API Document

/oxauth

Overview

/oxauth/userinfo

requestUserInfoPost

POST /oxauth/userinfo

Returns Claims about the authenticated End-User. The Access Token obtained from an OpenID Connect Authentication Request is sent as a Bearer Token.

URL
http://gluu.org/oxauth/userinfo
Parameters
  • form

    Parameter Required Description Data Type
    access_token true OAuth 2.0 Access Token. string
    - header

    Parameter Required Description Data Type
    Authorization false string

Response

JSON[Response]

Errors

Status Code Reason
400 invalid_request The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed. The resource server SHOULD respond with the HTTP 400 (Bad Request) status code.
401 invalid_token The access token provided is expired, revoked, malformed, or invalid for other reasons. The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request a new access token and retry the protected resource request.
403 insufficient_scope The request requires higher privileges than provided by the access token. The resource server SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the "scope" attribute with the scope necessary to access the protected resource.


requestUserInfoGet

GET /oxauth/userinfo

Returns Claims about the authenticated End-User. The Access Token obtained from an OpenID Connect Authentication Request is sent as a Bearer Token.

URL
http://gluu.org/oxauth/userinfo
Parameters
  • query

    Parameter Required Description Data Type
    access_token true OAuth 2.0 Access Token. string
    - header

    Parameter Required Description Data Type
    Authorization false string

Response

JSON[Response]

Errors

Status Code Reason
400 invalid_request The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed. The resource server SHOULD respond with the HTTP 400 (Bad Request) status code.
401 invalid_token The access token provided is expired, revoked, malformed, or invalid for other reasons. The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request a new access token and retry the protected resource request.
403 insufficient_scope The request requires higher privileges than provided by the access token. The resource server SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the "scope" attribute with the scope necessary to access the protected resource.


Data Types