# Change requests

## Request authorization for a change request

 - [POST /v1/change_requests/{change_request_id}/authorize](https://docs.solarisgroup.com/api-reference/onboarding/device-management/change-requests/paths/~1v1~1change_requests~1%7Bchange_request_id%7D~1authorize/post.md): This endpoint initiates an SMS OTP or device signing challenge to authorize a change request. For SMS OTP challenges: include the  of the person to whom the SMS challenge should be sent in the body of the request. This person must have a verified mobile number. If the change request relates to a change on a business, then the person must have the necessary role to authorize the change request. For device signing challenges: Include the  of the device to use for authorizing the change request. This device must already be registered via the device binding process.

## Confirm change request authorization

 - [POST /v1/change_requests/{change_request_id}/confirm](https://docs.solarisgroup.com/api-reference/onboarding/device-management/change-requests/paths/~1v1~1change_requests~1%7Bchange_request_id%7D~1confirm/post.md): Confirms a change request by validating an SMS OTP or device signature provided by the customer. Your solution must collect either the OTP or the signature from the customer in its frontend after calling the  method. When the change request is successfully confirmed, the response will include metadata around the created/updated resource, a  with its properties, and the relevant  for the creation/update operation.  If the  of the change request authorization was  (i.e., for testing purposes), then set the value of  to .