Retrieve a user's social identity and associated token storage .

GET /api/users/{userId}/identities/{target}
O auth2

This API retrieves the social identity and its associated token set for the specified user from the Logto Secret Vault. The token set will only be available if token storage is enabled for the corresponding social connector.

Path parameters

  • userId string Required

    The unique identifier of the user.

  • target string Required

Query parameters

  • includeTokenSecret string

    Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret.

Responses

  • 200 application/json

    Returns the user's social identity and associated token storage.

    Hide response attributes Show response attributes object
    • identity object Required

      The user's social identity.

      Hide identity attributes Show identity attributes object
      • userId string Required
      • details object

        arbitrary

    • tokenSecret object

      The desensitized token set secret associated with the user's social identity. This field is included only if the includeTokenSecret query parameter is provided and the corresponding connector has token storage enabled.

      Hide tokenSecret attributes Show tokenSecret attributes object
      • tenantId string Required

        Maximum length is 21.

      • id string Required

        Minimum length is 1, maximum length is 21.

      • userId string Required

        Minimum length is 1, maximum length is 21.

      • type string("federated_token_set") Required
      • metadata object Required
        Hide metadata attributes Show metadata attributes object
        • scope string
        • expiresAt number
        • tokenType string
        • hasRefreshToken boolean Required
      • createdAt number Required
      • updatedAt number Required
      • connectorId string Required
      • identityId string Required
      • target string Required
  • 400

    Bad Request

  • 401

    Unauthorized

  • 403

    Forbidden

  • 404

    User social identity not found.

GET /api/users/{userId}/identities/{target} 
curl \
 --request GET 'https://[tenant_id].logto.app/api/users/{userId}/identities/{target}' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200) 
{
  "identity": {
    "userId": "string",
    "details": {}
  },
  "tokenSecret": {
    "tenantId": "string",
    "id": "string",
    "userId": "string",
    "type": "string",
    "metadata": {
      "scope": "string",
      "expiresAt": 42.0,
      "tokenType": "string",
      "hasRefreshToken": true
    },
    "createdAt": 42.0,
    "updatedAt": 42.0,
    "connectorId": "string",
    "identityId": "string",
    "target": "string"
  }
}