UserInfo Endpoint

Protected resource that returns claims about the authenticated End-User (OIDC Core §5.3). Access requires a valid access token with 'openid' scope. Returns claims based on granted scopes (profile, email, address, phone).

Try in Looking Glass
ID Token

Sequence Diagram

Click any step for details

ClientAuth Server1UserInfo Request2Token Validation & User Lookup3UserInfo Response
Request
Response
Redirect
Internal

Step-by-Step Breakdown

1
UserInfo Request
ClientOpenID Provider
2
Token Validation & User Lookup
OpenID ProviderOpenID Provider
3
UserInfo Response
OpenID ProviderClient

Token Inspector

Specs for this flow

Sections of the protocol that normatively define this flow, plus the security considerations that apply to it.

Core specs

· The specifications that define this protocol.

Security & privacy

· Dedicated security and privacy considerations.