# Get user active grants

**GET /api/users/{userId}/grants**

Retrieve all non-expired grants of the user. Optionally filter by application type via `appType`; when omitted, grants from all application types are returned.


## Servers
- Logto endpoint address.: https://[tenant_id].logto.app (Logto endpoint address.)


## Authentication methods
- O auth2


## Parameters

### Path parameters
- **userId** (string)
  The unique identifier of the user.

### Query parameters
- **appType** (string)
  Application type filter. Use 'thirdParty' to list third-party app grants only, or 'firstParty' to list first-party app grants only. If omitted, grants from all applications are returned.


## Responses
### 200
Return non-expired grants of the user. Results are filtered by app type when `appType` is provided.

#### Body: application/json (object)
- **grants** (array[object])


### 400
Bad Request

### 401
Unauthorized

### 403
Forbidden

### 500
Internal Server Error


[Powered by Bump.sh](https://bump.sh)