Get a Personal-Access-Token (PAT) by ID

POST /users/:userId/pats/_search

Returns a list of PATs for a user, currently only available for machine users/service accounts. PATs are ready-to-use tokens and can be sent directly in the authentication header.

Request

Path Parameters

userId stringrequired

Header Parameters

x-zitadel-orgid string

The default is always the organization of the requesting user. If you like to get a user from another organization include the header. Make sure the requesting user has permission in the requested organization.

application/json
application/grpc
application/grpc-web+proto

Body

required

query

object

Object unspecific list filters like offset, limit and asc/desc.

offset uint64

limit int64

Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.

asc boolean

default is descending

Responses

200
default

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

details

object

totalResult uint64

processedSequence uint64

viewTimestamp date-time

the last time the view got updated

result

object[]

Array [

id string

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

expirationDate date-time

the date the token will expire

scopes string[]

scopes granted to the token

]

{
  "details": {
    "totalResult": "2",
    "processedSequence": "267831",
    "viewTimestamp": "2024-11-15T21:46:16.048Z"
  },
  "result": [
    {
      "id": "69629023906488334",
      "details": {
        "sequence": "2",
        "creationDate": "2024-11-15T21:46:16.048Z",
        "changeDate": "2024-11-15T21:46:16.048Z",
        "resourceOwner": "69629023906488334"
      },
      "expirationDate": "3019-04-01T08:45:00.000000Z",
      "scopes": [
        "openid"
      ]
    }
  ]
}

Schema
Example (from schema)

Schema

details

object

totalResult uint64

processedSequence uint64

viewTimestamp date-time

the last time the view got updated

result

object[]

Array [

id string

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

expirationDate date-time

the date the token will expire

scopes string[]

scopes granted to the token

]

{
  "details": {
    "totalResult": "2",
    "processedSequence": "267831",
    "viewTimestamp": "2024-11-15T21:46:16.050Z"
  },
  "result": [
    {
      "id": "69629023906488334",
      "details": {
        "sequence": "2",
        "creationDate": "2024-11-15T21:46:16.050Z",
        "changeDate": "2024-11-15T21:46:16.050Z",
        "resourceOwner": "69629023906488334"
      },
      "expirationDate": "3019-04-01T08:45:00.000000Z",
      "scopes": [
        "openid"
      ]
    }
  ]
}

Schema
Example (from schema)

Schema

details

object

totalResult uint64

processedSequence uint64

viewTimestamp date-time

the last time the view got updated

result

object[]

Array [

id string

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

expirationDate date-time

the date the token will expire

scopes string[]

scopes granted to the token

]

{
  "details": {
    "totalResult": "2",
    "processedSequence": "267831",
    "viewTimestamp": "2024-11-15T21:46:16.050Z"
  },
  "result": [
    {
      "id": "69629023906488334",
      "details": {
        "sequence": "2",
        "creationDate": "2024-11-15T21:46:16.050Z",
        "changeDate": "2024-11-15T21:46:16.050Z",
        "resourceOwner": "69629023906488334"
      },
      "expirationDate": "3019-04-01T08:45:00.000000Z",
      "scopes": [
        "openid"
      ]
    }
  ]
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Get a Personal-Access-Token (PAT) by ID

/users/:userId/pats/_search

Request​

Path Parameters

Header Parameters

Body

Body

Body

Responses​

Request

Responses