# Review a submitted timesheet POST https://api.letsdeel.com/rest/v2/time-tracking/timesheets/{timesheet_id}/review Content-Type: application/json Review a successfully submitted timesheet. Only PENDING_REVIEW timesheets can be reviewed, and all associated hours will be approved/rejected at once. **Token scopes**: `time-tracking:write` Reference: https://developer.deel.com/api/endpoints/time-tracking/review-time-tracking-timesheet ## OpenAPI Specification ```yaml openapi: 3.1.0 info: title: Deel HRIS SCIM API version: 1.0.0 paths: /time-tracking/timesheets/{timesheet_id}/review: post: operationId: review-time-tracking-timesheet summary: Review a submitted timesheet description: >- Review a successfully submitted timesheet. Only PENDING_REVIEW timesheets can be reviewed, and all associated hours will be approved/rejected at once. **Token scopes**: `time-tracking:write` tags: - subpackage_timeTracking parameters: - name: timesheet_id in: path description: ID of the timesheet to review required: true schema: type: string format: uuid - name: Authorization in: header description: > ## Authentication The Deel API uses bearer tokens to authenticate requests. All API calls must be made over HTTPS — calls over plain HTTP or without authentication will fail. ```curl curl -X GET 'https://api.letsdeel.com/rest/v2/contracts' \ -H 'Authorization: Bearer YOUR-TOKEN-HERE' ``` [Learn more about authentication](/api/authentication) required: true schema: type: string responses: '201': description: >- Timesheet reviewed successfully. Returns updated timesheet details with review status and review timestamp. content: application/json: schema: $ref: >- #/components/schemas/time-tracking_reviewTimeTrackingTimesheet_Response_201 '400': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '401': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '403': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' '404': description: Timesheet not found. content: application/json: schema: $ref: >- #/components/schemas/ReviewASubmittedTimesheetRequestNotFoundError '422': description: >- Unprocessable entity. Timesheet cannot be reviewed in its current state. content: application/json: schema: $ref: >- #/components/schemas/ReviewASubmittedTimesheetRequestUnprocessableEntityError '500': description: Operation failed. content: application/json: schema: $ref: '#/components/schemas/ApiErrorContainer' requestBody: description: >- Review information for the timesheet. review_reason is required when review_status is REJECTED. content: application/json: schema: type: object properties: data: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostRequestBodyContentApplicationJsonSchemaData required: - data servers: - url: https://api.letsdeel.com/rest/v2 - url: https://api-staging.letsdeel.com/rest/v2 components: schemas: TimeTrackingTimesheetsTimesheetIdReviewPostRequestBodyContentApplicationJsonSchemaDataReviewStatus: type: string enum: - APPROVED - REJECTED description: The review status for the timesheet. Must be APPROVED or REJECTED. title: >- TimeTrackingTimesheetsTimesheetIdReviewPostRequestBodyContentApplicationJsonSchemaDataReviewStatus TimeTrackingTimesheetsTimesheetIdReviewPostRequestBodyContentApplicationJsonSchemaData: type: object properties: review_reason: type: - string - 'null' description: >- Reason for rejecting the timesheet. Required when review_status is REJECTED, optional when APPROVED. review_status: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostRequestBodyContentApplicationJsonSchemaDataReviewStatus description: The review status for the timesheet. Must be APPROVED or REJECTED. required: - review_status title: >- TimeTrackingTimesheetsTimesheetIdReviewPostRequestBodyContentApplicationJsonSchemaData TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaDataReviewStatus: type: string enum: - PENDING_CREATION - PENDING_REVIEW - APPROVED - REJECTED description: Current status of the timesheet review title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaDataReviewStatus TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaData: type: object properties: id: type: string format: uuid description: Unique identifier for the timesheet reviewed_at: type: string format: date-time description: Timestamp when the timesheet was reviewed review_reason: type: - string - 'null' description: >- Reason provided by the reviewer when rejecting the timesheet. Only present when review_status is REJECTED. review_status: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaDataReviewStatus description: Current status of the timesheet review required: - id - reviewed_at - review_status description: Updated timesheet details after review title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaData time-tracking_reviewTimeTrackingTimesheet_Response_201: type: object properties: data: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaData description: Updated timesheet details after review required: - data title: time-tracking_reviewTimeTrackingTimesheet_Response_201 ApiErrorRequest: type: object properties: method: type: string description: The HTTP method of the failed request url: type: string description: The relative URL of the failed request status: type: number format: double description: The status code of the response api_req_id: type: string description: The request ID of the failed request docs: type: string description: >- A link to the official documentation for the requested endpoint resource source: type: string description: The source handler which produced the returned error code: type: number format: double description: The code of the source handler which produced the returned error title: ApiErrorRequest ApiError: type: object properties: message: type: string description: A description of the returned error path: type: string description: The JSON path where input validation failed title: ApiError ApiErrorContainer: type: object properties: request: $ref: '#/components/schemas/ApiErrorRequest' errors: type: array items: $ref: '#/components/schemas/ApiError' title: ApiErrorContainer TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheetReviewStatus: type: string enum: - PENDING_CREATION - PENDING_REVIEW - APPROVED - REJECTED description: Current status of the timesheet