OpenID Connect UserInfo Endpoint
This OpenID Connect endpoint is to request user information using an Access Token.
GET /{tenant}/oauth2/v1/userinfo
POST /{tenant}/oauth2/v1/userinfo
For more information on OpenID Connect see the specifications
Requesting User Info
Request
GET /{tenant}/oauth2/v1/userinfo
Authorization: Bearer SlAV32hkKG
Response
If the request is successful, The Identity Hub returns the User Info as a JSON object
HTTP/1.1 200 OK
Content-Type: application/json
{
"sub": "248289761001",
"name": "Jane Doe",
"given_name": "Jane",
"family_name": "Doe",
"preferred_username": "j.doe",
"email": "janedoe@example.com",
"picture": "http://example.com/janedoe/me.jpg"
}
The following information is always returned by the UserInfo endpoint (if available for the user), regardless of the App configuration:
| Attribute Name | Description |
|---|---|
| gender | |
| family_name | |
| given_name | |
| sub | Unique Id of the Identity |
| unique_name | Given name plus surname |
| locale | |
| ppid | Unique Id of the Identity |
| role | |
| nickname | Given name. If given name is not available the surname |
| name | Display name |
| picture | |
| email_verified | |
| preferred_username | Display name |
| phone_number_verified | |
| phone_number | |
| birthdate |
Other information is only returned when the information is set as available and present in the token/assertion in the App configuration.
To retrieve information that is not available using the UserInfo endpoint use the Introspection endpoint.
Handling errors
If the specified Access Token of the request is invalid or the Access Token has expired, The Identity Hub will respond with an error.
error="invalid_token",