GET /oauth/admin/grants

Returns information about OAuth grants.

As part of grant administration, you can query for the list of grants in a specific state, such as active state or in progress state. Grants are protected and can only be seen by resource owners (their own grants), client administrators (grants issued to their clients) and provider administrators (all grants).

Authorization Roles/Permissions: Must be the resource owner, provider admin, or client admin. Authentication cookie is required.

This topic includes the following sections:

HTTP Method

GET

Back to top

URL

https://{oauth-provider-url}/oauth/admin/grants

Back to top

Sample Request

The example below shows a request for the first 100 grants with a status of Active.

Request URL

https://{oauth-provider-url}/oauth/admin/grants?GrantStatus=Active&StartIndex=0&Count=100

Sample request headers

Accept: application/xml (or application/json)
Cookie: OAuthToken_{OAuthProviderName}

Sample request body

Not applicable.

Back to top

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept application/xml, application/json
OAuthToken_{OAuthProviderName} The OAuth cookie that identifies the logged-in user with the provider. Depending on the operation being used and the context, the authenticated user could be the resource owner, the administrator, the client app administration, or the OAuth Provider. The cookie is returned after logging in with the POST /oauth/login operation.

Back to top

Request Parameters

Parameter Parm Type Data Type Required Description
GrantSetupStartDate Query string Optional Date when grant is set up (format: yyyy-MM-dd’T’HH:mm:ss) value in GMT timezone.
GrantSetupEndDate Query string Optional Date before grant is set up (format: yyyy-MM-dd’T’HH:mm:ss) value in GMT timezone.
ClientID Query string Optional The unique ID for a specific OAuth client, as set up with the OAuth Provider. In the context of the platform, the ClientID is the same as the app's RuntimeID.
ResourceOwnerUID Query string Optional The unique ID of the resource owner, as set up with the OAuth provider. This can be simply the UID, or can be the DOMAIN\UID if multiple domains are used and the same UID exists in different domains. DOMAIN here is the Resource Owner authentication domain of the Provider.
GrantStatus Query string Optional The status of the grant. This parameter can be included multiple times to fetch the grants in different statuses. Valid values: Pending, Active, Rejected, Revoked, Expired, Cancelled (see OAuth Grant Status).
SortBy Query string Optional An optional parameter allowing users to sort results by a specific value; for example, com.soa.sort.order.updated sorts with the most updated entries first. For valid values, see Sort By Values. If not specified, items are returned in the sort order of DescendingDate, which means that the most recent items are first.
StartIndex Query string Optional An index number indicating the starting point for the results to be returned. If not specified, results start at position 0, the first result.
Count Query string Optional The number of results to be returned, from the specified starting point. If not specified, all matching results are returned. Default: 100.

Back to top

Response

If successful, this operation returns HTTP status code 200, with the requested grant information.

Back to top

Sample Response

The sample response below shows successful completion of this operation.

Sample response headers: application/json

Content-Type: application/json

Sample response body: application/json

{
  "channel": {
    "title": "Grants",
    "description": "",
    "item": [
      {
        "title": "",
        "guid": {
          "value": "5dbv239gl72l"
        },
        "pubDate": "Tue, 12 May 2015 06:21:34 -0700",
        "Grant": {
          "GrantID": "5dbv239gl72l",
          "GrantProvider": "Capital One OAuth Provider",
          "GrantType": "authorization_code",
          "OpenIdConnectGrant": false,
          "GrantStatus": "Pending",
          "GrantExpirationDateTime": 1432732894000,
          "GrantClient": {
            "ClientID": "open-88PPmUA46HgAdUTzmYJRsa6H"
          },
          "GrantClientRedirectUri": "http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true",
          "GrantResourceScope": {
            "Resource": [
              {
                "Name": "READ"
              },
              {
                "Name": "scope"
              }
            ]
          },
          "GrantIssuedDateTime": 1431436894000,
          "GrantUpdatedDateTime": 1431436894000,
          "ResponseType": "code"
        }
      },
      {
        "title": "",
        "guid": {
          "value": "cds24vlc2a82"
        },
        "pubDate": "Tue, 12 May 2015 06:23:46 -0700",
        "Grant": {
          "GrantID": "cds24vlc2a82",
          "GrantProvider": "Capital One OAuth Provider",
          "GrantType": "authorization_code",
          "OpenIdConnectGrant": false,
          "GrantStatus": "Pending",
          "GrantExpirationDateTime": 1432733026000,
          "GrantClient": {
            "ClientID": "open-88PPmUA46HgAdUTzmYJRsa6H"
          },
          "GrantClientRedirectUri": "http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true",
          "GrantResourceScope": {
            "Resource": [
              {
                "Name": "READ"
              },
              {
                "Name": "scope"
              }
            ]
          },
          "GrantIssuedDateTime": 1431437026000,
          "GrantUpdatedDateTime": 1431437026000,
          "ResponseType": "code"
        }
      }
    ]
  },
  "version": "1.0"
}

