I believe the key is that the user in question (the one needing to be doing the approvals) needs to be the one invoking the REST/API call. I believe this is needed because the validation done on the PW can only be done on the user that's logged in, not on a given user (otherwise it would be a security risk for me to be able to validate your password)....so, if you can log into Remedy through that users credentials to invoke the call, I think it should work.
LJ, Yes, your solution works!! So I'll assume this query is answered.
Our other challenge is that the REST API is creating a stage entry using a service account that does all the remedy workflow push.
So in essence we have to impersonate that request user who needs to approve/reject inside the remedy workflow.
I'll post your response and solution to this thread later in case it helps others.
Thanks for dissecting the issue on who can approve via workflow! Thats great.