> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Search App Entitlements With Expired > Search app entitlements, include app users, users, expires, discovered. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples get /api/v1/apps/{app_id}/entitlements/{app_entitlement_id}/grants openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/apps/{app_id}/entitlements/{app_entitlement_id}/grants: get: tags: - App Entitlement summary: Search App Entitlements With Expired description: Search app entitlements, include app users, users, expires, discovered. operationId: >- c1.api.app.v1.AppEntitlementSearchService.SearchAppEntitlementsWithExpired parameters: - in: path name: app_id required: true schema: description: The appId field. readOnly: false type: string - in: path name: app_entitlement_id required: true schema: description: The appEntitlementId field. readOnly: false type: string - in: query name: page_size schema: description: The pageSize field. format: int32 readOnly: false type: integer - in: query name: page_token schema: description: The pageToken field. readOnly: false type: string responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.app.v1.SearchAppEntitlementsWithExpiredResponse description: >- The SearchAppEntitlementsWithExpiredResponse message contains a list of results and a nextPageToken if applicable. x-codeSamples: - lang: go label: SearchAppEntitlementsWithExpired source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.AppEntitlementSearch.SearchAppEntitlementsWithExpired(ctx, operations.C1APIAppV1AppEntitlementSearchServiceSearchAppEntitlementsWithExpiredRequest{\n AppEntitlementID: \"\",\n AppID: \"\",\n })\n if err != nil {\n log.Fatal(err)\n }\n if res.SearchAppEntitlementsWithExpiredResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.appEntitlementSearch.searchAppEntitlementsWithExpired({ appId: "", appEntitlementId: "", }); console.log(result); } run(); components: schemas: c1.api.app.v1.SearchAppEntitlementsWithExpiredResponse: description: >- The SearchAppEntitlementsWithExpiredResponse message contains a list of results and a nextPageToken if applicable. properties: list: description: The list field. items: $ref: '#/components/schemas/c1.api.app.v1.AppEntitlementWithExpired' nullable: true readOnly: false type: array nextPageToken: description: The nextPageToken field. readOnly: false type: string title: Search App Entitlements With Expired Response type: object x-speakeasy-name-override: SearchAppEntitlementsWithExpiredResponse c1.api.app.v1.AppEntitlementWithExpired: description: >- A grant with its expiry and discovery timestamps, along with the associated app user and ConductorOne user. properties: appEntitlementId: description: The ID of the app entitlement. readOnly: false type: string appId: description: The ID of the app that contains the entitlement. readOnly: false type: string appUser: $ref: '#/components/schemas/c1.api.app.v1.AppUser' appUserId: description: The ID of the app user who holds the grant. readOnly: false type: string discovered: format: date-time readOnly: false type: string expired: format: date-time readOnly: false type: string grantReasons: description: The reasons this grant was given (e.g., access request, automation). items: $ref: '#/components/schemas/c1.api.app.v1.GrantReason' nullable: true readOnly: false type: array grantSources: description: >- Entitlements that are the source of this grant (e.g., a group membership that implies a role). items: $ref: '#/components/schemas/c1.api.app.v1.AppEntitlementRef' nullable: true readOnly: false type: array user: $ref: '#/components/schemas/c1.api.user.v1.User' title: App Entitlement With Expired type: object x-speakeasy-name-override: AppEntitlementWithExpired c1.api.app.v1.AppUser: description: Application User that represents an account in the application. properties: appId: description: The ID of the application. readOnly: true type: string appUserType: description: The appplication user type. Type can be user, system or service. enum: - APP_USER_TYPE_UNSPECIFIED - APP_USER_TYPE_USER - APP_USER_TYPE_SERVICE_ACCOUNT - APP_USER_TYPE_SYSTEM_ACCOUNT readOnly: false type: string x-speakeasy-unknown-values: allow createdAt: format: date-time readOnly: true type: string deletedAt: format: date-time readOnly: true type: string displayName: description: The display name of the application user. readOnly: true type: string email: description: The email field of the application user. readOnly: true type: string emails: description: The emails field of the application user. items: type: string nullable: true readOnly: true type: array employeeIds: description: The employee IDs field of the application user. items: type: string nullable: true readOnly: true type: array id: description: A unique idenditfier of the application user. readOnly: true type: string identityUserId: description: The conductor one user ID of the account owner. readOnly: true type: string isExternal: description: The isExternal field. readOnly: true type: boolean profile: additionalProperties: true readOnly: true type: object status: $ref: '#/components/schemas/c1.api.app.v1.AppUserStatus' updatedAt: format: date-time readOnly: true type: string username: description: The username field of the application user. readOnly: true type: string usernames: description: The usernames field of the application user. items: type: string nullable: true readOnly: true type: array title: App User type: object x-speakeasy-name-override: AppUser c1.api.app.v1.GrantReason: description: The GrantReason message. properties: appEntitlementId: description: >- The ID of the app entitlement that is associated with the grant reason. readOnly: false type: string appId: description: The ID of the app that is associated with the grant reason. readOnly: false type: string appUserId: description: The ID of the app user that is associated with the grant reason. readOnly: false type: string createdAt: format: date-time readOnly: false type: string deletedAt: format: date-time readOnly: false type: string derivedIdData: description: >- This is the other part of the derived ID which include the details like ticket_id, group_id, etc. This provides the uniqueness. readOnly: false type: string derivedIdType: description: >- This is one part of the derived ID, indicating the type, like "ticket" or "group" readOnly: false type: string reasonExpiresAt: format: date-time readOnly: false type: string referenceStrength: description: >- GrantReasonReferenceStrength is used to indicate