Sample response body: application/xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<rss 
  xmlns:ns2="http://soa.com/xsd/rss/1.0" 
  xmlns:ns3="http://soa.com/xsd/oauth/1.0" 
  xmlns:ns4="http://soa.com/binding/http" version="1.0">
  <channel>
    <title>Grants</title>
    <description></description>
    <item>
      <title></title>
      <guid>5dbv239gl72l</guid>
      <pubDate>Tue, 12 May 2015 06:21:34 -0700</pubDate>
      <ns3:Grant>
        <ns3:GrantID>5dbv239gl72l</ns3:GrantID>
        <ns3:GrantProvider>Capital One OAuth Provider</ns3:GrantProvider>
        <ns3:GrantType>authorization_code</ns3:GrantType>
        <ns3:OpenIdConnectGrant>false</ns3:OpenIdConnectGrant>
        <ns3:GrantStatus>Pending</ns3:GrantStatus>
        <ns3:GrantExpirationDateTime 
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-27T13:21:34Z
        </ns3:GrantExpirationDateTime>
        <ns3:GrantClient>
          <ns3:ClientID>open-88PPmUA46HgAdUTzmYJRsa6H</ns3:ClientID>
        </ns3:GrantClient>
        <ns3:GrantClientRedirectUri>http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true</ns3:GrantClientRedirectUri>
        <ns3:GrantResourceScope>
          <ns3:Resource>
            <ns3:Name>READ</ns3:Name>
          </ns3:Resource>
          <ns3:Resource>
            <ns3:Name>scope</ns3:Name>
          </ns3:Resource>
        </ns3:GrantResourceScope>
        <ns3:GrantIssuedDateTime 
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:21:34Z
        </ns3:GrantIssuedDateTime>
        <ns3:GrantUpdatedDateTime 
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:21:34Z
        </ns3:GrantUpdatedDateTime>
        <ns3:ResponseType>code</ns3:ResponseType>
      </ns3:Grant>
    </item>
    <item>
      <title></title>
      <guid>cds24vlc2a82</guid>
      <pubDate>Tue, 12 May 2015 06:23:46 -0700</pubDate>
      <ns3:Grant>
        <ns3:GrantID>cds24vlc2a82</ns3:GrantID>
        <ns3:GrantProvider>Capital One OAuth Provider</ns3:GrantProvider>
        <ns3:GrantType>authorization_code</ns3:GrantType>
        <ns3:OpenIdConnectGrant>false</ns3:OpenIdConnectGrant>
        <ns3:GrantStatus>Pending</ns3:GrantStatus>
        <ns3:GrantExpirationDateTime 
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-27T13:23:46Z
        </ns3:GrantExpirationDateTime>
        <ns3:GrantClient>
          <ns3:ClientID>open-88PPmUA46HgAdUTzmYJRsa6H</ns3:ClientID>
        </ns3:GrantClient>
        <ns3:GrantClientRedirectUri>http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true</ns3:GrantClientRedirectUri>
        <ns3:GrantResourceScope>
          <ns3:Resource>
            <ns3:Name>READ</ns3:Name>
          </ns3:Resource>
          <ns3:Resource>
            <ns3:Name>scope</ns3:Name>
          </ns3:Resource>
        </ns3:GrantResourceScope>
        <ns3:GrantIssuedDateTime 
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:23:46Z
        </ns3:GrantIssuedDateTime>
        <ns3:GrantUpdatedDateTime 
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:23:46Z
        </ns3:GrantUpdatedDateTime>
        <ns3:ResponseType>code</ns3:ResponseType>
      </ns3:Grant>
    </item>
  </channel>
</rss>

Back to top

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type application/xml, application/json

Back to top

Response Body

The response body is in the form of an RSS channel, and includes the items listed below. The RSS version is 1.0. The title of the RSS channel is Grants. Each item in the channel represents one OAuth grant, and includes the information listed below.

Name Description
title The title of the grant, if any.
GUID Unique ID for the grant.
pubDate The date the item was created, or last modified, formatted in Coordinated Universal Time (UTC).
Grant[ ]

Contains information about an OAuth grant.

One or more.

GrantClientRedirectUri The redirect URI for the client.
GrantResourceScope The scope for the grant.
GrantIssuedDateTime The date/time the grant was issued.
GrantUpdatedDateTime The date/time the grant was last updated.
ResponseType The response type applicable to the grant.

Back to top

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you didn't include the OAuthToken_{OAuthProviderName} cookie, or if you included an invalid cookie.
500 An error occurred processing the call.

More information about Enterprise API Platform API error messages.

Back to top

Related Topics