review title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheetReviewStatus TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheetSubmissionStatus: type: string enum: - UPLOADING - UPLOAD_FAILED - PROCESSING - SUBMITTED - INVALID - FAILED description: Current status of the timesheet submission title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheetSubmissionStatus TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheet: type: object properties: id: type: string format: uuid description: Unique identifier for the timesheet contract_id: type: string description: External id of the worker's contract associated with the timesheet reviewed_at: type: - string - 'null' format: date-time description: Timestamp when the timesheet was reviewed (if already reviewed) review_status: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheetReviewStatus description: Current status of the timesheet review submission_status: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheetSubmissionStatus description: Current status of the timesheet submission required: - id - contract_id - review_status - submission_status description: Current state of the timesheet that cannot be reviewed title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheet TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetails: type: object properties: timesheet: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetailsTimesheet description: Current state of the timesheet that cannot be reviewed required: - timesheet description: >- Additional details about the error, including the current timesheet state title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetails TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItems: type: object properties: code: type: string description: Machine-readable error code field: type: - string - 'null' description: Name of the field causing the error (for validation issues) details: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItemsDetails description: >- Additional details about the error, including the current timesheet state message: type: string description: Human-readable explanation of the error required: - code - details - message title: >- TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItems ReviewASubmittedTimesheetRequestNotFoundError: type: object properties: errors: type: array items: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItems required: - errors title: ReviewASubmittedTimesheetRequestNotFoundError ReviewASubmittedTimesheetRequestUnprocessableEntityError: type: object properties: errors: type: array items: $ref: >- #/components/schemas/TimeTrackingTimesheetsTimesheetIdReviewPostResponsesContentApplicationJsonSchemaErrorsItems required: - errors title: ReviewASubmittedTimesheetRequestUnprocessableEntityError securitySchemes: deelToken: type: http scheme: bearer description: > ## Authentication The Deel API uses bearer tokens to authenticate requests. All API calls must be made over HTTPS — calls over plain HTTP or without authentication will fail. ```curl curl -X GET 'https://api.letsdeel.com/rest/v2/contracts' \ -H 'Authorization: Bearer YOUR-TOKEN-HERE' ``` [Learn more about authentication](/api/authentication) oauth2: type: http scheme: bearer description: >- Standard OAuth2 security scheme based on https://swagger.io/docs/specification/authentication/ ``` ## SDK Code Examples ```python import requests url = "https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review" payload = { "data": { "review_status": "APPROVED" } } headers = { "Authorization": "Bearer ", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.json()) ``` ```javascript const url = 'https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review'; const options = { method: 'POST', headers: {Authorization: 'Bearer ', 'Content-Type': 'application/json'}, body: '{"data":{"review_status":"APPROVED"}}' }; try { const response = await fetch(url, options); const data = await response.json(); console.log(data); } catch (error) { console.error(error); } ``` ```go package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review" payload := strings.NewReader("{\n \"data\": {\n \"review_status\": \"APPROVED\"\n }\n}") req, _ := http.NewRequest("POST", url, payload) req.Header.Add("Authorization", "Bearer ") req.Header.Add("Content-Type", "application/json") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := io.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) } ``` ```ruby require 'uri' require 'net/http' url = URI("https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true request = Net::HTTP::Post.new(url) request["Authorization"] = 'Bearer ' request["Content-Type"] = 'application/json' request.body = "{\n \"data\": {\n \"review_status\": \"APPROVED\"\n }\n}" response = http.request(request) puts response.read_body ``` ```java import com.mashape.unirest.http.HttpResponse; import com.mashape.unirest.http.Unirest; HttpResponse response = Unirest.post("https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review") .header("Authorization", "Bearer ") .header("Content-Type", "application/json") .body("{\n \"data\": {\n \"review_status\": \"APPROVED\"\n }\n}") .asString(); ``` ```php request('POST', 'https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review', [ 'body' => '{ "data": { "review_status": "APPROVED" } }', 'headers' => [ 'Authorization' => 'Bearer ', 'Content-Type' => 'application/json', ], ]); echo $response->getBody(); ``` ```csharp using RestSharp; var client = new RestClient("https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "Bearer "); request.AddHeader("Content-Type", "application/json"); request.AddParameter("application/json", "{\n \"data\": {\n \"review_status\": \"APPROVED\"\n }\n}", ParameterType.RequestBody); IRestResponse response = client.Execute(request); ``` ```swift import Foundation let headers = [ "Authorization": "Bearer ", "Content-Type": "application/json" ] let parameters = ["data": ["review_status": "APPROVED"]] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api.letsdeel.com/rest/v2/time-tracking/timesheets/880e8400-e29b-41d4-a716-446655440003/review")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error as Any) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume() ```