# Access Grants Endpoint {% hint style="success" %} Added in version 2.3. {% endhint %} {% hint style="warning" %} **Developer Preview** The ESS Wallet Service endpoints are available as part of a Developer Preview program to allow early access to these features. Please be aware that these APIs may change. {% endhint %} The ESS Wallet Service provides the following endpoint for interacting with Wallet resources: ``` https://datawallet.{ESS Domain}/accessgrants ``` {% hint style="info" %} **Note** To access the **`/accessgrants`** endpoint, users must be authenticated. The endpoint supports the use of HTTP-only, secure session cookies. {% endhint %} ## List Access Grants The Wallet Service provides an endpoint that returns a list of all the Access Grants stored in the Wallet.


Method	`GET`
Content-Type	`application/json`
Endpoint	`https://datawallet.{ESS Domain}/accessgrants`
Payload	none

### Output Upon completion an array of Access Grants managed by the Wallet is returned. **Example response** ``` [ { "uuid": "3fa85f64-5717-4562-b3fc-2c963f66afa6", "identifier": "https://example.com/", "webId": "https://id.{DOMAIN}/{username}", "resource": "https://storage.example/data/MyResource", "resourceName": "MyResource", "forPurpose": "https://example.com/", "expirationDate": "2024-07-19T09:18:52.233Z", "issuedDate": "2024-07-19T09:18:52.233Z", "modes": [ "read" ], "logo": "https://images.example/logo.png", "ownerName": "Example Name", "isRDFResource": true } ] ``` The fields have the following values:

Field	Value
`uuid`	A unique identifier of this access grant.
`identifier`	The URI identifying the access grant.
`webId`	The WebID of the party requesting access to a resource.
`resource`	The URI of the resource within the Wallet to which access has been granted.
`resourceName`	The short-name of the resource to which access has been granted, without the hostname and parent path.
`forPurpose`	The URI of the document describing the purpose of this Access Grant.
`expirationDate`	The expiration date of the Access Request in ISO-8601 format.
`issuedDate`	The date of issuance of the Access Request in ISO-8601 format.
`modes`	The modes of access that will be granted if this access request is approved (e.g. `read`, `write`, `append`).
`logo`	A URI identifying a logo to associate with the party granted access to a resource (for display within the Wallet user interface).
`ownerName`	The name of the party granted access to a resource, if available.
`webId`	The WebID of the party granted access to a resource.
`isRDFResource`	Boolean value indicating whether the resource contains RDF data.

## Read Access Grant The Wallet Service provides an endpoint that returns an Access Grant managed by the Wallet.


Method	`GET`
Content-Type	`application/ld+json`
Endpoint	`https://datawallet.{ESS Domain}/accessgrants/{uuid}`
Payload	none

### Input

Path Parameter	Value
`uuid`	The UUID of the Access Grant item to read.

### Output **Example response** ``` { "@context": [ "https://www.w3.org/2018/credentials/v1", "https://schema.inrupt.com/credentials/v2.jsonld", "https://w3id.org/security/data-integrity/v1", "https://w3id.org/vc-revocation-list-2020/v1", "https://w3id.org/vc/status-list/2021/v1", "https://w3id.org/security/suites/ed25519-2020/v1" ], "id": "https://credential.example/vc/d37de1c7-99aa-4152-92dd-afeed8fcb9ac", "type": [ "VerifiableCredential", "SolidAccessGrant" ], "expirationDate": "2024-09-18T09:20:20Z", "issuanceDate": "2024-07-18T09:20:20Z", "issuer": "https://credential.example", "credentialSubject": { "id": "https://id.example/alice", "providedConsent": { "mode": "Read", "forPersonalData": "https://storage.example/ebb02f58-7708-43c8-bade-f654dc92604f/foo/bar", "forPurpose": "https://vocabulary.example/SpecificPurpose", "hasContext": "https://app.example/", "hasStatus": "ConsentStatusExplicitlyGiven", "isProvidedToController": "https://id.example/bob" } }, "credentialStatus": { "id": "https://credential.example/status/SZib#0", "type": "RevocationList2020Status", "revocationListCredential": "https://credential.example/status/SZib", "revocationListIndex": "0" }, "proof": { "type": "Ed25519Signature2020", "created": "2024-07-18T09:20:20Z", "domain": "solid", "proofPurpose": "assertionMethod", "proofValue": "ayEhvte44V3h1rn7tLTdMX...", "verificationMethod": "https://credential.example/key/c7652806-402b-364b-a920-966938f5646c" } } ``` The fields in the response are described by the [Access Grant Service](/ess/2.4/services/service-access-grant.md). ## Delete Access Grant The Wallet Service provides an endpoint to delete an Access Grant that is managed by the Wallet.


Method	`DELETE`
Content-Type	`application/json`
Endpoint	`https://datawallet.{ESS Domain}/accessgrants/{uuid}`
Payload	none

### Input

Path Parameter	Value
`uuid`	The UUID of the access grant item to be deleted.

### Output Upon completion, a status message is returned. **Example response** ``` { "message": "success" } ``` The fields have the following values:

Field	Value
`message`	A successful operation includes the string “success”.
`error`	An unsuccessful operation describes the failure category, such as “UNAUTHORIZED”.

## Revoke Access Grant The Wallet Service provides an endpoint to revoke an Access Grant that is managed by the Wallet.


Method	`PUT`
Content-Type	`application/json`
Endpoint	`https://datawallet.{ESS Domain}/accessgrants/{uuid}/revoke`
Payload	none

### Input

Path Parameter	Value
`uuid`	The UUID of the access grant to be revoked.

### Output Upon completion, a status message is returned. **Example response** ``` { "message": "success" } ``` The fields have the following values:

Field	Value
`message`	A successful operation includes the string “success”.
`error`	An unsuccessful operation describes the failure category, such as “UNAUTHORIZED”.

## Batch Revoke Access Grants The Wallet Service provides an endpoint to revoke multiple Access Grants that are managed by the Wallet.


Method	`PUT`
Content-Type	`application/json`
Endpoint	`https://datawallet.{ESS Domain}/accessgrants/revoke`
Payload	A JSON array of Access Grant UUIDs to revoke.

### Input The body of the request contains a JSON array listing the Access Grants to be revoked.

Body	Value
Content-Type	`application/json`
`uuids`	An array of strings containing the UUIDs of the Access Grants managed by the Wallet to be revoked.

**Example request** ``` { "uuids": [ "3fa85f64-5717-4562-b3fc-2c963f66afa6" ] } ``` Upon completion, a status message is returned. **Example response** ``` { "message": "success" } ``` The fields have the following values:

Field	Value
`message`	A successful operation includes the string “success”.
`error`	An unsuccessful operation describes the failure category, such as “UNAUTHORIZED”.

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.inrupt.com/ess/2.4/services/service-wallet/access-grants.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.