> ## Documentation Index
> Fetch the complete documentation index at: https://docs.swippee.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Read granted data

> Read only the scopes the consumer granted. The access token goes in the X-Swippee-Access-Token header, never the URL. Optionally pass `?include=` to fetch only a subset of the granted scopes (data minimization) — the response is granted ∩ requested and can never exceed what was granted.



## OpenAPI

````yaml /openapi.json get /v1/grants/{id}/data
openapi: 3.1.0
info:
  title: Swippee API
  version: 1.0.0
  description: >-
    Convert Nepali bank statement PDFs into structured financial data, derive
    lending products from a parse, and read Nepal's public-sector financial
    datasets — over one REST API.
servers:
  - url: https://api.swippee.com
    description: Production
security:
  - bearerAuth: []
paths:
  /v1/grants/{id}/data:
    get:
      tags:
        - Connect
      summary: Read granted data
      description: >-
        Read only the scopes the consumer granted. The access token goes in the
        X-Swippee-Access-Token header, never the URL. Optionally pass
        `?include=` to fetch only a subset of the granted scopes (data
        minimization) — the response is granted ∩ requested and can never exceed
        what was granted.
      operationId: getGrantData
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
        - name: X-Swippee-Access-Token
          in: header
          required: true
          schema:
            type: string
          example: swac_...
        - name: include
          in: query
          required: false
          schema:
            type: string
          description: >-
            Comma-separated subset of granted scopes to return, e.g.
            `income,verify`.
          example: income,verify
      responses:
        '200':
          description: Granted data
          content:
            application/json:
              schema:
                type: object
                properties:
                  scopes:
                    type: array
                    items:
                      type: string
                  data:
                    type: object
        '401':
          $ref: '#/components/responses/Unauthorized'
components:
  responses:
    Unauthorized:
      description: Authentication failed
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  schemas:
    Error:
      type: object
      description: >-
        Flat, industry-standard error envelope. Branch on error_code, not the
        HTTP status.
      properties:
        error_type:
          type: string
          example: AUTHENTICATION_ERROR
        error_code:
          type: string
          example: INVALID_API_KEY
        error_message:
          type: string
          example: Unknown API key.
        display_message:
          type: string
          nullable: true
          example: null
        request_id:
          type: string
          example: req_8f3c9b2e4a1d4f7c9e0b1a2c3d4e5f60
        documentation_url:
          type: string
          example: https://docs.swippee.com/concepts/errors#invalid_api_key
        suggested_action:
          type: string
          example: Check your API key in the Authorization header.
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        Your API key from the dashboard, sent as `Authorization: Bearer
        swippee_sk_live_...`.

````