- Tokens
-
Access Tokens
- Enabling single access token per subject
- Using JWT-based access tokens
- How to add extra properties to an access token
- Getting a list of issued access tokens
- Issuing two access tokens through hybrid flow
- Refresh Tokens
- ID Tokens
- Proof-of-Possession (PoP) Tokens
-
Grant Type
- Scopes
- PKCE (RFC 7636)
- Client Management
- Authorization Requests
- User Authentication
- Error Handling
- Client Authentication
- Introspection
- Userinfo Endpoint
- JARM
- Device Flow (RFC 8628)
Getting a list of issued access tokens
Overview
This is about how to get a list of access tokens issued.
Authlete provides an API that enables to get a list of client applications that an end-user (resource owner) has authorized. This functionality is available at Authlete's /auth/token/get/list API.
Definition
GET /auth/token/get/list?clientIdentifier={clientIdentifier}&subject={subject}&start={start}&end={end}
Request Parameters
parameter |
required |
description |
default |
clientIdentifier |
NO |
Client Identifier (client ID or client ID alias). Use this parameter when you want to get a list of tokens that have been issued to a specific client. |
null |
subject |
NO |
Unique user ID. Use this parameter when you want to get a list of tokens that have been issued to a specific user. |
null |
start |
NO |
Start index of search results (inclusive). |
0 |
end |
NO |
End index of search results (exclusive). |
20 |
Response Parameters
parameter |
description |
accessTokens |
An array of access tokens. |
start |
Start index of search results (inclusive). |
end |
End index of search results (exclusive). |
totalCount |
The total number of access tokens that meet the conditions. |
Access Token Infromation
parameter |
description |
accessTokenExpiresAt |
The timestamp at which the access token will expire. |
accessTokenHash |
The hash of the access token. |
clientId |
The ID of the client associated with the access token. |
createdAt |
The timestamp at which the access token was first created. |
grantType |
The grant type of the access token when the access token was created. |
lastRefreshedAt |
The timestamp at which the access token was last refreshed using the refresh token. |
refreshTokenExpiresAt |
The timestamp at which the refresh token will expire. |
refreshTokenHash |
The hash of the refresh token. |
scopes |
The scopes associated with the access token. |
subject |
The subject (= unique user ID) associated with the access token. |
Response Example
{ "accessTokens": [ { "accessTokenExpiresAt": 1527583747000, "accessTokenHash": "kjjduowWXMPiHt1AjxbgkqWANOsVWQfKYCyFO76q1MU", "clientId": 11867130158, "createdAt": 1527497347000, "grantType": "AUTHORIZATION_CODE", "lastRefreshedAt": 0, "refreshTokenExpiresAt": 1528361347000, "refreshTokenHash": "hCkIkuS6py0drpe5XOybw0MxkgsYNOk2q3dtilLiI64", "scopes": ["openid"], "subject": "john" }, {...}, {...}, {...}, {...} ], "end": 5, "start": 0, "totalCount": 15 }
How did we do with this article?