GET /oauth/admin/grants
Returns information about OAuth grants.
As part of grant administration, you can query for the list of grants in a specific state, such as active state or in progress state. Grants are protected and can only be seen by resource owners (their own grants), client administrators (grants issued to their clients) and provider administrators (all grants).
Authorization Roles/Permissions: Must be the resource owner, provider admin, or client admin. Authentication cookie is required.
This topic includes the following sections:
HTTP Method
GET
URL
https://{oauth-provider-url}/oauth/admin/grants
Sample Request
The example below shows a request for the first 100 grants with a status of Active.
Sample Request URL
https://{oauth-provider-url}/oauth/admin/grants?GrantStatus=Active&StartIndex=0&Count=100
Sample request headers
Accept: application/xml (or application/json)
Cookie: OAuthToken_{OAuthProviderName}={Cookie value (usually starts with TokenID)}
Sample request body
Not applicable.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept | application/json |
| Cookie | OAuthToken_{OAuthProviderName}—The OAuth cookie that identifies the logged-in user with the provider. Depending on the operation being used and the context, the authenticated user could be the resource owner, the administrator, the client app administration, or the OAuth Provider. The cookie is returned after logging in with the POST /oauth/login operation. |
Request Parameters
| Parameter | Parm Type | Data Type | Required | Description |
|---|---|---|---|---|
| GrantSetupStartDate | Query | string | Optional | Date when grant is set up (format: yyyy-MM-dd’T’HH:mm:ss) value in GMT timezone. |
| GrantSetupEndDate | Query | string | Optional | Date before grant is set up (format: yyyy-MM-dd’T’HH:mm:ss) value in GMT timezone. |
| ClientID | Query | string | Optional | The unique ID for a specific OAuth client, as set up with the OAuth Provider. In the context of the platform, the ClientID is the same as the app's RuntimeID. |
| ResourceOwnerUID | Query | string | Optional | The unique ID of the resource owner, as set up with the OAuth provider. This can be simply the UID, or can be the DOMAIN\UID if multiple domains are used and the same UID exists in different domains. DOMAIN here is the Resource Owner authentication domain of the Provider. |
| GrantStatus | Query | string | Optional | The status of the grant. This parameter can be included multiple times to fetch the grants in different statuses. Valid values: Pending, Active, Rejected, Revoked, Expired, Cancelled (see OAuth Grant Status). |
| SortBy | Query | string | Optional | An optional parameter allowing users to sort results by a specific value; for example, com.soa.sort.order.updated sorts with the most updated entries first. For valid values, see Sort By Values. If not specified, items are returned in the sort order of DescendingDate, which means that the most recent items are first. |
| StartIndex | Query | string | Optional | An index number indicating the starting point for the results to be returned. If not specified, results start at position 0, the first result. |
| Count | Query | string | Optional | The number of results to be returned, from the specified starting point. If not specified, all matching results are returned. Default: 100. |
Response
If successful, this operation returns HTTP status code 200, with the requested grant information.
Sample Response
The sample response below shows successful completion of this operation.
Sample response headers: application/json
Content-Type: application/json
Sample response body: application/json
{
"channel": {
"title": "Grants",
"description": "",
"item": [
{
"title": "",
"guid": {
"value": "5dbv239gl72l"
},
"pubDate": "Tue, 12 May 2015 06:21:34 -0700",
"Grant": {
"GrantID": "5dbv239gl72l",
"GrantProvider": "Capital One OAuth Provider",
"GrantType": "authorization_code",
"OpenIdConnectGrant": false,
"GrantStatus": "Pending",
"GrantExpirationDateTime": 1432732894000,
"GrantClient": {
"ClientID": "open-88PPmUA46HgAdUTzmYJRsa6H"
},
"GrantClientRedirectUri": "http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true",
"GrantResourceScope": {
"Resource": [
{
"Name": "READ"
},
{
"Name": "scope"
}
]
},
"GrantIssuedDateTime": 1431436894000,
"GrantUpdatedDateTime": 1431436894000,
"ResponseType": "code"
}
},
{
"title": "",
"guid": {
"value": "cds24vlc2a82"
},
"pubDate": "Tue, 12 May 2015 06:23:46 -0700",
"Grant": {
"GrantID": "cds24vlc2a82",
