feat: add requestId query parameter to notification URLs for secret approval requests

[devin-ai-integration]

Context

This PR adds the requestId query parameter to the approval URLs sent in Slack/Teams notifications for secret approval requests.

Previously, PR #5246 added support for URL sharing with requestId query parameter on the frontend, but the notification URLs sent to Slack/Teams did not include this parameter. This meant users clicking notification links would land on the general approval page instead of the specific request.

Now, notification URLs will include ?requestId=<the-request-id> so users can navigate directly to the specific secret approval request.

Changes:

• secret-approval-request-service.ts: Added requestId to notification URLs in both generateSecretApprovalRequest and generateSecretApprovalRequestV2Bridge functions

Note: Access approval requests do not support the requestId query parameter on the frontend, so they were not modified.

Steps to verify the change

1. Create a secret approval policy with Slack/Teams notifications enabled
2. Make a change that triggers a secret approval request
3. Verify the notification URL includes ?requestId=<uuid>
4. Click the link and confirm it navigates directly to the specific request

Human review checklist

• Verify the frontend (from PR fix: enable URL sharing for secret approval change requests #5246) correctly handles the requestId query parameter

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

---

Link to Devin run: https://app.devin.ai/sessions/46bbaf458f3449c999e1b02e84950b9a
Requested by: @varonix0

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR completes the URL sharing feature for approval requests by adding the requestId query parameter to notification URLs sent via Slack/Teams. Previously, PR #5246 added frontend support for the requestId query parameter, but backend notification URLs were not updated to include it.

Changes:

• Added ?requestId=${approvalRequest.id} to notification URLs in secret-approval-request-service.ts (both generateSecretApprovalRequest and generateSecretApprovalRequestV2Bridge)
• Added ?requestId=${approvalRequest.id} and ?requestId=${requestId} to notification URLs in access-approval-request-service.ts (createAccessApprovalRequest and updateAccessApprovalRequest)

Technical Review:

• The IDs being appended are UUIDs generated by the database (t.uuid("id", { primaryKey: true }).defaultTo(knex.fn.uuid())), which are URL-safe and don't require encoding
• This pattern is already used elsewhere in the codebase (e.g., microsoft-teams-fns.ts:405)
• The frontend properly handles the requestId query parameter as verified in PR fix: enable URL sharing for secret approval change requests #5246
• No security concerns: UUIDs are not user-controllable and cannot be manipulated to change DNS resolution or inject malicious content

Confidence Score: 5/5

• This PR is safe to merge with no identified risks
• Simple, focused change that adds query parameters to URLs. The IDs are database-generated UUIDs (URL-safe), the pattern is already used elsewhere in the codebase, and the frontend support was already implemented in PR fix: enable URL sharing for secret approval change requests #5246
• No files require special attention

Important Files Changed

Filename	Overview
backend/src/ee/services/secret-approval-request/secret-approval-request-service.ts	Added requestId query parameter to notification URLs in two functions for direct navigation to specific requests
backend/src/ee/services/access-approval-request/access-approval-request-service.ts	Added requestId query parameter to notification URLs in create and update functions for access approval requests