# POST /api/v1/advisory-firms/{firm_id}/candidates/bulk-resolve

> Confirm or reject match candidates

- **Tag:** intercompany-cleanup
- **Operation ID:** `bulk_resolve_candidates_api_v1_advisory_firms__firm_id__candidates_bulk_resolve_post`

## Description

Confirming applies the booking side effects: same-business pairs retarget to the transfers ledger, cross-entity pairs book due-to/due-from plus an elimination entry, parent legs book due-from-parent on our side only. Every confirmation also feeds rule learning and the account map's known description strings.

## Authentication

Bearer token in `Authorization` header.
Required header: `x-business-id: <business uuid>`.

## Parameters

- `firm_id` (path, string, required)

## Request body

Schema: `BulkResolveRequest`

- `candidate_ids` (array · string · required)
- `action` (string · required) — 'confirm' or 'reject'

## Responses

### 201 — Successful Response

Schema: `SuccessEnvelope_BulkResolveResponse_`

- `success` (boolean)
- `message` (string)
- `code` (string)
- `data` (BulkResolveResponse)

### 401 — Unauthorized - Authentication required

### 403 — Forbidden - Insufficient permissions

### 404 — Not Found - Resource does not exist

### 422 — Validation Error - Invalid data format

## Code samples

### cURL

```bash
curl -X POST 'https://api.ondayzero.com/api/v1/advisory-firms/{firm_id}/candidates/bulk-resolve' \
  -H 'Authorization: Bearer dz_your_token' \
  -H 'x-business-id: YOUR_BUSINESS_ID' \
  -H 'Content-Type: application/json' \
  -d '{
  "candidate_ids": [],
  "action": "string"
}'
```

### JavaScript

```javascript
const response = await fetch('https://api.ondayzero.com/api/v1/advisory-firms/{firm_id}/candidates/bulk-resolve', {
  method: 'POST',
  headers: {
    Authorization: 'Bearer dz_your_token',
    'x-business-id': 'YOUR_BUSINESS_ID',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
  "candidate_ids": [],
  "action": "string"
}),
});
const data = await response.json();
```

### Python

```python
import httpx

headers = {
    "Authorization": "Bearer dz_your_token",
    "x-business-id": "YOUR_BUSINESS_ID",
}

payload = {
  "candidate_ids": [],
  "action": "string"
}

response = httpx.post("https://api.ondayzero.com/api/v1/advisory-firms/{firm_id}/candidates/bulk-resolve", headers=headers, json=payload)
data = response.json()
```

## See also

- HTML version: https://www.ondayzero.com/docs/reference/intercompany-cleanup/bulk-resolve-candidates
- OpenAPI slice: https://www.ondayzero.com/docs/reference/intercompany-cleanup/bulk-resolve-candidates/openapi.json
- Other endpoints in **intercompany-cleanup**: https://www.ondayzero.com/docs/reference/intercompany-cleanup