the strength of the reference to the reason. This is used to determine if a grant should be removed when all strong reasons are removed. enum: - GRANT_REASON_REFERENCE_STRENGTH_UNSPECIFIED - GRANT_REASON_REFERENCE_STRENGTH_WEAK - GRANT_REASON_REFERENCE_STRENGTH_STRONG readOnly: false type: string x-speakeasy-unknown-values: allow updatedAt: format: date-time readOnly: false type: string title: Grant Reason type: object x-speakeasy-name-override: GrantReason c1.api.app.v1.AppEntitlementRef: description: The AppEntitlementRef message. properties: appId: description: The appId field. readOnly: false type: string id: description: The id field. readOnly: false type: string title: App Entitlement Ref type: object x-speakeasy-name-override: AppEntitlementRef c1.api.user.v1.User: description: >- The User object provides all of the details for an user, as well as some configuration. properties: createdAt: format: date-time readOnly: true type: string delegatedUserId: description: >- The id of the user to whom tasks will be automatically reassigned to. readOnly: false type: string deletedAt: format: date-time readOnly: true type: string department: description: The department which the user belongs to in the organization. readOnly: true type: string departmentSources: description: >- A list of objects mapped based on department attribute mappings configured in the system. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array directoryIds: description: A list of unique ids that represent different directories. items: type: string nullable: true readOnly: true type: array directoryStatus: description: The status of the user in the directory. enum: - UNKNOWN - ENABLED - DISABLED - DELETED readOnly: true type: string x-speakeasy-unknown-values: allow directoryStatusSources: description: >- A list of objects mapped based on directoryStatus attribute mappings configured in the system. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array displayName: description: The display name of the user. readOnly: true type: string email: description: This is the user's email. readOnly: true type: string emailSources: description: A list of source data for the email attribute. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array emails: description: This is a list of all of the user's emails from app users. items: type: string nullable: true readOnly: true type: array employeeIdSources: description: A list of source data for the employee IDs attribute. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array employeeIds: description: This is a list of all of the user's employee IDs from app users. items: type: string nullable: true readOnly: true type: array employmentStatus: description: The users employment status. readOnly: true type: string employmentStatusSources: description: >- A list of objects mapped based on employmentStatus attribute mappings configured in the system. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array employmentType: description: The employment type of the user. readOnly: true type: string employmentTypeSources: description: >- A list of objects mapped based on employmentType attribute mappings configured in the system. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array id: description: A unique identifier of the user. readOnly: true type: string jobTitle: description: The job title of the user. readOnly: true type: string jobTitleSources: description: >- A list of objects mapped based on jobTitle attribute mappings configured in the system. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array managerIds: description: A list of ids of the user's managers. items: type: string nullable: true readOnly: true type: array managerSources: description: >- A list of objects mapped based on managerId attribute mappings configured in the system. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array origin: description: The origin of the user, describing who owns the user's lifecycle. enum: - USER_ORIGIN_UNSPECIFIED - USER_ORIGIN_DIRECTORY - USER_ORIGIN_LOCAL - USER_ORIGIN_SYSTEM readOnly: true type: string x-speakeasy-unknown-values: allow profile: additionalProperties: true readOnly: true type: object roleIds: description: >- A list of unique identifiers that maps to ConductorOne's user roles let you assign users permissions tailored to the work they do in the software. items: type: string nullable: true readOnly: false type: array status: description: The status of the user in the system. enum: - UNKNOWN - ENABLED - DISABLED - DELETED readOnly: false type: string x-speakeasy-unknown-values: allow type: description: The type of the user. enum: - USER_TYPE_UNSPECIFIED - USER_TYPE_SYSTEM - USER_TYPE_HUMAN - USER_TYPE_SERVICE - USER_TYPE_AGENT readOnly: true type: string x-speakeasy-unknown-values: allow updatedAt: format: date-time readOnly: true type: string username: description: >- This is the user's primary username. Typically sourced from the primary directory. readOnly: true type: string usernameSources: description: A list of source data for the usernames attribute. items: $ref: '#/components/schemas/c1.api.user.v1.UserAttributeMappingSource' nullable: true readOnly: true type: array usernames: description: This is a list of all of the user's usernames from app users. items: type: string nullable: true readOnly: true type: array title: User type: object x-speakeasy-name-override: User c1.api.app.v1.AppUserStatus: description: The satus of the applicaiton user. properties: details: description: The details of applicaiton user status. readOnly: true type: string status: description: The application user status field. enum: - STATUS_UNSPECIFIED - STATUS_ENABLED - STATUS_DISABLED - STATUS_DELETED readOnly: true type: string x-speakeasy-unknown-values: allow title: App User Status type: object x-speakeasy-name-override: AppUserStatus c1.api.user.v1.UserAttributeMappingSource: description: The UserAttributeMappingSource message. properties: appId: description: The appId field. readOnly: false type: string appUserId: description: The appUserId field. readOnly: false type: string appUserProfileAttributeKey: description: The appUserProfileAttributeKey field. readOnly: false type: string userAttributeMappingId: description: The userAttributeMappingId field. readOnly: false type: string value: description: The value field. readOnly: false type: string title: User Attribute Mapping Source type: object x-speakeasy-name-override: UserAttributeMappingSource securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````