List Grants for a Subject
Available since
- v5.4.2 and later
Endpoint: GET /api/auth/subjects/{subjectType}/{subjectId}/grants
Lists all per-instance resource grants for a user, group, or role. Available for admin-only, unless the caller is listing their own grants.
Path parameters
| Parameter | Description | Type | Required/ Optional |
|---|---|---|---|
| subjectType | The type of subject being granted access. Supported values:
| string | Required. |
| subjectId | The unique identifier of the subject (e.g., user email, role name, or group name). | string | Required. |
Query parameters
| Parameter | Description | Type | Required/ Optional |
|---|---|---|---|
| resourceType | The resource type for which access grants are being retrieved. Supported values:
| string | Optional. |
Response
Returns a list of per-instance resource grants for the subject.
Examples
List grants for a subject
Request
curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/auth/subjects/USER/jane.doe%40acme.com/grants?resourceType=SECRET_NAME' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'
Response
[
{
"target": {
"type": "SECRET_NAME",
"id": "API_KEY_NEURO"
},
"access": [
"READ",
"DELETE",
"CREATE",
"EXECUTE",
"UPDATE"
]
}
]