TINFO Userinfo uses the default Access Token format of the OIDC Provider from BankID. OIDC Clients can request Access Token for a given end user by supplying appropriate scope values in an Authorize request. The Access Token must be added as an Bearer Token to subsequent requests to the Userinfo endpoint
Below is example of a valid Access Token for TINFO Userinfo. The resource designator tinfo is added to the resource_access claim of the access token to signify access to various parts of the TINFO dataset. Since TINFO Userinfo supports standardized claims, the same set of claims is also included under realm_access.
{
"jti": "a48fecfe-e4c8-48d3-9a45-b41ded932033",
"exp": 1520371229,
"nbf": 0,
"iat": 1520370929,
"iss": "https://oidc-preprod.bankidapis.no/auth/realms/preprod",
"aud": "tinfo",
"sub": "b3f4d919-8cc5-413c-9e11-3c2c675b2f8f",
"typ": "Bearer",
"azp": "oidc-testclient",
"nonce": "somecorrelationnonce",
"auth_time": 1520370929,
"session_state": "bf71d01f-3a7c-474a-92c7-6c395cb95fc6",
"name": "Frode Beckmann Nilsen",
"given_name": "Frode Beckmann",
"family_name": "Nilsen",
"birthdate": "1966-12-18",
"acr": "2",
"allowed-origins": [
""
],
"realm_access": {
"roles": [
"address",
"phone",
"profile",
"email"
]
},
"resource_access": {
"tinfo": {
"roles": [
"address",
"phone",
"profile",
"email"
]
}
},
"amr": "XID",
"preferred_username": "Nilsen, Frode Beckmann",
"bankid_altsub": "9578-600
}