"GrantProvider": "Capital One OAuth Provider",
"GrantType": "authorization_code",
"OpenIdConnectGrant": false,
"GrantStatus": "Pending",
"GrantExpirationDateTime": 1432733026000,
"GrantClient": {
"ClientID": "open-88PPmUA46HgAdUTzmYJRsa6H"
},
"GrantClientRedirectUri": "http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true",
"GrantResourceScope": {
"Resource": [
{
"Name": "READ"
},
{
"Name": "scope"
}
]
},
"GrantIssuedDateTime": 1431437026000,
"GrantUpdatedDateTime": 1431437026000,
"ResponseType": "code"
}
}
]
},
"version": "1.0"
}
Sample response body: application/xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<rss
xmlns:ns2="http://soa.com/xsd/rss/1.0"
xmlns:ns3="http://soa.com/xsd/oauth/1.0"
xmlns:ns4="http://soa.com/binding/http" version="1.0">
<channel>
<title>Grants</title>
<description></description>
<item>
<title></title>
<guid>5dbv239gl72l</guid>
<pubDate>Tue, 12 May 2015 06:21:34 -0700</pubDate>
<ns3:Grant>
<ns3:GrantID>5dbv239gl72l</ns3:GrantID>
<ns3:GrantProvider>Capital One OAuth Provider</ns3:GrantProvider>
<ns3:GrantType>authorization_code</ns3:GrantType>
<ns3:OpenIdConnectGrant>false</ns3:OpenIdConnectGrant>
<ns3:GrantStatus>Pending</ns3:GrantStatus>
<ns3:GrantExpirationDateTime
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-27T13:21:34Z
</ns3:GrantExpirationDateTime>
<ns3:GrantClient>
<ns3:ClientID>open-88PPmUA46HgAdUTzmYJRsa6H</ns3:ClientID>
</ns3:GrantClient>
<ns3:GrantClientRedirectUri>http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true</ns3:GrantClientRedirectUri>
<ns3:GrantResourceScope>
<ns3:Resource>
<ns3:Name>READ</ns3:Name>
</ns3:Resource>
<ns3:Resource>
<ns3:Name>scope</ns3:Name>
</ns3:Resource>
</ns3:GrantResourceScope>
<ns3:GrantIssuedDateTime
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:21:34Z
</ns3:GrantIssuedDateTime>
<ns3:GrantUpdatedDateTime
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:21:34Z
</ns3:GrantUpdatedDateTime>
<ns3:ResponseType>code</ns3:ResponseType>
</ns3:Grant>
</item>
<item>
<title></title>
<guid>cds24vlc2a82</guid>
<pubDate>Tue, 12 May 2015 06:23:46 -0700</pubDate>
<ns3:Grant>
<ns3:GrantID>cds24vlc2a82</ns3:GrantID>
<ns3:GrantProvider>Capital One OAuth Provider</ns3:GrantProvider>
<ns3:GrantType>authorization_code</ns3:GrantType>
<ns3:OpenIdConnectGrant>false</ns3:OpenIdConnectGrant>
<ns3:GrantStatus>Pending</ns3:GrantStatus>
<ns3:GrantExpirationDateTime
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-27T13:23:46Z
</ns3:GrantExpirationDateTime>
<ns3:GrantClient>
<ns3:ClientID>open-88PPmUA46HgAdUTzmYJRsa6H</ns3:ClientID>
</ns3:GrantClient>
<ns3:GrantClientRedirectUri>http://developer.acmepaymentscorp.com/ui/apps/acmepaymentscorp/_VSPUvNSKEu9CFztvkjorQcg/resources/console/global/oauthclientredirect.html?dynamic=true</ns3:GrantClientRedirectUri>
<ns3:GrantResourceScope>
<ns3:Resource>
<ns3:Name>READ</ns3:Name>
</ns3:Resource>
<ns3:Resource>
<ns3:Name>scope</ns3:Name>
</ns3:Resource>
</ns3:GrantResourceScope>
<ns3:GrantIssuedDateTime
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:23:46Z
</ns3:GrantIssuedDateTime>
<ns3:GrantUpdatedDateTime
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:dateTime">2015-05-12T13:23:46Z
</ns3:GrantUpdatedDateTime>
<ns3:ResponseType>code</ns3:ResponseType>
</ns3:Grant>
</item>
</channel>
</rss>
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | application/json |
Response Body
The response body is in the form of an RSS channel, and includes the items listed below. The RSS version is 1.0. The title of the RSS channel is Grants. Each item in the channel represents one OAuth grant, and includes the information listed below.
| Name | Description |
|---|---|
| title | The title of the grant, if any. |
| GUID | Unique ID for the grant. |
| pubDate | The date the item was created, or last modified, formatted in Coordinated Universal Time (UTC). |
| Grant[ ] |
Contains information about an OAuth grant. One or more. |
| GrantClientRedirectUri | The redirect URI for the client. |
| GrantResourceScope | The scope for the grant. |
| GrantIssuedDateTime | The date/time the grant was issued. |
| GrantUpdatedDateTime | The date/time the grant was last updated. |
| ResponseType | The response type applicable to the grant. |
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 401 | Unauthorized. For example, you would get this response if you didn't include the OAuthToken_{OAuthProviderName} cookie, or if you included an invalid cookie. |
| 500 | An error occurred processing the call. |
More information about Akana OAuth API error messages.