OIDC Get User Info Endpoint

This endpoint retrieves allows clients to retrieve all accessible user information authorized by the user. It's typically called after obtaining an access token through the OIDC flow.

Base URL: https://apx.didit.me
Endpoint: /auth/v2/users/retrieve
Method: GET
Authentication: Bearer Token (Access Token)

Request

Headers

Authorization: Bearer {access_token}

For userinfo, Bearer Authentication is used. The Authorization header contains the word "Bearer ", followed by the access token returned from the /token endpoint.

Example Request

GET /auth/v2/users/retrieve HTTP/1.1
Host: apx.didit.me
Authorization: Bearer your_access_token

Response

Returns a JSON object containing claims about the authenticated user. The exact claims returned depend on the scopes that were granted during the authorization process.

Example Response

{
  "sub": "user-unique-identifier",
  // if `email` scope is included
  "email": {
    "email": "alejandro.rosas@example.com",
    "is_verified": true,
    "is_primary": true
  },
  // if `phone` scope is included
  "phone": {
    "phone_number": "+34123456789",
    "is_verified": true,
    "is_primary": true
  },
  // if `picture` scope is included
  "picture": "https://example.com/picture.png",
  // if `names` scope is included
  "names": {
    "first_name": "John",
    "family_name": "Doe",
    "full_name": "John Doe",
    "is_verified": true
  }
}

The actual claims returned will depend on the scopes granted during the authorization process. To check a full list of possible scopes, refer to the User Scopes documentation page.

Error Responses

401 Unauthorized: If the access token is invalid or has expired.
403 Forbidden: If the access token does not have permission to access the user info.

Token Introspect