# Approve/Reject time-off requests POST https://api.letsdeel.com/rest/v2/time_offs/review Content-Type: application/json Approve/Reject time-off requests in batch. The request body should contain a list of time-off IDs and the desired status (either APPROVED or REJECTED). The response will indicate which requests were successfully processed and which ones encountered errors. **Token scopes**: `time-off:write` Reference: https://developer.deel.com/api/endpoints/time-off/review-time-off-request ## OpenAPI Specification ```yaml openapi: 3.1.0 info: title: Deel HRIS SCIM API version: 1.0.0 paths: /time_offs/review: post: operationId: review-time-off-request summary: Approve/Reject time-off requests description: >- Approve/Reject time-off requests in batch. The request body should contain a list of time-off IDs and the desired status (either APPROVED or REJECTED). The response will indicate which requests were successfully processed and which ones encountered errors. **Token scopes**: `time-off:write` tags: - subpackage_timeOff parameters: - name: Authorization in: header description: > ## Authentication The Deel API uses bearer tokens to authenticate requests. All API calls must be made over HTTPS — calls over plain HTTP or without authentication will fail. ```curl curl -X GET 'https://api.letsdeel.com/rest/v2/contracts' \ -H 'Authorization: Bearer YOUR-TOKEN-HERE' ``` [Learn more about authentication](/api/authentication) required: true schema: type: string responses: '201': description: Review process completed successfully content: application/json: schema: $ref: >- #/components/schemas/time-off_reviewTimeOffRequest_Response_201 '400': description: Operation failed. content: application/json: schema: $ref: >- #/components/schemas/ApproveRejectTimeOffRequests-v2026-01-01RequestBadRequestError '401': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '403': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '404': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '500': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' requestBody: content: application/json: schema: type: object properties: data: type: array items: $ref: >- #/components/schemas/TimeOffsReviewPostRequestBodyContentApplicationJsonSchemaDataItems description: Array of time-offs to be reviewed required: - data servers: - url: https://api.letsdeel.com/rest/v2 - url: https://api-staging.letsdeel.com/rest/v2 components: schemas: TimeOffsReviewPostRequestBodyContentApplicationJsonSchemaDataItemsStatus: type: string enum: - APPROVED - REJECTED description: Decision on whether the time off request was approved or rejected title: TimeOffsReviewPostRequestBodyContentApplicationJsonSchemaDataItemsStatus TimeOffsReviewPostRequestBodyContentApplicationJsonSchemaDataItems: type: object properties: id: type: string description: Time off id status: $ref: >- #/components/schemas/TimeOffsReviewPostRequestBodyContentApplicationJsonSchemaDataItemsStatus description: Decision on whether the time off request was approved or rejected required: - id - status title: TimeOffsReviewPostRequestBodyContentApplicationJsonSchemaDataItems TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataReviewedItemsStatus: type: string enum: - APPROVED - USED - REJECTED description: Time off status after review title: >- TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataReviewedItemsStatus TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataReviewedItems: type: object properties: id: type: string format: uuid description: Time off id status: $ref: >- #/components/schemas/TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataReviewedItemsStatus description: Time off status after review required: - id - status title: TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataReviewedItems TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataNotReviewedItems: type: object properties: id: type: string format: uuid description: Time off id error: type: string description: The error or reason why a time-off could not be reviewed required: - id - error title: >- TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataNotReviewedItems TimeOffsReviewPostResponsesContentApplicationJsonSchemaData: type: object properties: reviewed: type: array items: $ref: >- #/components/schemas/TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataReviewedItems not_reviewed: type: array items: $ref: >- #/components/schemas/TimeOffsReviewPostResponsesContentApplicationJsonSchemaDataNotReviewedItems required: - reviewed - not_reviewed title: TimeOffsReviewPostResponsesContentApplicationJsonSchemaData time-off_reviewTimeOffRequest_Response_201: type: object properties: data: $ref: >- #/components/schemas/TimeOffsReviewPostResponsesContentApplicationJsonSchemaData required: - data description: >- The response contains two lists: one for time-offs that were successfully reviewed and another for those that could not be reviewed. Each time-off in the reviewed list contains its ID and the status it was set to (either APPROVED/USED or REJECTED). The notReviewed list contains the IDs of time-offs that could not be reviewed along with an error message explaining why. title: time-off_reviewTimeOffRequest_Response_201 TimeOffsReviewPostResponsesContentApplicationJsonSchemaErrorsItems: type: object properties: path: type: string description: The JSON path where input validation failed message: type: string description: A description of the returned error