4. Userinfo Endpoint
The customer's client application’s backend calls the UserInfo Endpoint to retrieve the user info in claims form.
To do so, the customer's client application needs to provide the access_token as received from the Token Endpoint in the HTTP Authorization header. The access token is only valid for a limited amount of time so this call must be done before the token is expired.
The UserInfo Endpoint can be found at the following URL:
https://<servername>/connect/userinfo
This URL can be retrieved from the Discovery Endpoint, using the key userinfo_endpoint.
Success
The Userinfo Endpoint will return an HTTP 200 response and the user claims in a plain JSON format. Content type will be application/json.
The actual contents of the response depend on the scopes given to the Authorization Endpoint and the selected Identity Provider.
Error
If the Token Request is invalid or unauthorized a response will be returned. Content type will be application/json.
The error response status code can be:
Status | Description |
---|---|
400 | In case of invalid request |
401 | In case of expired / invalid token |
403 | In case of insufficient scope |
The error response body will contain:
Parameter | Description | Use |
---|---|---|
error | The error type. | Required |
error_description | A description of the error, indicating the problem in more detail. | Optional |