The User Access Token API call is an open-ended question for a specific user, returning the list of allowed assets and their associated actions for a specific application. The API presents a generic request based primarily on the Identity and will return all requested Assets and Actions that are configured for this user in a single token. This API enables the scope to cache the list of authorized Assets for a user within the Application session, thus reducing the overall performance involved in enforcing access.
Notice
When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP LocationFor more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.
Unique identifier of the Identity
Client ID of the Scope
Client Secret ID of the Scope
Identity Template ID
IP address to be used when validating a policy. Ensure that your IP Ranges are correct based on an IP calculator. If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header).
Show/hide the identity attribute of the identity in the response.
Show/hide the asset attribute of the assets in the response.
Because the full payload of the response can be very large, this parameter enables you to decrease the payload size by including a list of Asset Types and their attributes, that will return in the response. If not specified, all resources from all resource types will be included.
OK
Bad Request
Unauthorized
Forbidden
Not Found
Internal Server Error
Not Implemented