# List access grant candidates

Returns all company users, teams, and installed apps that can receive record access on an object.

Endpoint: GET /api/v2/objects/access-grant/candidates
Version: 2.0
Security: Bearer Authentication

## Response 200 fields (application/json):

  - `message` (string)
    A message detailing the result of the operation.
    Example: "Success"

  - `data` (object)
    The data payload of the response, if any.

  - `data.users` (array)
    Company users with HAS_ACCESS_TO

  - `data.users.uuid` (string)
    UUID of the principal

  - `data.users.label` (string)
    Primary display label

  - `data.users.subtitle` (string)
    Secondary line (e.g. email)

  - `data.teams` (array)
    Teams in the tenant

  - `data.teams.uuid` (string)
    UUID of the principal

  - `data.teams.label` (string)
    Primary display label

  - `data.teams.subtitle` (string)
    Secondary line (e.g. email)

  - `data.apps` (array)
    Apps installed for the current company

  - `data.apps.uuid` (string)
    UUID of the principal

  - `data.apps.label` (string)
    Primary display label

  - `data.apps.subtitle` (string)
    Secondary line (e.g. email)