Download OpenAPI specification:Download
Manage delegated access, which allows a user to perform actions on behalf of another user. These APIs allow logged-in users to request consent from other app users, grant consent requests, view all consents related to their account, and revoke any granted permissions.
To request delegated access, see OAuth2.0 Token.
To create a dependent user with delegated access, see Create users
Grant the requested consent once it's approved by the user. This will provide the requesting user (the actor) permissions to act on behalf of the user that approved the consent (the subject). Since the approving user must be logged-in, this is authorized using a user access token of the subject.
Consent has been created for the user
{- "consent_id": "string"
}{- "message": "Bad request",
- "error_code": 400
}Send a consent request to give the requesting user (the actor) permissions to act on behalf of another user (the subject) when needed. An email will be sent to the subject with a link to your consent page. The consent URI will include a query param named consent_id used to grant the consent, permissions array, and the subject's user ID as subject_id. Since this call must be initiated by a logged-in user, it's authorized using a user access token of the actor.
Consent request has been sent
{- "permissions": [
- "string"
], - "subject_id": "string",
- "consent_expiration": 0
}{- "message": "Bad request",
- "error_code": 400
}Get all the consents that were granted or requested by the specified user. This call is authorized by a user access token of this user.
The requested user permissions
{- "consents_as_actor": [
- {
- "subject_id": "string",
- "consents": [
- {
- "consent_id": "string",
- "permission": "string",
- "consent_status": "PENDING",
- "expired_on": 0
}
]
}
], - "consents_as_subject": [
- {
- "actor_id": "string",
- "consents": [
- {
- "consent_id": "string",
- "permission": "string",
- "consent_status": "PENDING",
- "expired_on": 0
}
]
}
]
}Revokes my permissions (the actor) to act on behalf of another user (the subject). This call is initiated by the actor who is logged-in, so it's authorized using a user access token.
Permissions revoked
{- "message": "Bad request",
- "error_code": 400
}Revokes permissions of another user (the actor) to act on my behalf (the subject). This call is initiated by the subject who is logged-in, so it's authorized using a user access token.
Permissions revoked
{- "message": "Bad request",
- "error_code": 400
}