OpenID Connect Userinfo

This endpoint returns the payload of the ID Token, including session.id_token values, of the provided OAuth 2.0 Access Token's consent request.

In the case of authentication error, a WWW-Authenticate header might be set in the response with more information about the error. See the spec for more details about header format.

Responses

• 200
• 401

---

Successful retrieval of user information

application/json

Schema

Example (from schema)

---

Schema

email string

End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 5.7.

first_name string

Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.

last_name string

Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.

{
  "email": "john.doe@example.com",
  "first_name": "John",
  "last_name": "Doe"
}

Unauthorized - invalid or expired access token

application/json

Schema

Example (from schema)

---

Schema

error string

Error code

error_debug string

Error Debug Information

Only available in dev mode.

error_description string

Human-readable ASCII text providing additional information about the error

error_hint string

Error Hint

Helps the user identify the error cause.

status_code int64

HTTP Status Code

{
  "error": "invalid_client",
  "error_debug": "string",
  "error_description": "Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The requested OAuth 2.0 Client does not exist.",
  "error_hint": "The redirect URL is not allowed.",
  "status_code": 401
}

Loading...