URL | https://<baseurl>/oauth/userinfo |
---|---|
Request | GET with Authorization header |
Authentication | Default Bearer Access Token |
Request parameters | None |
Response elements | Signed JSON (JWS) according to standard |
Example | See below |
Userinfo is a standard endpoint associated with the Resource Server for the TINFO service. It constitutes a Protected Endpoint and requires a Default Bearer Access Token contain in the Authorization header of the request. Userinfo provides additional claims about an authenticated user beyond the claims that are directly contain in the ID Token.
...
The response from Userinfo is signed and should be validated accordingly.
Anchor | ||||
---|---|---|---|---|
|
The following example shows a request / response pair for the Userinfo endpoint at the BankID pilot in pre-production. The example is generated from Postman (which is configured as a client at the OIDC Provider). The value for the access token in the authorization header (Authorization: Bearer
4497db915b5b479191c81a7854a2fa8) is taken from the corresponding example for the Token endpoint.
...