search

User info

circle-info

This page must be considered part of the iSHARE Framework

This page is considered normative and is therefore compliant with RFC 2119.

OpenID Connect 1.0 endpoint for obtaining attributes of a Human Service Consumer conform scope defined in access token.

hashtag
Obtaining attributes of a Human Service Consumer

get
/[v2.2]/connect/userinfo

OpenID Connect endpoint for obtaining attributes of a Human Service Consumer conform scope defined in access token.

Server response is an iSHARE signed JSON Web Token. Please refer to the models 'jwt_header' and 'jwt_payload_userinfo_token' which indicate what the decoded response will look like.

Authorizations
AuthorizationstringRequired

OAuth 2.0 authorization based on bearer token. MUST contain “Bearer “ + access token value. Must be provided if restricted endpoints are needed.

Responses
chevron-right
200

OK

application/json
userinfo_tokenstring · application/jwtOptionalExample: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlFNlRDQ0E5R2dBd0lCQWdJSVUrVkNVWmo1dCtBd0RRWUpLb1pJaHZjTkFRRUxCUUF3UERFNk1EZ0dBMVVFQXd3eFZFVlRWQ0JwVTBoQlVrVWdSVlVnU1hOemRXbHVaeUJEWlhKMGFXWnBZMkYwYVc5dUlFRjFkR2h2Y21sMGVTQkhOVEFlRncweU16QTVNRGt4TWpBMk16RmFGdzB6TXpBNU1EWXhNakEyTXpCYU1IVXhHakFZQmdOVkJBTU1FV2xUU0VGU1JTQlVaWE4wSUZCSlVpQXhNUnd3R2dZRFZRUUZFeE5GVlM1RlQxSkpMazVNTURBd01EQXdNREF3TVJRd0VnWURWUVFMREF0VVpYTjBJR0Z1WkNCUlFURVdNQlFHQTFVRUNnd05hVk5JUVZKRlZHVnpkRkJKVWpFTE1Ba0dBMVVFQmhNQ1Rrd3dnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDRHdBd2dnSUtBb0lDQVFEQ1puQlVCM2s1R05sa0piVThIbFFhY2IxdnVScTN5UkRVZlQyUzFaSFBJVEJuWUFSQTZvMDdLNmxKZWpyRnQ1YWRsSzRsK3ZxTDFvaWlTeWdTREFLdCtXYkxpUzZFakFocFlIeTFBNWtkNVFONnFmUUpUNnI4cVZvUXdrNnM5bmdldkc2SGRIQW5qMlcvR1d1UGNicU9JaHYxSEdaYVhIUDZrNGo3QzBuT042U1NRSXhQQko4bnUvdTloaDJzS0JpN0ZzRkNnZFpxL29OQzBaZjR3R3pJbVRlc3hQMUJrTXlETmdXVVIzK1JpZUlNTXNNQlJXcEhLRFE0aTI0blJZaGhqUjJGU3NQcitiTE85YXRKWFVKc3I4bElhVDNDaDRVOUE5MnNYY1A4V3lvVjJ1Ti9hOEJBTjVJWkw1bVRBZXA4NDJROXQrS1ltcXEzY1J2a21zUUN3WmxUZm1ZNUMzbDhKOHpHYTNETTZxUTViOFlCalZoUUljcEFISDJqQ3RpRmQ2Vk9XMjl3MVg2MHhKRU14dHB1dmhVNGQzZXlveFRiLzVYU05vRVJOUERRZzRRN0NHQWQvR3ZsbFFka2wrdGJPQW9EclYwY01PZFJ4eVpqa25UZUpzcWNaOHJYZWVDQkFkOVFYZEd0cGl0SUFsNnRyRFYxbEd4TmpZVldSN3o1MEJRUEUvaGpFOFZBb3ZuemMvOWlSenQ1ZmhFQkljclVJRVpzcmdKVUg1NXY0SVA2T2JjRisxVjNFdHNqMkJMZFI4cEdTNjdtL0t5TWdNcnVHN3IrTXZ0QUhaTHlLemZrWjBXdnczWFBsb1ZPWU1ha0NOaWNXTHNSUHR1clhEMEtyKy8xeWtrekllOFIxQWllVUVKbDBnR3ltWk04OXlPSDhuakNHd1psUHdJREFRQUJvNEcxTUlHeU1COEdBMVVkSXdRWU1CYUFGRzNGWlluTDM1RlUwV3M4dHdLbExzMkthSkFkTUNjR0ExVWRKUVFnTUI0R0NDc0dBUVVGQndNQ0JnZ3JCZ0VGQlFjREJBWUlLd1lCQlFVSEF3RXdOd1lJS3dZQkJRVUhBUU1FS3pBcE1BZ0dCZ1FBamtZQkFUQUlCZ1lFQUk1R0FRUXdFd1lHQkFDT1JnRUdNQWtHQndRQWprWUJCZ0l3SFFZRFZSME9CQllFRkhIdlM2VXVCMUhIL0NtZmlvSDkzOWMxSndCR01BNEdBMVVkRHdFQi93UUVBd0lHd0RBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQVNyYjZPLzVWbVJzTkNiazZzRHo1V1FYb1oxZG84MnhxZ1NibDIzK3hXekFHV2xNeEd5elJJdTZOSDQxbFNSeGcxNzRPU1EzS0orYXVTUlB1Si82NG9HUEp4MkVmekMyckZiOU5ZeWhGT2pqcnlSZVJBVUsxZzFBbkEzQVBpMUdLVkxTZ3hnTXBYTnhwNXo0Yk5pNGpzTG92ZW85Z2IxNzR3UWVZSVFzOXdUc3JOcU43eGpkc2UwcjNqTDdhdEJCK1ZOanR5bEYvOXBqaVBWeGR3a0o2MFFXeVg4ZFBobDZ3SWh4STdtVTVMclJZZk9TSEx4V1FhbzIvZWhXUURJeHFYOWQ1bVpEYlUrd0tFc3BiNWhSNmMvOEo1SFhyYy8yMXhvcTNxNjNPNkRoNFh5WEUxSEMzZ0hUeGxmTmtzRm5aOHpNeFlPVlZMc0hleHAwbGRITzhaUT09IiwiTUlJRFNEQ0NBakNnQXdJQkFnSUlTeFIzSW16RzFCY3dEUVlKS29aSWh2Y05BUUVMQlFBd0p6RWxNQ01HQTFVRUF3d2NWRVZUVkNCcFUwaEJVa1VnUm05MWJtUmhkR2x2YmlCbFNVUkJVekFlRncweE9UQXlNakl4TURBME16RmFGdzB6T1RBeU1UY3hNREF5TkRsYU1Ed3hPakE0QmdOVkJBTU1NVlJGVTFRZ2FWTklRVkpGSUVWVklFbHpjM1ZwYm1jZ1EyVnlkR2xtYVdOaGRHbHZiaUJCZFhSb2IzSnBkSGtnUnpVd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJEd0F3Z2dFS0FvSUJBUURIQjJBQlFMN3p3bWkxeElrTzBhMnE2aklKZG4zUUFtMHMxbFNlUWV2OUYyRjNNNVo4cWlxUUphdXJNWnl3WmZkTnZnOStJcUdIT2pEZTZoSWh1Unp6b0FvMEFiTzROOU9kZjJSRERVOTVON3RvSm1BeUNpWUdnWmZadDdCc0tGSWVRNnA2Q3NnS2NSWFBpMGZkWGRWU0hwNGJaZlFPUWRjbE1idElUaXJuRnRVMDZOUEFob1k2NzZZejk2eEZBRTB6b202ZU1WUFBPSW0wRzhnZDQ0WGxuYkwwdzBtY2NDaTJWVVpqdkNJTDU5TzYxTzh2bFZ5THNCcU5OVEN2ZjlDMkNNWWFFYXRYWnl6L2x3Z0g2SllIdEQwdXNYdC8rTTBxS1llMW9lb0xrMFppY0ZaWGNrMWlTMDlrRmRnZ0s1QmxOb2RvV0phREJScm81MVdoWTJXbkFnTUJBQUdqWXpCaE1BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0h3WURWUjBqQkJnd0ZvQVVsWk1reWJ5aEN6SzVIT0JGSEtSTytNTFNSLzR3SFFZRFZSME9CQllFRkczRlpZbkwzNUZVMFdzOHR3S2xMczJLYUpBZE1BNEdBMVVkRHdFQi93UUVBd0lCaGpