search

User info

circle-info

This page must be considered part of the iSHARE Framework

This page is considered normative and is therefore compliant with RFC 2119.

OpenID Connect 1.0 endpoint for obtaining attributes of a Human Service Consumer conforming to the scope defined in the access token.

hashtag
Request

hashtag
HTTP methods

  • POST

hashtag
Parameters

hashtag
Example

> Authorization: Bearer IIeDIrdnYo2ngwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UEAwwQaVNIQ
< Content-Type: application/json; charset=UTF-8

POST /connect/userinfo

hashtag
Response

hashtag
Headers

  • Content-Type

    String.

    Defines response body content type. MUST be equal to application/jwt.

hashtag
HTTP status codes

  • 200 OK

    When a valid request is sent, an OK result should be returned.

  • 400 Bad Request

    When an access token is valid, but the request itself is invalid.

  • 401 Unauthorized

    When Authorization The header is either missing, invalid, or the token has already expired.

hashtag
Parameters

Since response Content-Type is application/jwt it should be expected to retrieve a signed JWT. JWT should be iSHARE compliant, and its payload should contain delegation evidence. In addition, the JWT payload might also contain the following parameters:

  • first_name

    String. Optional.

    First name of the human whose access token is used.

  • last_name

    String. Optional.

    Last name of the human whose access token is used.

  • gender

    String. Optional.

    The gender of the human whose access token is used. Available values are male, female, and TBD.

  • company_id

    String. Optional.

    TBD.

  • company_name

    String. Optional.

    TBD.

hashtag
200 OK Example

Decoded JWT Payload

PreviousAccess tokenNextM2M Verifiable Credential Endpoints

Last updated