Getting a list of issued access tokens

Table of Contents

Getting a list of issued access tokens

Overview

This is about how to get a list of access tokens issued.

Authlete provides an API that enables to get a list of client applications that an end-user (resource owner) has authorized. This functionality is available at Authlete’s /auth/token/get/list API.

This function is not available for free plan users yet.

Definition

GET /auth/token/get/list?
    clientIdentifier={clientIdentifier}
    &subject={subject}
    &start={start}
    &end={end}

Request Parameters

parameter required description default
clientIdentifier NO Client Identifier (client ID or client ID alias). Use this parameter when you want to get a list of tokens that have been issued to a specific client.  null
subject NO Unique user ID.Use this parameter when you want to get a list of tokens that have been issued to a specific user. null
start NO Start index of search results (inclusive).  0
end NO End index of search results (exclusive).  20

Currently, the maximum number of tokens in a list is 20. Authlete server will return an error when you request more than 20 (= “end” - “start” > 20).

Response Parameters

parameter description
accessTokens An array of access tokens.
start Start index of search results (inclusive).
end End index of search results (exclusive).
totalCount The total number of access tokens that meet the conditions.
Access Token Infromation
parameter description
accessTokenExpiresAt The timestamp at which the access token will expire.
accessTokenHash The hash of the access token.
clientId The ID of the client associated with the access token.
createdAt The timestamp at which the access token was first created.
grantType The grant type of the access token when the access token was created.
lastRefreshedAt The timestamp at which the access token was last refreshed using the refresh token.
refreshTokenExpiresAt The timestamp at which the refresh token will expire.
refreshTokenHash The hash of the refresh token.
scopes The scopes associated with the access token.
subject The subject (= unique user ID) associated with the access token.
Response Example 
{
    "accessTokens": [
        {
            "accessTokenExpiresAt": 1527583747000,
            "accessTokenHash": "kjjduowWXMPiHt1AjxbgkqWANOsVWQfKYCyFO76q1MU",
            "clientId": 11867130158,
            "createdAt": 1527497347000,
            "grantType": "AUTHORIZATION_CODE",
            "lastRefreshedAt": 0,
            "refreshTokenExpiresAt": 1528361347000,
            "refreshTokenHash": "hCkIkuS6py0drpe5XOybw0MxkgsYNOk2q3dtilLiI64",
            "scopes": ["openid"],
            "subject": "john"
        },
        {...},
        {...},
        {...},
        {...}
    ],
    "end": 5,
    "start": 0,
    "totalCount": 15
}