# Exemptions#CreateExemption

Create a new Exemption

Endpoint: POST /sto/api/v2/exemptions
Version: 1.0
Security: 

## Query parameters:

  - `accountId` (string, required)
    Harness Account ID
    Example: "abcdef1234567890ghijkl"

  - `orgId` (string, required)
    ID of the Harness Organization to which the exemption applies. Cannot be specified alongside "targetId".
    Example: "your_project"

  - `projectId` (string, required)
    ID of the Harness Project to which the exemption applies. You must also specify "orgId". Cannot be specified alongside "targetId".
    Example: "your_project"

## Header parameters:

  - `X-Api-Key` (string)
    Harness personal or service access token
    Example: "Nobis sit sed iure quas."

## Request fields (application/json):

  - `exemptFutureOccurrences` (boolean)
    States if the user wants to exempt future occurrences of the issue

  - `expiration` (integer)
    Unix timestamp at which this Exemption will expire
    Example: 1651578240

  - `issueId` (string, required)
    Issue ID associated with the Exemption
    Example: "abcdef1234567890ghijkl"

  - `link` (string)
    Link to a related ticket
    Example: "https://example.com/ABC-1234"

  - `occurrences` (array)
    Array of occurrence Ids
    Example: [42,666]

  - `pendingChanges` (object, required)
    Example: {"durationDays":7}

  - `pendingChanges.durationDays` (integer)
    The number of days an issue should be exempted for
    Example: 7

  - `pipelineId` (string)
    ID of the Harness Pipeline to which the exemption applies. You must also specify "projectId" and "orgId". Cannot be specified alongside "targetId".
    Example: "your_pipeline"

  - `reason` (string, required)
    Text describing why this Exemption is necessary
    Example: "Waiting on upstream bug fix"

  - `requesterEmail` (string)
    Email of the user who requested this Exemption
    Example: "user@harness.io"

  - `requesterId` (string, required)
    User ID of the user who requested this Exemption
    Example: "user111111111111111111"

  - `requesterName` (string)
    Name of the user who requested this Exemption
    Example: "firstname lastname"

  - `scanId` (string)
    ID of the Harness Scan to determine all the occurrences for the scan-issue. You must also specify "projectId", "orgId" and "targetId". Cannot be specified alongside "pipelineId".
    Example: "abcdef1234567890ghijkl"

  - `search` (string)
    Search parameter to find filtered occurrences of the issue
    Example: "CWE-123,5"

  - `targetId` (string)
    ID of the Target to which the exemption applies. Cannot be specified alongside "projectId" or "pipelineId".
    Example: "abcdef1234567890ghijkl"

  - `type` (string, required)
    Type of Exemption (Compensating Controls / Acceptable Use / Acceptable Risk / False Positive / Fix Unavailable / Other)
    Enum: "Compensating Controls", "Acceptable Use", "Acceptable Risk", "False Positive", "Fix Unavailable", "Other"

## Response 200 fields (application/json):

  - `id` (string, required)
    Resource identifier
    Example: "abcdef1234567890ghijkl"

## Response 400 fields (application/json):

  - `message` (string, required)
    Example: "Not Found"

  - `status` (integer)
    Example: 404