User info

This page must be considered part of the iSHARE Framework

This page is considered normative and is therefore compliant with RFC 2119.

OpenID Connect 1.0 endpoint for obtaining attributes of a Human Service Consumer conforming to the scope defined in the access token.

Request

HTTP methods

POST

Parameters

Example

> Authorization: Bearer IIeDIrdnYo2ngwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UEAwwQaVNIQ
< Content-Type: application/json; charset=UTF-8

POST /connect/userinfo

Response

Headers

Content-Type
String.
Defines response body content type. MUST be equal to application/jwt.

HTTP status codes

200 OK
When a valid request is sent, an OK result should be returned.
400 Bad Request
When an access token is valid, but the request itself is invalid.
401 Unauthorized
When Authorization The header is either missing, invalid, or the token has already expired.

Parameters

Since response Content-Type is application/jwt it should be expected to retrieve a signed JWT. JWT should be iSHARE compliant, and its payload should contain delegation evidence. In addition, the JWT payload might also contain the following parameters:

first_name
String. Optional.
First name of the human whose access token is used.
last_name
String. Optional.
Last name of the human whose access token is used.
gender
String. Optional.
The gender of the human whose access token is used. Available values are male, female, and TBD.
company_id
String. Optional.
TBD.
company_name
String. Optional.
TBD.

200 OK Example

< Content-Type: application/jwt

example TBD

Decoded JWT Payload

{
    "example": "TBD"
}

PreviousAccess token NextM2M Verifiable Credential Endpoints

Last updated 9 days ago

Good night

Request

HTTP methods

Parameters

Example

Response

Headers

HTTP status codes

Parameters

200 OK Example