HTTP client to interact with the
      documented endpoints.

      The token must be sent through the `Authorization` header.


      Example:


      ```sh

      # obtain the current configuration of the server

      curl https://use.hoop.dev/api/serverinfo -H "Authorization: Bearer
      $ACCESS_TOKEN"

      ```
    name: Authentication
  - description: >
      Users are active and assigned to the default organization when they
      signup. A user could be set to an inactive state preventing it from
      accessing the platform, however it’s recommended to manage the state of
      users in the identity provider.


      - The `sub` claim is used as the main identifier of the user in the
      platform.

      - The profile of the user is derived from the id_token claims `email` and
      `name`.


      When a user authenticates for the first time, it performs an automatic
      signup that persist the profile claims along with it’s unique identifier.

      ​

      ### Groups


      Groups allows defining who may access or interact with certain resources.


      - For connection resources it’s possible to define which groups has access
      to a specific connection, this is enforced when the Access Control feature
      is enabled.

      - For review resources, it’s possible to define which groups are allowed
      to approve an execution, this is enforced when the Review feature is
      enabled.


      > This resource could be managed manually via Webapp or propagated by the
      identity provider via ID Token. In this mode, groups are sync when a user
      performs a login.


      ### Roles


      - The `admin` group is a special role that grants full access to all
      resources


      This role should be granted to users that are responsible for managing the
      Gateway. All other users are regular, meaning that they can access their
      own resources and interact with connections.
    name: User Management
  - description: Routes used to manage and obtain information about the runtime server.
    name: Server Management
  - description: Features available in the gateway. See also **Plugin** resources.
    name: Features
  - description: >-
      Proxy manager endpoints controls how clients connect via gRPC in the
      gateway. These endpoints are meant to be used when a client is initialized
      via `hoop proxy-manager`.
    name: Proxy Manager
  - name: Connections
  - name: Agents
  - name: Runbooks
  - name: Guard Rails
  - name: Reviews
  - name: Sessions
  - name: Organization Management
  - name: Reports
  - description: >
      Security audit log API. Only users in the **admin** group can access these
      endpoints.


      Audit log entries record security-relevant events (who performed an
      action, when, on which resource, and whether it succeeded). Use the list
      endpoint with filters to query by actor, resource type, action, outcome,
      or date range. Results are paginated and ordered by `created_at`
      descending.
    name: Audit Logs
paths:
  /reviews/{id}:
    get:
      tags:
        - Reviews
      summary: Get Review
      description: Get review resource by the id or session id
      parameters:
        - description: Resource identifier of the review
          in: path
          name: id
          required: true
          schema:
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.Review'
          description: OK
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.HTTPError'
          description: Not Found
        '500':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/openapi.HTTPError'
          description: Internal Server Error
components:
  schemas:
    openapi.Review:
      properties:
        access_duration:
          default: 1800000000000
          description: >-
            The amount of time (nanoseconds) to allow access to the connection.
            It's valid only for `jit` type reviews
          example: 0
          readOnly: true
          type: integer
        access_request_rule_name:
          description: >-
            The name of the access request rule that triggered this review, if
            null means it was triggered by the review plugin
          example: default-access-request-rule
          readOnly: true
          type: string
        created_at:
          description: The time the resource was created
          example: '2024-07-25T15:56:35.317601Z'
          readOnly: true
          type: string
        force_approval_groups:
          description: Groups that can force approve sessions for this review
          example:
            - sre-team
          items:
            type: string
          readOnly: true
          type: array
        id:
          description: Resource identifier
          example: 9F9745B4-C77B-4D52-84D3-E24F67E3623C
          format: uuid
          readOnly: true
          type: string
        min_approvals:
          description: The minimum number of approvals required for this review
          example: 2
          readOnly: true
          type: integer
        review_groups_data:
          description: Contains the groups that requires to approve this review
          items:
            $ref: '#/components/schemas/openapi.ReviewGroup'
          readOnly: true
          type: array
        revoke_at:
          description: The time when this review was revoked
          example: ''
          readOnly: true
          type: string
        session:
          description: The id of session
          example: 35DB0A2F-E5CE-4AD8-A308-55C3108956E5
          format: uuid
          readOnly: true
          type: string
        status:
          allOf:
            - $ref: '#/components/schemas/openapi.ReviewStatusType'
          description: |-
            The status of the review
            * PENDING - The resource is waiting to be reviewed
            * APPROVED - The resource is fully approved
            * REJECTED - The resource is fully rejected
            * REVOKED - The resource was revoked after being approved
            * PROCESSING - The review is being executed
            * EXECUTED - The review was executed
            * UNKNOWN - Unable to know the status of the review
        time_window:
          allOf:
            - $ref: '#/components/schemas/openapi.ReviewSessionTimeWindow'
          description: The time window configuration that can execute the session
          readOnly: true
        type:
          allOf:
            - $ref: '#/components/schemas/openapi.ReviewType'
          description: |-
            The type of the review
            * onetime - Represents a one time execution
            * jit - Represents a time based review
          enum:
            - onetime
            - jit
          readOnly: true
      type: object
    openapi.HTTPError:
      properties:
        message:
          example: the error description
          type: string
      type: object
    openapi.ReviewGroup:
      properties:
        forced_review:
          description: Indicates if this group is forcing the review
          example: false
          readOnly: true
          type: boolean
        group:
          description: The group to approve this review
          example: sre
          readOnly: true
          type: string
        id:
          description: The resource identifier
          example: 20A5AABE-C35D-4F04-A5A7-C856EE6C7703
          format: uuid
          readOnly: true
          type: string
        review_date:
          description: The date which this review was performed
          example: '2024-07-25T19:36:41Z'
          readOnly: true
          type: string
        reviewed_by:
          allOf:
            - $ref: '#/components/schemas/openapi.ReviewOwner'
          description: The review owner
          readOnly: true
        status:
          allOf:
            - $ref: '#/components/schemas/openapi.ReviewRequestStatusType'
          description: |-
            The reviewed status
            * APPROVED - Approve the review resource
            * REJECTED - Reject the review resource
            * REVOKED - Revoke an approved review
          example: APPROVED
      type: object
    openapi.ReviewStatusType:
      enum:
        - PENDING
        - APPROVED
        - REJECTED
        - REVOKED
        - PROCESSING
        - EXECUTED
        - UNKNOWN
      type: string
    openapi.ReviewSessionTimeWindow:
      properties:
        configuration:
          additionalProperties:
            type: string
          example:
            end_time: '18:00'
            start_time: '09:00'
          type: object
        type:
          allOf:
            - $ref: '#/components/schemas/openapi.ReviewTimeWindowType'
          enum:
            - time_range
      required:
        - configuration
        - type
      type: object
    openapi.ReviewType:
      enum:
        - jit
        - onetime
      type: string
    openapi.ReviewOwner:
      properties:
        email:
          description: The email of the owner
          example: john.wick@bad.org
          readOnly: true
          type: string
        id:
          description: The resource identifier
          example: D5BFA2DD-7A09-40AE-AFEB-C95787BA9E90
          format: uuid
          readOnly: true
          type: string
        name:
          description: The display name of the owner
          example: John Wick
          readOnly: true
          type: string
        slack_id:
          description: The Slack ID of the owner
          example: U053ELZHB53
          readOnly: true
          type: string
      type: object
    openapi.ReviewRequestStatusType:
      enum:
        - APPROVED
        - REJECTED
        - REVOKED
      type: string
    openapi.ReviewTimeWindowType:
      enum:
        - time_range
      type: string

````