> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # List App Users For Identity With Grant > Returns a list of app users for the identity in the app. If that app user also has a grant to the entitlement from the request, data about the grant is also returned. It will always return ALL app users for this identity, but only SOME may have grant data. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples get /api/v1/apps/{app_id}/entitlements/{app_entitlement_id}/users/{identity_user_id}/grants openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/apps/{app_id}/entitlements/{app_entitlement_id}/users/{identity_user_id}/grants: get: tags: - App Entitlement User Binding summary: List App Users For Identity With Grant description: >- Returns a list of app users for the identity in the app. If that app user also has a grant to the entitlement from the request, data about the grant is also returned. It will always return ALL app users for this identity, but only SOME may have grant data. operationId: >- c1.api.app.v1.AppEntitlementUserBindingService.ListAppUsersForIdentityWithGrant parameters: - in: path name: app_id required: true schema: description: The appId field. readOnly: false type: string - in: path name: app_entitlement_id required: true schema: description: The appEntitlementId field. readOnly: false type: string - in: path name: identity_user_id required: true schema: description: The identityUserId field. readOnly: false type: string responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.app.v1.ListAppUsersForIdentityWithGrantResponse description: Successful response x-codeSamples: - lang: go label: ListAppUsersForIdentityWithGrant source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.AppEntitlementUserBinding.ListAppUsersForIdentityWithGrant(ctx, operations.C1APIAppV1AppEntitlementUserBindingServiceListAppUsersForIdentityWithGrantRequest{\n AppEntitlementID: \"\",\n AppID: \"\",\n IdentityUserID: \"\",\n })\n if err != nil {\n log.Fatal(err)\n }\n if res.ListAppUsersForIdentityWithGrantResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.appEntitlementUserBinding.listAppUsersForIdentityWithGrant({ appId: null, appEntitlementId: "", identityUserId: "", }); console.log(result); } run(); components: schemas: c1.api.app.v1.ListAppUsersForIdentityWithGrantResponse: description: The ListAppUsersForIdentityWithGrantResponse message. properties: bindings: description: |- The list of app users that may also have grant information. Without a grant, only the tenant, app, and app user ID will be set. With a grant, the whole struct is populated items: $ref: '#/components/schemas/c1.api.app.v1.AppEntitlementUserBinding' nullable: true readOnly: false type: array title: List App Users For Identity With Grant Response type: object x-speakeasy-name-override: ListAppUsersForIdentityWithGrantResponse c1.api.app.v1.AppEntitlementUserBinding: description: >- The AppEntitlementUserBinding represents the relationship that gives an app user access to an app entitlement properties: appEntitlementId: description: The ID of the app entitlement that the app user has access to readOnly: false type: string appId: description: The ID of the app associated with the app entitlement readOnly: false type: string appUserId: description: The ID of the app user that has access to the app entitlement readOnly: false type: string createdAt: format: date-time readOnly: true type: string deletedAt: format: date-time readOnly: true type: string deprovisionAt: format: date-time readOnly: true type: string grantSources: description: The grantSources field. items: $ref: '#/components/schemas/c1.api.app.v1.AppEntitlementRef' nullable: true readOnly: false type: array title: App Entitlement User Binding type: object x-speakeasy-name-override: AppEntitlementUserBinding c1.api.app.v1.AppEntitlementRef: description: The AppEntitlementRef message. properties: appId: description: The appId field. readOnly: false type: string id: description: The id field. readOnly: false type: string title: App Entitlement Ref type: object x-speakeasy-name-override: AppEntitlementRef securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````