- Tokens
-
Access Tokens
- Enabling single access token per subject
- Enabling JWT-based access tokens
- How to add extra properties to an access token
- Getting a list of issued access tokens
- Issuing two access tokens through hybrid flow
- Refresh Tokens
- ID Tokens
- Proof-of-Possession (PoP) Tokens
-
Grant Type
- Scopes
- PKCE (RFC 7636)
- Client Management
- Authorization Requests
- User Authentication
- Error Handling
- Client Authentication
- Introspection
- Userinfo Endpoint
- JARM
- Device Flow (RFC 8628)
Getting a list of issued access tokens
Overview
This is about how to get a list of access tokens issued.
Authlete provides an API that enables to get a list of client applications that an end-user (resource owner) has authorized. This functionality is available at Authlete's /auth/token/get/list API.
Definition
GET /auth/token/get/list?clientIdentifier={clientIdentifier}&subject={subject}&start={start}&end={end}Request Parameters
parameter |
required |
description |
default |
clientIdentifier |
NO |
Client Identifier (client ID or client ID alias). Use this parameter when you want to get a list of tokens that have been issued to a specific client. |
null |
subject |
NO |
Unique user ID. Use this parameter when you want to get a list of tokens that have been issued to a specific user. |
null |
start |
NO |
Start index of search results (inclusive). |
0 |
end |
NO |
End index of search results (exclusive). |
20 |
Response Parameters
parameter |
description |
accessTokens |
An array of access tokens. |
start |
Start index of search results (inclusive). |
end |
End index of search results (exclusive). |
totalCount |
The total number of access tokens that meet the conditions. |
Access Token Infromation
parameter |
description |
accessTokenExpiresAt |
The timestamp at which the access token will expire. |
accessTokenHash |
The hash of the access token. |
clientId |
The ID of the client associated with the access token. |
createdAt |
The timestamp at which the access token was first created. |
grantType |
The grant type of the access token when the access token was created. |
lastRefreshedAt |
The timestamp at which the access token was last refreshed using the refresh token. |
refreshTokenExpiresAt |
The timestamp at which the refresh token will expire. |
refreshTokenHash |
The hash of the refresh token. |
scopes |
The scopes associated with the access token. |
subject |
The subject (= unique user ID) associated with the access token. |
Response Example
{
"accessTokens": [
{
"accessTokenExpiresAt": 1527583747000,
"accessTokenHash": "kjjduowWXMPiHt1AjxbgkqWANOsVWQfKYCyFO76q1MU",
"clientId": 11867130158,
"createdAt": 1527497347000,
"grantType": "AUTHORIZATION_CODE",
"lastRefreshedAt": 0,
"refreshTokenExpiresAt": 1528361347000,
"refreshTokenHash": "hCkIkuS6py0drpe5XOybw0MxkgsYNOk2q3dtilLiI64",
"scopes": ["openid"],
"subject": "john"
},
{...},
{...},
{...},
{...}
],
"end": 5,
"start": 0,
"totalCount": 15
}
How did we do with this article?