> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://help.sigmacomputing.com/llms.txt.
> For AI client integration (Claude Code, Cursor, etc.), connect to the MCP server at https://help.sigmacomputing.com/_mcp/server.

# List grants

GET https://api.sigmacomputing.com/v2/grants

List all grants for a given object.

  ### Usage notes

  You can specify one of the following:

  - A user by userId. Retrieve the **userId** by calling the [/v2/members](https://help.sigmacomputing.com/reference/list-members) endpoint and using the `memberId` included in the response.
  - A team by teamId. Retrieve the **teamId** by calling the [/v2/teams](https://help.sigmacomputing.com/reference/list-teams) endpoint.
  - A document (such as a workbook, report, data model, or dataset (deprecated)), folder, or workspace by inodeId.
    - Retrieve the **inodeId** by calling the [/v2/files](https://help.sigmacomputing.com/reference/list-files) endpoint and using the `id` included in the response.
    - Retrieve the **inodeId** for a data model by calling the [/v2/dataModels](https://help.sigmacomputing.com/reference/list-data-models) endpoint and using the `dataModelId` included in the response.

  ### Usage scenarios
  - **Manage inherited permissions**: Identify files and folders that have permissions directly granted to them.
  - **Review long-lived permissions**: Audit permissions granted more than a year ago and determine if they are still needed.
    

Reference: https://help.sigmacomputing.com/reference/list-grants

## OpenAPI Specification

```yaml
openapi: 3.1.0
info:
  title: sigma-rest-api
  version: 1.0.0
paths:
  /v2/grants:
    get:
      operationId: listGrants
      summary: List grants
      description: |-
        List all grants for a given object.

          ### Usage notes

          You can specify one of the following:

          - A user by userId. Retrieve the **userId** by calling the [/v2/members](https://help.sigmacomputing.com/reference/list-members) endpoint and using the `memberId` included in the response.
          - A team by teamId. Retrieve the **teamId** by calling the [/v2/teams](https://help.sigmacomputing.com/reference/list-teams) endpoint.
          - A document (such as a workbook, report, data model, or dataset (deprecated)), folder, or workspace by inodeId.
            - Retrieve the **inodeId** by calling the [/v2/files](https://help.sigmacomputing.com/reference/list-files) endpoint and using the `id` included in the response.
            - Retrieve the **inodeId** for a data model by calling the [/v2/dataModels](https://help.sigmacomputing.com/reference/list-data-models) endpoint and using the `dataModelId` included in the response.

          ### Usage scenarios
          - **Manage inherited permissions**: Identify files and folders that have permissions directly granted to them.
          - **Review long-lived permissions**: Audit permissions granted more than a year ago and determine if they are still needed.
            
      tags:
        - Grants
      parameters:
        - name: page
          in: query
          required: false
          schema:
            type: string
        - name: limit
          in: query
          required: false
          schema:
            type: number
            format: double
        - name: inodeId
          in: query
          required: false
          schema:
            type: string
        - name: teamId
          in: query
          required: false
          schema:
            type: string
        - name: userId
          in: query
          required: false
          schema:
            type: string
        - name: directGrantsOnly
          in: query
          required: false
          schema:
            type: boolean
        - name: Authorization
          in: header
          description: OAuth authentication
          required: true
          schema:
            type: string
      responses:
        '200':
          description: The response body.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/grants_listGrants_Response_200'
servers:
  - url: https://api.sigmacomputing.com
    description: Server for GCP (US) hosted organizations
  - url: https://api.sa.gcp.sigmacomputing.com
    description: Server for GCP (KSA) hosted organizations
  - url: https://aws-api.sigmacomputing.com
    description: Server for AWS US (West) hosted organizations
  - url: https://api.us-a.aws.sigmacomputing.com
    description: Server for AWS US (East) hosted organizations
  - url: https://api.ca.aws.sigmacomputing.com
    description: Server for AWS Canada hosted organizations
  - url: https://api.eu.aws.sigmacomputing.com
    description: Server for AWS Europe hosted organizations
  - url: https://api.au.aws.sigmacomputing.com
    description: Server for AWS Australia and APAC hosted organizations
  - url: https://api.uk.aws.sigmacomputing.com
    description: Server for AWS UK hosted organizations
  - url: https://api.us.azure.sigmacomputing.com
    description: Server for Azure US hosted organizations
  - url: https://api.eu.azure.sigmacomputing.com
    description: Server for Azure Europe hosted organizations
  - url: https://api.ca.azure.sigmacomputing.com
    description: Server for Azure Canada hosted organizations
  - url: https://api.uk.azure.sigmacomputing.com
    description: Server for Azure United Kingdom hosted organizations
  - url: https://api.au.azure.sigmacomputing.com
    description: Server for Azure Australia hosted organizations
components:
  schemas:
    V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission0:
      type: string
      enum:
        - admin
        - annotate
        - update
        - usage
        - writeback
      description: 'Valid inode types: table, connection database, and connection schema.'
      title: V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission0
    V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission1:
      type: string
      enum:
        - create
        - annotate
        - organize
        - explore
        - view
        - edit
        - apply
      description: >-
        Valid inode types: folder, workspace, workbook, dataset, and data model.
        Can Contribute permissions are listed as **organize** and Can Manage
        permissions are listed as **edit**.
      title: V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission1
    V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission2:
      type: string
      enum:
        - view
        - edit
        - apply
      description: 'Valid inode types: version tag.'
      title: V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission2
    V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission:
      oneOf:
        - $ref: >-
            #/components/schemas/V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission0
        - $ref: >-
            #/components/schemas/V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission1
        - $ref: >-
            #/components/schemas/V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission2
      description: The permission granted to the member
      title: V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission
    V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsInodeType:
      type: string
      enum:
        - folder
        - customFunction
        - symlink
        - versionTag
        - worksheet
        - block
        - dashboard
        - report
        - table
        - semanticView
        - metricView
        - scope
        - sql
        - workbook
        - template
        - dataset
        - datafile
        - storedProcedure
        - apiConnector
        - apiConnectorAuth
        - mcpConnector
        - warehouseAgent
        - agentSkill
        - tlsProfile
      title: V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsInodeType
    V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItems:
      type: object
      properties:
        grantId:
          type: string
          description: The unique identifier of the grant
        inodeId:
          type: string
          description: The unique identifier of the inode
        organizationId:
          type: string
          description: The unique identifier of the organization
        memberId:
          type:
            - string
            - 'null'
          description: The unique identifier of the member
        teamId:
          type:
            - string
            - 'null'
          description: The unique identifier of the team
        permission:
          $ref: >-
            #/components/schemas/V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsPermission
          description: The permission granted to the member
        createdBy:
          type: string
          description: The identifier of the user who created this grant
        updatedBy:
          type: string
          description: The identifier of the user or process that last updated this grant
        createdAt:
          type: string
          format: date-time
          description: When the grant was created
        updatedAt:
          type: string
          format: date-time
          description: When the grant was last updated
        inodeType:
          $ref: >-
            #/components/schemas/V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItemsInodeType
      required:
        - grantId
        - inodeId
        - organizationId
        - memberId
        - teamId
        - permission
        - createdBy
        - updatedBy
        - createdAt
        - updatedAt
        - inodeType
      title: V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItems
    grants_listGrants_Response_200:
      type: object
      properties:
        entries:
          type: array
          items:
            $ref: >-
              #/components/schemas/V2GrantsGetResponsesContentApplicationJsonSchemaEntriesItems
          description: Array of results returned by the endpoint
        nextPage:
          type:
            - string
            - 'null'
          description: >-
            Returns a string that can be used as the `page` parameter in the
            next request to fetch the next page of results. The last page of
            results returns `null`.
        total:
          type: number
          format: double
          description: >-
            Total number of results. Useful to determine if there is a need to
            paginate.
        hasMore:
          type: boolean
          description: '**[Deprecated]** Indicates whether more results are available.'
      required:
        - entries
        - nextPage
      title: grants_listGrants_Response_200
  securitySchemes:
    OAuth:
      type: http
      scheme: bearer
      description: OAuth 2.0 authentication

