Grant-management endpoint
Resource owners use the grant-management endpoint to view, and optionally revoke, the persistent access grants they have made.
Two grant-management endpoints are provided. One is for use with parameters. This endpoint is not part of the OAuth specification, but many OAuth providers offer a similar function.
Grants associated with the USER_KEY of the authenticated user are displayed. The same attribute mappings from the authentication source to USER_KEY, which are used for the authorization endpoint, are used here to look up the user’s existing grants.
Endpoints: /as/grants.oauth2 and /as/oauth_access_grants.ping
The following table describes the available parameters for the /as/grants.oauth2 endpoint. Use only one of them as needed.
| Parameter | Description | ||
|---|---|---|---|
|
Indicates the entity ID of the connection ID of the identity provider (IdP) with whom to initiate browser single sign-on (SSO) for user authentication. |
||
|
Indicates the IdP adapter instance ID of the adapter to use for user authentication.
|
If no recent user attributes are found for the session context, the user is redirected to /as/oauth_access_grants.ping to initiate the authentication process, which behaves in the same way as the authorization endpoint.