Skip to main content
GET
/
api
/
{serviceId}
/
client
/
granted_scopes
/
get
/
{clientId}
Typescript (SDK)
import { Authlete } from "@authlete/typescript-sdk";

const authlete = new Authlete({
  bearer: process.env["AUTHLETE_BEARER"] ?? "",
});

async function run() {
  const result = await authlete.clientManagement.clientGrantedScopesGetApi({
    serviceId: "715948317",
    clientId: "1140735077",
    subject: "<value>",
  });

  console.log(result);
}

run();
{
  "type": "GrantedScopesGetResponse",
  "serviceApiKey": 21653835348762,
  "clientId": 26478243745571,
  "subject": "john",
  "latestGrantedScopes": [
    "history.read"
  ],
  "mergedGrantedScopes": [
    "history.read",
    "timeline.read"
  ]
}
Possible values for requestableScopes parameter in the response from this API are as follows.

null

The user has not granted authorization to the client application in the past, or records about the combination of the user and the client application have been deleted from Authlete’s DB.

An empty set

The user has granted authorization to the client application in the past, but no scopes are associated with the authorization.

A set with at least one element

The user has granted authorization to the client application in the past and some scopes are associated with the authorization. These scopes are returned. Example: [ "profile", "email" ] The subject parameter is required and must be provided as a query parameter.

Authorizations

Authorization
string
header
required

Authenticate every request with a Service Access Token or Organization Token. Set the token value in the Authorization: Bearer <token> header.

Service Access Token: Scoped to a single service. Use when automating service-level configuration or runtime flows.

Organization Token: Scoped to the organization; inherits permissions across services. Use for org-wide automation or when managing multiple services programmatically.

Both token types are issued by the Authlete console or provisioning APIs.

Path Parameters

serviceId
string
required

A service ID.

clientId
string
required

A client ID.

Query Parameters

subject
string
required

Unique user ID of an end-user.

Response

Successfully retrieved granted scopes

resultCode
string

The code which represents the result of the API call.

resultMessage
string

A short message which explains the result of the API call.

serviceApiKey
integer<int64>

A short message which explains the result of the API call.

clientId
integer<int64>

Get the client ID.

subject
string

Get the subject (= unique identifier) of the user who has granted authorization to the client.

latestGrantedScopes
string[]

Get the scopes granted to the client application by the last authorization process by the user (who is identified by the subject).

mergedGrantedScopes
string[]

Get the scopes granted to the client application by all the past authorization processes. Note that revoked scopes are not included.

modifiedAt
integer<int64>

Get the timestamp in milliseconds since Unix epoch at which this record was modified.