See api-docs Menu

Get User Apps

Use this API to get a list of apps that are assigned to a given user.

Resource URL


Header Parameters




Set to bearer:<access_token>.

Set <access_token> to the access token you generated using the Generate Token API.

The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using any one of the following scopes: Read Users, Manage users, Read All, or Manage All.

Resource Parameters




Set to the id of the user that you want to return apps for.

If you don’t know the user’s id, use the List Users API call to return all users and their id values.

Query Parameters



Defaults to `false`. When `true` will all apps that are assigned to a user regardless of their portal visibility setting.

Sample Responses

      "id": 1127385,
      "icon_url": "/images/missing_connector_icon/square/mobile_50.png",
      "extension": false,
      "login_id": 415930448,
      "name": "OIDC Basic",
      "provisioning_status": "enabled",
      "provisioning_state": "unknown",
      "provisioning_enabled": false
      "id": 1181288,
      "icon_url": "",
      "extension": false,
      "login_id": 571984693,
      "name": "Amazon Web Services (AWS) Multi Role",
      "provisioning_status": "enabled",
      "provisioning_state": "unknown",
      "provisioning_enabled": false

Typically, this error means that your access token value is invalid.

    "message": "Unauthorized",
    "name": "UnauthorizedError",
    "statusCode": 401
    "message": "The resource with the given id could not be found",
    "name": "NotFoundError",
    "statusCode": 404

Response Elements

id The App ID
icon_url A url for the icon that represents the app in the OneLogin portal
extension Boolean that indicates if the OneLogin browser extension is required to launch this app.
login_id Unqiue identifier for this user and app combination.
name The name of the app.
provisioning_status One of
  • enabling
  • disabling
  • enabling_pending_approval
  • disabling_pending_approval
  • enabled
  • disabled
  • disabling_failed
  • enabling_failed
provisioning_state If provisioning is enabled this indicates the state of provisioning for the given user. Will be one of
  • unknown
  • provisioning
  • modifying
  • deleting
  • provisioning_pending_approval
  • deleting_pending_approval
  • modifying_pending_approval
  • linking
  • provisioned
  • deleted
  • modifying_failed
  • provisioning_failed
  • deleting_failed
  • linking_failed
  • disabled
  • nonexistent
  • modifying_pending_approval_then_disabled
provisioning_enabled Boolean true/false to indicate if provisioning was enabled on this app.

Postman Collection

Replace sample variables indicated by {{ }} with your actual values.

Run in Postman

    Clicking Run in Postman button navigates to the page where you can fork the collection to your workspace. Forking the collection into your workspace will enable you to contribute to the source collection using pull requests. You can also view the collection in a public workspace if you like and even import a copy of the collection using the links present on the screen.

Sample Code


Replace sample values indicated by < > with your actual values.

curl 'https://<subdomain>/api/2/users/<id>/apps' \
-X GET \
-H "Authorization: bearer <access_token>"

Have a Question?

Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.