Get User Info API

The API Endpoint:

The OpenID Connect UserInfo specification:

You can use the UserInfo endpoint to fetch the user information for an authenticated user. To fetch the information of the authenticated user, you should invoke the UserInfo request using either HTTP GET or HTTP POST with the Access Token obtained from the OAuth /get_token API. When using the HTTP GET method (RECOMMENDED), the access token must be passed in the HTTP Authorization header as a Bearer token. If you are using the HTTP POST method, then you could either use the Authorization header or put the Access Token in the access_token field of your request body.

Sample Request:

GET /openid/v1/userinfo HTTP/1.1
Authorization: Bearer SlAV32hkKG

Sample Response:

HTTP/1.1 200 OK
Content-Type: application/json

 "sub": "FSVIDUW3D7FSVIDUW3D72F2F", # user identifier
 "name": "Jane Doe",
 "given_name": "Jane",
 "family_name": "Doe",
 "preferred_username": "j.doe",
 "email": "",
 "picture": ""

Error Response:

When an error condition occurs, the UserInfo Endpoint returns an Error Response as defined in Section 3 of OAuth 2.0 Bearer Token Usage [RFC6750]. (HTTP errors unrelated to RFC 6750 are returned to the User Agent using the appropriate HTTP status code.) In addition to the errors defined in RFC 6750, the API also returns the following transport related errors. 429 Too Many Requests - This error is returned if the load generated by the client is too high 5XX - The server is incapable of serving the request. Please try again later.

The following is a non-normative example of a UserInfo Error Response:

HTTP/1.1 401 Unauthorized
WWW-Authenticate: error="invalid_token",
 error_description="The Access Token expired"

The 429 response:

HTTP/1.1 429 Too Many Requests
WWW-Authenticate: error="EXCEEDED_PER_CLIENT_LIMIT",
 error_description="Too many user info requests”