GET /oauth/userinfo
Returns information about the authenticated user. Uses HTTP GET.
Note: We recommend that the request use the HTTP GET method (this operation) rather than the corresponding POST /oauth/userinfo, sending the access token in the Authorization header. For information on why you might choose one or the other, see OAuth Operations: GET or POST?
Authorization Roles/Permissions: Anyone can run this operation.
This topic includes the following sections:
HTTP Method
GET
URL
https://{oauth-provider-url}/oauth/userinfo
Sample Request
The example below shows a request for the userinfo
Sample Request URL
https://{oauth-provider-url}/oauth/userinfo
The example below shows the access token sent in the Authorization header (for either GET or POST).
Host: docexample.akana.rcoaless.com
Authorization: Bearer {bearer_token_value}
Accept: application/json
Sample request body
Not applicable.
Request Headers
For general information on request header values, refer to HTTP Request Headers.
| Header | Description |
|---|---|
| Accept | application/json |
| Host | The host header for the API call, with the server hostname. |
| Authorization | The Authorization header, with the token type and token content. |
Request Parameters
To come
Response
If successful, this operation returns HTTP status code 200.
Sample Response
The sample response below shows successful completion of this operation. The userinfo is returned.
Sample response headers
Content-Type: application/json Date: Fri, 18 Sep 2020 16:00:00 GMTSample response body
{
"sub": "jmead",
"mail": "jmead@akana.rcoaless.com",
"$EMAIL": "jmead@akana.rcoaless.com",
"$FULLNAME": "Jane.Mead",
"cn": "Jane Mead"
}
Response Headers
For general information on response header values, refer to HTTP Response Headers.
| Header | Description |
|---|---|
| Content-Type | application/json |
Response Body
The response body is the userinfo. Exact contents depend on the OAuth Provider.
The response body includes the UserInfo claims, returned in a JSON object. The UserInfo claims include:
- Standard claims as defined in the OpenID Connect specification.
- Possibly, custom claims returned from specific identity providers.
The specific content of the response payload might vary according to the resource owner and also the scopes that are used to get the token.
The sub (subject) claim is always included in the UserInfo response. Other claims might be present, depending on the authentication response from the specific identity provider.
Error Codes/Messages
If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.
| Item | Value |
|---|---|
| 500 | An error occurred processing the call. |
More information about Akana OAuth API error messages.