title: TimeOffsReviewPostResponsesContentApplicationJsonSchemaErrorsItems TimeOffsReviewPostResponsesContentApplicationJsonSchemaRequest: type: object properties: url: type: string description: The relative URL of the failed request code: type: number format: double description: The code of the source handler which produced the returned error docs: type: string description: >- A link to the official documentation for the requested endpoint resource method: type: string description: The HTTP method of the failed request source: type: string description: The source handler which produced the returned error status: type: number format: double description: The status code of the response api_req_id: type: string description: The request ID of the failed request title: TimeOffsReviewPostResponsesContentApplicationJsonSchemaRequest ApproveRejectTimeOffRequests-v2026-01-01RequestBadRequestError: type: object properties: errors: type: array items: $ref: >- #/components/schemas/TimeOffsReviewPostResponsesContentApplicationJsonSchemaErrorsItems request: $ref: >- #/components/schemas/TimeOffsReviewPostResponsesContentApplicationJsonSchemaRequest title: ApproveRejectTimeOffRequests-v2026-01-01RequestBadRequestError ApiErrorRequest: type: object properties: method: type: string description: The HTTP method of the failed request url: type: string description: The relative URL of the failed request status: type: number format: double description: The status code of the response api_req_id: type: string description: The request ID of the failed request docs: type: string description: >- A link to the official documentation for the requested endpoint resource source: type: string description: The source handler which produced the returned error code: type: number format: double description: The code of the source handler which produced the returned error title: ApiErrorRequest ApiError: type: object properties: message: type: string description: A description of the returned error path: type: string description: The JSON path where input validation failed title: ApiError ApiErrorContainer: type: object properties: request: $ref: '#/components/schemas/ApiErrorRequest' errors: type: array items: $ref: '#/components/schemas/ApiError' title: ApiErrorContainer securitySchemes: deelToken: type: http scheme: bearer description: > ## Authentication The Deel API uses bearer tokens to authenticate requests. All API calls must be made over HTTPS — calls over plain HTTP or without authentication will fail. ```curl curl -X GET 'https://api.letsdeel.com/rest/v2/contracts' \ -H 'Authorization: Bearer YOUR-TOKEN-HERE' ``` [Learn more about authentication](/api/authentication) oauth2: type: http scheme: bearer description: >- Standard OAuth2 security scheme based on https://swagger.io/docs/specification/authentication/ ``` ## SDK Code Examples ```python import requests url = "https://api.letsdeel.com/rest/v2/time_offs/review" payload = { "data": [ { "id": "d290f1ee-6c54-4b01-90e6-d701748f0851", "status": "APPROVED" } ] } headers = { "Authorization": "Bearer ", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.json()) ``` ```javascript const url = 'https://api.letsdeel.com/rest/v2/time_offs/review'; const options = { method: 'POST', headers: {Authorization: 'Bearer ', 'Content-Type': 'application/json'}, body: '{"data":[{"id":"d290f1ee-6c54-4b01-90e6-d701748f0851","status":"APPROVED"}]}' }; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://api.letsdeel.com/rest/v2/time_offs/review" payload := strings.NewReader("{\n \"data\": [\n {\n \"id\": \"d290f1ee-6c54-4b01-90e6-d701748f0851\",\n \"status\": \"APPROVED\"\n }\n ]\n}") req, _ := http.NewRequest("POST", url, payload) req.Header.Add("Authorization", "Bearer ") req.Header.Add("Content-Type", "application/json") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://api.letsdeel.com/rest/v2/time_offs/review") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = 'Bearer ' request["Content-Type"] = 'application/json' request.body = "{\n \"data\": [\n {\n \"id\": \"d290f1ee-6c54-4b01-90e6-d701748f0851\",\n \"status\": \"APPROVED\"\n }\n ]\n}" response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://api.letsdeel.com/rest/v2/time_offs/review") .header("Authorization", "Bearer ") .header("Content-Type", "application/json") .body("{\n \"data\": [\n {\n \"id\": \"d290f1ee-6c54-4b01-90e6-d701748f0851\",\n \"status\": \"APPROVED\"\n }\n ]\n}") .asString(); ``` ```php request('POST', 'https://api.letsdeel.com/rest/v2/time_offs/review', [ 'body' => '{ "data": [ { "id": "d290f1ee-6c54-4b01-90e6-d701748f0851", "status": "APPROVED" } ] }', 'headers' => [ 'Authorization' => 'Bearer ', 'Content-Type' => 'application/json', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://api.letsdeel.com/rest/v2/time_offs/review"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "Bearer "); request.AddHeader("Content-Type", "application/json"); request.AddParameter("application/json", "{\n \"data\": [\n {\n \"id\": \"d290f1ee-6c54-4b01-90e6-d701748f0851\",\n \"status\": \"APPROVED\"\n }\n ]\n}", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = [ "Authorization": "Bearer ", "Content-Type": "application/json" ] let parameters = ["data": [ [ "id": "d290f1ee-6c54-4b01-90e6-d701748f0851", "status": "APPROVED" ] ]] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api.letsdeel.com/rest/v2/time_offs/review")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```