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQVpINVFqdXErTzlGcHY2MzdnMGNGNm4xSUxZQkx6MWVOWmpFQjNkb0FleHZpNUN6U3czb3N3SkNTZWRHVzNoaDBxSE9USzJnSTgzamgwVzJFQW4yaXNGZ3doTW9HMmpkMllTRlNrbThRLzJlT2ZjNk1nR1NDNXNPVEw3NUo3YnlMQ29yZHFkL040ZWFqM0VxS0xhV3E3cjd1c3RQODFQOEVJbHowRDhhN2xmZjFGU28yM0hXWFRXWDIrbTJ2b0xBRTVsOTdhR1RHUlMxVWJ4aFAyakZLWUo5WHppS2U5TVFKU1pFbFRROGpxZzJrUEZrRXgvWHFBV3FsRzFkbDF5d0xKcTVpZVB2SzFSNEFZTkkvWWJaUWs5c2xqOHYrUC82TTdFdEVyc2YydUlTZ2V3TFRjV2wyNHgzbkc1eGJRWnhyUDhsMmpTR1ltT1RJbmdLT1FTbmJmZz09IiwiTUlJRE16Q0NBaHVnQXdJQkFnSUlCTFUyY1pBWnFMRXdEUVlKS29aSWh2Y05BUUVMQlFBd0p6RWxNQ01HQTFVRUF3d2NWRVZUVkNCcFUwaEJVa1VnUm05MWJtUmhkR2x2YmlCbFNVUkJVekFlRncweE9UQXlNakl4TURBeU5EbGFGdzB6T1RBeU1UY3hNREF5TkRsYU1DY3hKVEFqQmdOVkJBTU1IRlJGVTFRZ2FWTklRVkpGSUVadmRXNWtZWFJwYjI0Z1pVbEVRVk13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQ3JEUDJEV1gzL2I4dU1hcHpFQkFUU2E2aVpmdmdneklCVUV4a1dFYkc5ZTFuVnkvalFrMjBuZlNGTVVtUlQ2TmhZY2RrU1lPL1dya2k5WTRFcEN5MXh2WkhxTCs0WTZTOUpMWndKNzYwTHBZbGUrTmFWdTdtaW5NVVFjdW9qNW5LekNsdmF6YjAwQXg1Z2tKVWZSM3YzWDVHWHFRcmtXYXpNdCtrNVROTTZUV3VKMzBxT2Z3ckh4NXZUTG1UVVVpaCtCc0dMM2Y1R09zMVZUWUlDTmhpVGpONzRuMldxcDJrVUxXSWUrL1g2UlovaEtzcGFIR1puS0RWVHdJKzhabVdGZWp1eEE2RE9YN1JzWUxLdlFPMjFGbWJJQm9TczlBenY1OS9SeFdVSlZNTzBXaERoS3BRZ0NHandnVjMyb2ZOZGtGZ21kVnVsek5QSUQyUk5iVFRMQWdNQkFBR2pZekJoTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SHdZRFZSMGpCQmd3Rm9BVWxaTWt5YnloQ3pLNUhPQkZIS1JPK01MU1IvNHdIUVlEVlIwT0JCWUVGSldUSk1tOG9Rc3l1UnpnUlJ5a1R2akMwa2YrTUE0R0ExVWREd0VCL3dRRUF3SUJoakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBbHphQlZhRmhabUg5dXhzTFN2M0Zra3hXVndCUjFHaEF4d2NKbFY0eCtrcVg4dGNoSjRTRExFdVdSckY0RE50dlNSM3I2OUt6OGVZSTVYdVcxZUcxMllqR0dWbFlpamR4ckcxQU56R24ydmRvOXZMN2RFRlVFTUsxQUt4UnN0YlRkRTd5d3pJVi9DNjF3OEpyeHdMdHQ5T2pkVUVVUEh1R1RqdXY1bkZCUGRGek9jdnUrRFRNbDczQ0pQMnplWlVGZ3VqNTVNc1hZNDVNclhyYmd0K0xKcVV1NHBrQjJiTHU5RmJlUkxXWkp1a25ZU3JXNGZ5UUJaMmkrTXNHZGlCS1FjZjNmTFhqcGNoNDgvcDdTaVRrNHVmbG9CYXFUQ2x0L0V0V1hEU21GY3Y0UWpCazFtVVB1OXZ4aWtjSERrQXZKck9YR2cwYiszZUk0YTdPVGZBYjFnPT0iXX0.eyJpc3MiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDA2Iiwic3ViIjoiNDE5NDA0ZTEtMDdjZS00ZDgwLTllOGEtZWNhOTR2ZGUwMDAzZGUiLCJhdWQiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDAxIiwianRpIjoiNzgyYmIzOWUtMjQ4YS00NzA4LWI2MmUtZWZiMDVmYzM2MDQyIiwiZXhwIjoxNzY3MTc5ODY5LCJpYXQiOjE3NjcxNzk4MzksIm9yZ2FuaXNhdGlvbklkZW50aWZpZXIiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDAyIiwibmJmIjoxNzY3MTc5ODM5fQ.uqSii8f7qMMQ84ZMbWAMHas6C5uyKsT4vRzkwW6PJRjGRv3NZGGhYn_-T84Ga3qYieru60_O0mmmjzFHv7I_Q9XY6DJrW-bloDCgzl68cu2bXXz9Ev-anU4iEwpYELzmRvIqX9S9q2yC2JESaEZgCAIzGdhz-_yJda5prmuCV5uCV9SlwsOlq9nvRsePwb_HbXyGn29CYtLrs8rlcnsqWuJ6fieZtGNrR-XD6NX2fJ5BoG7TwZTu_54P2BxaNvb8zxn44udOJ1htg1rUGqywhnKxLXP2DHtKCBkRhdlabaMVww3YC_UXPe2TcNvwHd8s-9mVVStf2hR_Y5__6RVUkcHa0TqyzZrkGfQ02lOvaVZsb1e6MC5X7kNYPYsNMfpqMHj2RBnRQlM9UaXa-OLZe7d91xiwdENNw9L0eOenLzS5VCJVXq6_8dWbEOm1KFQPu-S58E6OdklqVqfyj3afvflI988zCy_A0wtCR_RqNJPH41mYbp6V_Zz_3uPC63Xz5rRNk6N3kXWaElH3GLuZl_eu-mG4BtGyr0i1OvUhh3oHXqhAec12maKI8iNZvV7XmxOBEJdjGREtV8bxvF_Mlu9uzRVI5ZsnAiy6qdRfHzccqt-devEfNdJZZ_d83kCj3NH6Jf79EpUBL25CuCtZDBxNXjZsOEJ4K6yK5xPb3_c
get
/[v2.2]/connect/userinfo
200

OK

hashtag
Request

hashtag
HTTP methods

  • POST

hashtag
Parameters

hashtag
Example

hashtag
Response

hashtag
Headers

  • Content-Type

    String.

    Defines response body content type. MUST be equal to application/jwt.

hashtag
HTTP status codes

  • 200 OK

    When a valid request is sent an OK result should be returned.

  • 400 Bad Request

    When an access token is valid but request itself is invalid.

  • 401 Unauthorized

    When Authorization header is either missing, invalid or token has already expired.

hashtag
Parameters

Since response Content-Type is application/jwt it should be expected to retrieve a signed JWT. JWT should be iSHARE compliant and its payload should contain delegation evidence. In addition, JWT payload might also contain the following parameters:

  • organisationIdentifier

    String. (Required)

    Identifier of the organisation that the user is representing. MUST be ETSI/X.509 OrganizationIdentifier (OID 2.5.4.97) issued by a Trust Service Provider (TSP), using the format in ETSI EN 319 412-1 V1.5.1, clause 5.1.4: <3-letter type><2-letter country>-<identifier>

hashtag
200 OK Example

Decoded JWT Payload

PreviousAccess tokenNextGetting started

Last updated