User Grant By ID

Returns a user grant per ID. A user grant is a role a user has for a specific project and organization.

Path Parameters

userId string required
grantId string required

Header Parameters

x-zitadel-orgid string
The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.

Responses

200
default

A successful response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

userGrant object
id string
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
roleKeys string[]
state string
Possible values: [USER_GRANT_STATE_UNSPECIFIED, USER_GRANT_STATE_ACTIVE, USER_GRANT_STATE_INACTIVE]
Default value: USER_GRANT_STATE_UNSPECIFIED
current state of the user
userId string
userName string
firstName string
lastName string
email string
email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)
displayName string
display name of the user
orgId string
orgName string
orgDomain string
projectId string
projectName string
projectGrantId string
avatarUrl string
avatar URL of the user
preferredLoginName string
userType string
Possible values: [TYPE_UNSPECIFIED, TYPE_HUMAN, TYPE_MACHINE]
Default value: TYPE_UNSPECIFIED
type of the user (human / machine)

{
  "userGrant": {
    "id": "69629023906488334",
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "roleKeys": [
      "role.super.man"
    ],
    "state": "USER_GRANT_STATE_UNSPECIFIED",
    "userId": "69629023906488334",
    "userName": "gigi-giraffe",
    "firstName": "Gigi",
    "lastName": "Giraffe",
    "email": "gigi@zitadel.com",
    "displayName": "Gigi Giraffe",
    "orgId": "69629023906488334",
    "orgName": "ZITADEL",
    "orgDomain": "zitadel.cloud",
    "projectId": "69629023906488334",
    "projectName": "ZITADEL",
    "projectGrantId": "69629023906488334",
    "avatarUrl": "{your-domain}/assets/v1/avatar-32432jkh4kj32",
    "preferredLoginName": "gigi@zitadel.com",
    "userType": "TYPE_UNSPECIFIED"
  }
}

Schema
Example (from schema)

Schema

userGrant object
id string
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
roleKeys string[]
state string
Possible values: [USER_GRANT_STATE_UNSPECIFIED, USER_GRANT_STATE_ACTIVE, USER_GRANT_STATE_INACTIVE]
Default value: USER_GRANT_STATE_UNSPECIFIED
current state of the user
userId string
userName string
firstName string
lastName string
email string
email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)
displayName string
display name of the user
orgId string
orgName string
orgDomain string
projectId string
projectName string
projectGrantId string
avatarUrl string
avatar URL of the user
preferredLoginName string
userType string
Possible values: [TYPE_UNSPECIFIED, TYPE_HUMAN, TYPE_MACHINE]
Default value: TYPE_UNSPECIFIED
type of the user (human / machine)

{
  "userGrant": {
    "id": "69629023906488334",
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "roleKeys": [
      "role.super.man"
    ],
    "state": "USER_GRANT_STATE_UNSPECIFIED",
    "userId": "69629023906488334",
    "userName": "gigi-giraffe",
    "firstName": "Gigi",
    "lastName": "Giraffe",
    "email": "gigi@zitadel.com",
    "displayName": "Gigi Giraffe",
    "orgId": "69629023906488334",
    "orgName": "ZITADEL",
    "orgDomain": "zitadel.cloud",
    "projectId": "69629023906488334",
    "projectName": "ZITADEL",
    "projectGrantId": "69629023906488334",
    "avatarUrl": "{your-domain}/assets/v1/avatar-32432jkh4kj32",
    "preferredLoginName": "gigi@zitadel.com",
    "userType": "TYPE_UNSPECIFIED"
  }
}

Schema
Example (from schema)

Schema

userGrant object
id string
details object
sequence uint64
on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-time
on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection

on manipulation: the
resourceOwner resource_owner is the organization an object belongs to
roleKeys string[]
state string
Possible values: [USER_GRANT_STATE_UNSPECIFIED, USER_GRANT_STATE_ACTIVE, USER_GRANT_STATE_INACTIVE]
Default value: USER_GRANT_STATE_UNSPECIFIED
current state of the user
userId string
userName string
firstName string
lastName string
email string
email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)
displayName string
display name of the user
orgId string
orgName string
orgDomain string
projectId string
projectName string
projectGrantId string
avatarUrl string
avatar URL of the user
preferredLoginName string
userType string
Possible values: [TYPE_UNSPECIFIED, TYPE_HUMAN, TYPE_MACHINE]
Default value: TYPE_UNSPECIFIED
type of the user (human / machine)

{
  "userGrant": {
    "id": "69629023906488334",
    "details": {
      "sequence": "2",
      "creationDate": "2023-05-12",
      "changeDate": "2023-05-12",
      "resourceOwner": "69629023906488334"
    },
    "roleKeys": [
      "role.super.man"
    ],
    "state": "USER_GRANT_STATE_UNSPECIFIED",
    "userId": "69629023906488334",
    "userName": "gigi-giraffe",
    "firstName": "Gigi",
    "lastName": "Giraffe",
    "email": "gigi@zitadel.com",
    "displayName": "Gigi Giraffe",
    "orgId": "69629023906488334",
    "orgName": "ZITADEL",
    "orgDomain": "zitadel.cloud",
    "projectId": "69629023906488334",
    "projectName": "ZITADEL",
    "projectGrantId": "69629023906488334",
    "avatarUrl": "{your-domain}/assets/v1/avatar-32432jkh4kj32",
    "preferredLoginName": "gigi@zitadel.com",
    "userType": "TYPE_UNSPECIFIED"
  }
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

GET /users/:userId/grants/:grantId

Authorization

type: oauth2flow: authorizationCodescopes: openid,urn:zitadel:iam:org:project:id:zitadel:aud

Request

Base URL

https://$ZITADEL_DOMAIN/management/v1

Bearer Token

userId — path required

grantId — path required

x-zitadel-orgid — header

Accept

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

curl -L -X GET 'https://$ZITADEL_DOMAIN/management/v1/users/:userId/grants/:grantId' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

User Grant By ID​

Authorization

Request

User Grant By ID