SearchGrants
package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.AppEntitlementSearch.SearchGrants(ctx, nil)
if err != nil {
log.Fatal(err)
}
if res.AppEntitlementSearchServiceSearchGrantsResponse != nil {
// handle response
}
}{
"expanded": [
{
"@type": "<string>"
}
],
"list": [
{
"appEntitlementUserBinding": {
"appEntitlementUserBindingCreatedAt": "2023-11-07T05:31:56Z",
"appEntitlementUserBindingDeprovisionAt": "2023-11-07T05:31:56Z",
"appUser": {
"appPath": "<string>",
"appUser": {
"appId": "<string>",
"appUserType": "APP_USER_TYPE_UNSPECIFIED",
"createdAt": "2023-11-07T05:31:56Z",
"deletedAt": "2023-11-07T05:31:56Z",
"displayName": "<string>",
"email": "<string>",
"emails": [
"<string>"
],
"employeeIds": [
"<string>"
],
"id": "<string>",
"identityUserId": "<string>",
"isExternal": true,
"profile": {},
"status": {
"details": "<string>",
"status": "STATUS_UNSPECIFIED"
},
"updatedAt": "2023-11-07T05:31:56Z",
"username": "<string>",
"usernames": [
"<string>"
]
},
"identityUserPath": "<string>",
"lastUsagePath": "<string>"
},
"grantSources": [
{
"appId": "<string>",
"id": "<string>"
}
],
"originatingTicketId": "<string>"
},
"entitlement": {
"appEntitlement": {
"alias": "<string>",
"appId": "<string>",
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": [
"<string>"
],
"createdAt": "2023-11-07T05:31:56Z",
"defaultValuesApplied": true,
"deletedAt": "2023-11-07T05:31:56Z",
"deprovisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"description": "<string>",
"displayName": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": true,
"emergencyGrantPolicyId": "<string>",
"externalId": "<string>",
"grantCount": "<string>",
"grantPolicyId": "<string>",
"id": "<string>",
"isAutomationEnabled": true,
"isManuallyManaged": true,
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": true,
"provisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"purpose": "APP_ENTITLEMENT_PURPOSE_VALUE_UNSPECIFIED",
"requestSchemaId": "<string>",
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>",
"sourceConnectorIds": {},
"systemBuiltin": true,
"updatedAt": "2023-11-07T05:31:56Z",
"userEditedMask": "<string>"
},
"appPath": "<string>",
"appResourcePath": "<string>",
"appResourceTypePath": "<string>",
"objectPermissions": {
"delete": true,
"edit": true,
"extra": {},
"read": true
}
}
}
],
"nextPageToken": "<string>"
}App Entitlement
Search Grants
Search grants (user-to-entitlement bindings) across apps, with filters for app, user, resource type, and entitlement.
POST
/
api
/
v1
/
search
/
grants
SearchGrants
package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.AppEntitlementSearch.SearchGrants(ctx, nil)
if err != nil {
log.Fatal(err)
}
if res.AppEntitlementSearchServiceSearchGrantsResponse != nil {
// handle response
}
}{
"expanded": [
{
"@type": "<string>"
}
],
"list": [
{
"appEntitlementUserBinding": {
"appEntitlementUserBindingCreatedAt": "2023-11-07T05:31:56Z",
"appEntitlementUserBindingDeprovisionAt": "2023-11-07T05:31:56Z",
"appUser": {
"appPath": "<string>",
"appUser": {
"appId": "<string>",
"appUserType": "APP_USER_TYPE_UNSPECIFIED",
"createdAt": "2023-11-07T05:31:56Z",
"deletedAt": "2023-11-07T05:31:56Z",
"displayName": "<string>",
"email": "<string>",
"emails": [
"<string>"
],
"employeeIds": [
"<string>"
],
"id": "<string>",
"identityUserId": "<string>",
"isExternal": true,
"profile": {},
"status": {
"details": "<string>",
"status": "STATUS_UNSPECIFIED"
},
"updatedAt": "2023-11-07T05:31:56Z",
"username": "<string>",
"usernames": [
"<string>"
]
},
"identityUserPath": "<string>",
"lastUsagePath": "<string>"
},
"grantSources": [
{
"appId": "<string>",
"id": "<string>"
}
],
"originatingTicketId": "<string>"
},
"entitlement": {
"appEntitlement": {
"alias": "<string>",
"appId": "<string>",
"appResourceId": "<string>",
"appResourceTypeId": "<string>",
