Skip to main content
GET
/
v2
/
team.asset.list
ListShareableAssets
curl --request GET \
  --url https://api.manus.im/v2/team.asset.list \
  --header 'X-API-Key: <api-key>'
{
  "ok": true,
  "request_id": "<string>",
  "assets": [
    {
      "uid": "<string>",
      "asset_name": "<string>",
      "asset_id": "<string>",
      "shared_at": "2023-11-07T05:31:56Z",
      "last_operated_at": "2023-11-07T05:31:56Z",
      "owner_id": "<string>",
      "session_id": "<string>",
      "asset_exists": true
    }
  ],
  "total": 123,
  "limit": 123,
  "offset": 123
}
Questions or issues? Contact us at api-support@manus.ai.
Auth: Accepts either KEY_TYPE_TEAM_ASSET_AUDIT or KEY_TYPE_TEAM_ASSET_MGMT (write keys implicitly include read access). The audit row records which key type actually made the call.Asset type is required. A single call enumerates one type. To scan the full surface, call this endpoint once per AssetType.Effective vs. raw scope. The permission query filter matches the raw ShareScope stored on the share row (before admin override and global controls are applied). The permission returned in each result is the effective scope after max_permission has capped it. Admin override always wins: if a share row has an admin-set max_permission, that override is what max_permission reflects (the team’s global control is bypassed); otherwise the team’s global asset control fills in max_permission and tightens permission accordingly. See the overview for the full rule.SHARE_SCOPE_PUBLIC filter. Only matches the v1 value the asset_type writes today — see the v1↔v2 mapping. Legacy rows stored with the other v1 value will not be returned for that filter.Stale shares. Rows with asset_exists: false mean the underlying session / file / web-publish was deleted but the share record remains. They cannot be re-scoped via team.asset.update_scope.Pagination: Offset-based — limit defaults to 100, max 1000; offset defaults to 0. Use total to compute the page count.Protocols: Also callable via Connect RPC. See Protocols.

Authorizations

X-API-Key
string
header
required

Query Parameters

asset_type
enum<string>
required

Asset type to enumerate. Required. To scan every type, call this endpoint once per value.

Available options:
ASSET_TYPE_SESSION_COLLABORATION,
ASSET_TYPE_SESSION_SHARE,
ASSET_TYPE_FILE_SHARE,
ASSET_TYPE_WEBSITE_PUBLISH,
ASSET_TYPE_PROJECT_SHARE
keyword
string

Prefix match against the lowercased asset name.

owner_id
string

Limit results to assets owned by this user ID.

start_time
string<date-time>

Lower bound on shared_at (RFC3339).

end_time
string<date-time>

Upper bound on shared_at (RFC3339).

permission
enum<string>

Filter by the raw scope stored on the share row (before admin override and global controls are applied). The permission returned in the response is the effective scope, which may be tighter (e.g. global control collapses raw SHARE_SCOPE_PUBLIC to SHARE_SCOPE_TEAM_ONLY). SHARE_SCOPE_PUBLIC matches only the v1 value the asset_type writes today (v1.PUBLIC for SESSION_SHARE / FILE_SHARE / WEBSITE_PUBLISH; v1.EXTERNAL for SESSION_COLLABORATION / PROJECT_SHARE) — legacy rows stored with the other v1 value will not be returned. For DSPM scans of the truly effective state, omit this filter and post-process client-side.

Available options:
SHARE_SCOPE_OWNER,
SHARE_SCOPE_TEAM_ONLY,
SHARE_SCOPE_PUBLIC
limit
integer<int32>
default:100

Number of records to return. Defaults to 100.

Required range: 1 <= x <= 1000
Example:

100

offset
integer<int32>
default:0

Number of records to skip. Defaults to 0.

Required range: x >= 0
Example:

0

Response

Shareable assets retrieved successfully.

ok
boolean

Whether the request was successful.

Example:

true

request_id
string

Unique identifier for this API request.

assets
object[]

Page of shareable assets matching the filter.

total
integer<int32>

Total number of records matching the filter (across all pages).

limit
integer<int32>

Echo of the applied limit.

offset
integer<int32>

Echo of the applied offset.