```

## Examples



**Request**

```json
{}
```

**Response**

```json
{
  "entries": [
    {
      "grantId": "a3f1c9d2-4b7e-4f8a-9c2d-1e2f3a4b5c6d",
      "inodeId": "7f8e9d0c-1234-5678-9abc-def012345678",
      "organizationId": "org-9876543210",
      "memberId": "user-1234567890",
      "teamId": null,
      "permission": "edit",
      "createdBy": "admin-001",
      "updatedBy": "admin-002",
      "createdAt": "2024-01-15T09:30:00Z",
      "updatedAt": "2024-04-10T14:45:00Z",
      "inodeType": "folder"
    }
  ],
  "nextPage": "eyJwYWdlIjoiMg==",
  "total": 25,
  "hasMore": true
}
```

**SDK Code**

```python
import requests

url = "https://api.sigmacomputing.com/v2/grants"

payload = {}
headers = {
    "Authorization": "<token>.",
    "Content-Type": "application/json"
}

response = requests.get(url, json=payload, headers=headers)

print(response.json())
```

```javascript
const url = 'https://api.sigmacomputing.com/v2/grants';
const options = {
  method: 'GET',
  headers: {Authorization: '<token>.', 'Content-Type': 'application/json'},
  body: '{}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}
```

```go
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://api.sigmacomputing.com/v2/grants"

	payload := strings.NewReader("{}")

	req, _ := http.NewRequest("GET", url, payload)

	req.Header.Add("Authorization", "<token>.")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
```

```ruby
require 'uri'
require 'net/http'

url = URI("https://api.sigmacomputing.com/v2/grants")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["Authorization"] = '<token>.'
request["Content-Type"] = 'application/json'
request.body = "{}"

response = http.request(request)
puts response.read_body
```

```java
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;

HttpResponse<String> response = Unirest.get("https://api.sigmacomputing.com/v2/grants")
  .header("Authorization", "<token>.")
  .header("Content-Type", "application/json")
  .body("{}")
  .asString();
```

```php
<?php
require_once('vendor/autoload.php');

$client = new \GuzzleHttp\Client();

$response = $client->request('GET', 'https://api.sigmacomputing.com/v2/grants', [
  'body' => '{}',
  'headers' => [
    'Authorization' => '<token>.',
    'Content-Type' => 'application/json',
  ],
]);

echo $response->getBody();
```

```csharp
using RestSharp;

var client = new RestClient("https://api.sigmacomputing.com/v2/grants");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "<token>.");
request.AddHeader("Content-Type", "application/json");
request.AddParameter("application/json", "{}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
```

```swift
import Foundation

let headers = [
  "Authorization": "<token>.",
  "Content-Type": "application/json"
]
let parameters = [] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://api.sigmacomputing.com/v2/grants")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error as Any)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
```