Credential grants - Dacard.ai

Grant another user time-bound access to your integration credentials. Used when one team member owns the OAuth connection (e.g., the GitHub admin) but other members need to read or push to the integration. Grants carry a TTL and a scope preview.

Issue a grant

curl -X POST https://app.dacard.ai/api/credential-grants \
  -H "Authorization: Bearer $DACARD_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "integrationId": "int_xyz",
    "granteeEmail": "designer@acme.com",
    "expiresInHours": 168,
    "scope": "read"
  }'

Patch or revoke a grant

curl -X PATCH https://app.dacard.ai/api/credential-grants/grnt_xyz \
  -H "Authorization: Bearer $DACARD_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "expiresInHours": 24 }'

curl -X DELETE https://app.dacard.ai/api/credential-grants/grnt_xyz \
  -H "Authorization: Bearer $DACARD_API_KEY"

Property	Value
Auth	Required
Required scope	Caller must own the integration
Idempotent	POST no. PATCH yes. DELETE yes.

Body (POST)

Field	Type	Required	Notes
`integrationId`	string	yes	Integration the grant covers.
`granteeEmail`	string	yes	Recipient email. Does not need an account yet.
`expiresInHours`	integer	yes	Grant TTL. Max 720 (30 days).
`scope`	`read` \| `write`	yes	Read or write scope on the integration.

Errors

Status	Code	When
401	`AUTH_REQUIRED`	No session.
403	`FORBIDDEN`	Caller does not own the integration.
404	`Grant not found`	Bad `id`.
500	`INTERNAL_ERROR`	Write failed.

​Issue a grant

​Patch or revoke a grant

​Body (POST)

​Errors

Issue a grant

Patch or revoke a grant

Body (POST)

Errors