Grant-management endpoint
Resource owners use the grant-management endpoint to view, and optionally revoke, the persistent access grants they have made.
Two grant-management endpoints are provided. One is for use with parameters. This endpoint is not part of the OAuth specification, but many OAuth providers offer a similar function.
Grants associated with the USER_KEY
of the authenticated user are displayed. The same attribute mappings from the authentication source to USER_KEY
, which are used for the authorization endpoint, are used here to look up the user’s existing grants.
Endpoints: /as/grants.oauth2 and /as/oauth_access_grants.ping
The following table describes the available parameters for the /as/grants.oauth2
endpoint. Use only one of them as needed.
Parameter | Description | ||
---|---|---|---|
|
Indicates the entity ID of the connection ID of the identity provider (IdP) with whom to initiate browser single sign-on (SSO) for user authentication. |
||
|
Indicates the IdP adapter instance ID of the adapter to use for user authentication.
|
If no recent user attributes are found for the session context, the user is redirected to /as/oauth_access_grants.ping
to initiate the authentication process, which behaves in the same way as the authorization endpoint.