Retrieve the social provider token set for the current user.

GET /api/users/{userId}/identities/{target}/secret

This API retrieves the token set record associated with the current user's social identity from the Logto Secret Vault. The operation is only available if the corresponding social connector has token set storage enabled. If a token set record exists for the user's social identity, it will be returned.

Path parameters

userId string Required

The unique identifier of the user.
target string Required

Responses

200 application/json

Token set record of the social identity. (For security reasons, encrypted token details will be omitted from the response.)
Hide response attributes Show response attributes object
- tenantId string Required
  
  Maximum length is 21.
- id string Required
  
  Minimum length is 1, maximum length is 21.
- userId string Required
  
  Minimum length is 1, maximum length is 21.
- type string("federated_token_set") Required
- metadata object Required
  
  Hide metadata attributes Show metadata attributes object
  
  scope string
  
  expiresAt number
  
  tokenType string
- createdAt number Required
- updatedAt number Required
- connectorId string Required
- identityId string Required
- target string Required
400

Bad Request
401

Unauthorized
403

Forbidden
404

User social identity not found, or no token set record exists for the user's social identity.

GET /api/users/{userId}/identities/{target}/secret

curl \
 --request GET 'https://[tenant_id].logto.app/api/users/{userId}/identities/{target}/secret' \
 --header "Authorization: Bearer $ACCESS_TOKEN"

Response examples (200)

{
  "tenantId": "string",
  "id": "string",
  "userId": "string",
  "type": "string",
  "metadata": {
    "scope": "string",
    "expiresAt": 42.0,
    "tokenType": "string"
  },
  "createdAt": 42.0,
  "updatedAt": 42.0,
  "connectorId": "string",
  "identityId": "string",
  "target": "string"
}