"certifyPolicyId": "<string>",
"complianceFrameworkValueIds": [
"<string>"
],
"createdAt": "2023-11-07T05:31:56Z",
"defaultValuesApplied": true,
"deletedAt": "2023-11-07T05:31:56Z",
"deprovisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"description": "<string>",
"displayName": "<string>",
"durationGrant": "<string>",
"durationUnset": {},
"emergencyGrantEnabled": true,
"emergencyGrantPolicyId": "<string>",
"externalId": "<string>",
"grantCount": "<string>",
"grantPolicyId": "<string>",
"id": "<string>",
"isAutomationEnabled": true,
"isManuallyManaged": true,
"matchBatonId": "<string>",
"overrideAccessRequestsDefaults": true,
"provisionerPolicy": {
"action": {
"actionName": "<string>",
"appId": "<string>",
"connectorId": "<string>",
"displayName": "<string>"
},
"connector": {
"account": {
"config": {},
"connectorId": "<string>",
"doNotSave": {},
"saveToVault": {
"vaultIds": [
"<string>"
]
},
"schemaId": "<string>"
},
"defaultBehavior": {
"connectorId": "<string>"
},
"deleteAccount": {
"connectorId": "<string>"
}
},
"delegated": {
"appId": "<string>",
"entitlementId": "<string>",
"implicit": true
},
"externalTicket": {
"appId": "<string>",
"connectorId": "<string>",
"externalTicketProvisionerConfigId": "<string>",
"instructions": "<string>"
},
"manual": {
"assignee": {
"appOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"entitlementOwners": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"expression": {
"allowReassignment": true,
"expressions": [
"<string>"
],
"fallbackUserIds": [
"<string>"
]
},
"group": {
"allowReassignment": true,
"appGroupId": "<string>",
"appId": "<string>",
"fallbackUserIds": [
"<string>"
]
},
"manager": {
"allowReassignment": true,
"fallbackUserIds": [
"<string>"
]
},
"users": {
"allowReassignment": true,
"userIds": [
"<string>"
]
}
},
"instructions": "<string>",
"userIds": [
"<string>"
]
},
"multiStep": {
"provisionSteps": "<array>"
},
"unconfigured": {},
"webhook": {
"webhookId": "<string>"
}
},
"purpose": "APP_ENTITLEMENT_PURPOSE_VALUE_UNSPECIFIED",
"requestSchemaId": "<string>",
"revokePolicyId": "<string>",
"riskLevelValueId": "<string>",
"slug": "<string>",
"sourceConnectorIds": {},
"systemBuiltin": true,
"updatedAt": "2023-11-07T05:31:56Z",
"userEditedMask": "<string>"
},
"appPath": "<string>",
"appResourcePath": "<string>",
"appResourceTypePath": "<string>",
"objectPermissions": {
"delete": true,
"edit": true,
"extra": {},
"read": true
}
}
}
],
"nextPageToken": "<string>"
}Documentation Index
Fetch the complete documentation index at: https://conductorone-ian-account-to-user-pipeline.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.
Body
application/json
The AppEntitlementSearchServiceSearchGrantsRequest message.
Search for grants contained in any of these apps.
Search for grants that are granted to any of these app user ids.
Search for grants of an entitlement
Show child attributes
Show child attributes
Filter for entitlements whose slug is in this list (e.g. "enrollment" for access profiles)
The app entitlement expand mask allows the user to get additional information when getting responses containing app entitlement views.
Show child attributes
Show child attributes
The pageSize where 0 <= pageSize <= 100. Values < 10 will be set to 10. A value of 0 returns the default page size (currently 25)
The pageToken field.
Filter for entitlements with these purposes (e.g., ASSIGNMENT for membership entitlements)
Available options:
APP_ENTITLEMENT_PURPOSE_VALUE_UNSPECIFIED, APP_ENTITLEMENT_PURPOSE_VALUE_ASSIGNMENT, APP_ENTITLEMENT_PURPOSE_VALUE_PERMISSION, APP_ENTITLEMENT_PURPOSE_VALUE_OWNERSHIP Search for grants within a resource.
Search grants for given resource types.
Search for grants of a user
Response
200 - application/json
Successful response
Was this page helpful?
⌘I
Assistant
Responses are generated using AI and may contain mistakes.