UserInfo Endpoint is used for getting Resource Owner's claims. A client can send a request to UserInfo endpoint with a valid access token and get the claims that are authorized by Resource Owner to share.
Endpoint URL: https://<Identity Server URL: Port Number>/nidp/oauth/nam/userinfo
Request method: GET and POST
The clients or resource servers can invoke the request to UserInfo Endpoint by including the access token in the authorization header as given below:
Authorization: Bearer access_token
The UserInfo endpoint returns the claims associated with the access token in a JSON object as given in the response values.
Parameter |
Description |
---|---|
sub |
Unique ID identifying the subject. This will be GUID of the user. |
The other claims are included as values in JSON object if the access token contains the necessary scope and user has authorized the client to access the claim. For example, if the client has requested "email" scope, the UserInfo endpoint will return following value: |
|
Request:
GET /nidp/oauth/nam/userinfo HTTP/1.1 User-Agent: curl/7.41.0 Host: www.idp.com:8443 Accept: / Authorization: Bearer /wEBAA.............DSDG
Response:
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: application/json Content-Length: 73 Date: Thu, 19 Mar 2018 16:14:52 GMT { "sub": "6adb7ca411d5a14c94946adb7ca411d5", "email": "alice@a.com" }