| URL | https://<tinfo-userinfo-baseurl>/userinfo |
|---|---|
| Request |
|
| Authentication | Access Token as Bearer Token in Authorization Header |
| Success response | 200 OK with JWT containing response elements |
| Error response | 401 Unauthorized with standard error response if the bearer token is not accepted for any reason |
| Example | See below |
This method provides additional information about an end user beyond what is contained in the ID Token. The end user in question is given by the sub value contained in the access token. The implementation of userinfo is according to the OpenID Connect standard.
Response elements
Userinfo returns signed responses in JWT format. The claims contained in the encoded JWT includes supported standard TINFO claims along with the following additional claims:
| Claim | Example | Description |
|---|---|---|
iss | <tinfo-baseurl> | TINFO Resource Server |
aud | oidc-testclient | Requesting OIDC client |
Example
Userinfo request
TBC
Decoded response
{
"iss": "https://prototype.bankidnorge.no/tinfo-core-systemtest/",
"sub": "9578-6000-4-30799",
"aud": "oidc-testclient",
"name": "Frode Beckmann NIlsen",
"given_name": "Frode",
"family_name": "NIlsen",
"updated_at": 1519992419860,
"email": "frobnil@online.no",
"birthdate": "181266",
"phone_number": "95871775",
"address": {
"formatted": "Lybekkveien 11C\nOslo 0772",
"street_address": "Lybekkveien 11C",
"locality": "0772",
"postal_code": "Oslo"
}
}