OpenID Connect 1.0 endpoint for obtaining attributes of a Human Service Consumer conform scope defined in access token.
- String.Oauth 2.0 authorization based on bearer token. MUST contain “Bearer ” + access token value. How to retrieve the access token can be found at Access Token Endpoint section.
- String.Defines request body content type. MUST be application/json. It can also contain characters encoding format like charset=UTF-8.
> Authorization: Bearer IIeDIrdnYo2ngwDQYJKoZIhvcNAQELBQAwSDEZMBcGA1UEAwwQaVNIQ < Content-Type: application/json; charset=UTF-8 POST connect/userinfo
- String.Defines response body content type. MUST be equal to application/jwt.
HTTP status codes¶
- 200 OK
- When a valid request is sent an OK result should be returned.
- 400 Bad Request
- When an access token is valid but request itself is invalid.
- 401 Unauthorized
Authorizationheader is either missing, invalid or token has already expired.
Content-Type is application/jwt it should be expected to retrieve a signed JWT. JWT should be iSHARE compliant and its payload should contain delegation evidence. In addition, JWT payload might also contain the following parameters:
- String. Optional.First name of the human who’s access token is used.
- String. Optional.Last name of the human who’s access token is used.
- String. Optional.Gender of the human who’s access token is used. Available values are male, female, TBD.
- String. Optional.TBD.
- String. OptionalTBD.