---
title: fetchTokensForUser - Shop Partners API
description: |-
  Fetch an OAuth Access and Refresh Token pair for a user. Exactly one of
  `publicId` or `consentToken` must be provided.

  When `publicId` is provided, the user's existing connection with the client
  is verified and tokens are issued for the consented scope.

  When `consentToken` is provided — a signed JWT from a Sign in with Shop flow
  granting delegated consent from a merchant's buyer connection to this partner —
  the token is verified, a delegated user connection is established, and tokens
  are issued for the delegated scope.
api_version: unstable latest
source_url:
  html: https://shopify.dev/docs/api/shop-partners/latest/mutations/fetchTokensForUser
  md: https://shopify.dev/docs/api/shop-partners/latest/mutations/fetchTokensForUser.md
---

# fetch​Tokens​For​User

mutation

Fetch an OAuth Access and Refresh Token pair for a user. Exactly one of `publicId` or `consentToken` must be provided.

When `publicId` is provided, the user's existing connection with the client is verified and tokens are issued for the consented scope.

When `consentToken` is provided — a signed JWT from a Sign in with Shop flow granting delegated consent from a merchant's buyer connection to this partner — the token is verified, a delegated user connection is established, and tokens are issued for the delegated scope.

## Arguments

* consent​Token

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  Signed JWT consent token from a Sign in with Shop flow granting delegated access. Required when not providing a public ID.

* public​Id

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  The public ID of the user. Required when not providing a consent token.

***

## Fetch​Tokens​For​User​Payload returns

* access​Token

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  AccessToken for Users API.

* expires​In

  [Int](https://shopify.dev/docs/api/shop-partners/latest/scalars/Int)

  Access Token TTL in Seconds.

* public​Id

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  The public ID of the user.

* refresh​Token

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  RefreshToken for Partners API used to get new AccessTokens.

* scope

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  The scope of the access token as issued (RFC 6749 §5.1).

* token​Type

  [String](https://shopify.dev/docs/api/shop-partners/latest/scalars/String)

  Token type, always Bearer.

* user​Errors

  [\[Fetch​Tokens​For​User​User​Error!\]!](https://shopify.dev/docs/api/shop-partners/latest/objects/FetchTokensForUserUserError)

  non-null

  List of errors that occured while executing the mutation.

***

## Examples

* ### fetchTokensForUser reference