Hjem > idporten > oidc
/userinfo endpoint
This page summarizes the protocol options available for on the /userinfo endpoint for ID-porten OIDC Provider
About
The /userinfo endpoint is thoroughly documented in OIDC Core specification, chapter 5.3
Note that if the access token contains the claim clm with the claims family_name and given_name, the values of these claims will be returned by calling the userinfo endpoint.
Request
All clients can request the profile scope and will get an access_token that can be used to call the userinfo-endpoint. The location of the endpoint is publised in the metadata as the claim userinfo_endpoint.
The following header parameters apply:
| Parameter | Calue |
|---|---|
| HTTP method: | GET |
| Authorization: | Bearer < access_token > |
Response
The response is a JSON structure with claims:
| Claim | Description |
|---|---|
| sub | “subject identifier” - an unique identifier for the authenticated user. The value is pairwise, meaning a given client will always get the same value, whilst different clients do not get equal values for the same user. |
| pid | Norwegian national id number - always present unless a pseudonymous scope was requested. |
| locale | The language used during authentication. Only returned if the profile scope was requested. |
| given_name | The given name of the user. Only returned if the profile scope was requested and the access token contains the claim clm with the claim given_name. |
| family_name | The family name of the user. Only returned if the profile scope was requested and the access token contains the claim clm with the claim family_name. |
{
"sub" : "NR8vTTPrM3T7rWf8dXxeWLZpxEMsug4E7pxqJuh9wIM=",
"pid" : "23079421936",
"locale" : "nb",
"given_name" : "Ola",
"family_name" : "Nordmann"
}