[{"label":"Latest (v1.0)","version":"latest"}]
csp

Get OIDC User Info

Description

Display the content of the given access token if the token is valid. Also includes the group_ids and group_names if the client is registered with group_id, group_names scopes. If the token is invalid or expired, an error will be returned. If group_ids and group_names are both requested, they will be in the same order in both the claims. If the token was obtained using an API token, the groups information will be available only if the openid scope was selected.

Access Policy

Role User Accounts Service Accounts (Client Credentials Applications)
Anonymous ✔️ ✔️

Request

Request

URL

URL


get
https://{api_host}/csp/gateway/am/api/userinfo
Copy

Header Parameters

Header Parameters

string
authorization Required

Access token in ‘Bearer’ authentication format i.e. ‘Bearer XXX’ where XXX is the content of an access token.

Parameter Serialization Style: simple Explode:false

Authentication

Authentication

This operation uses the following authentication methods.

Response

Response

Response Body

Response Body

200 OK

Returns OidcUserInfoDto of type application/json
{
	"acct": "string",
	"context": "string",
	"context_name": "string",
	"domain": "string",
	"email": "string",
	"email_verified": false,
	"family_name": "string",
	"given_name": "string",
	"group_ids": [
		"string"
	],
	"group_names": [
		"string"
	],
	"sub": "string",
	"username": "string"
}
string
acct Optional

The identifier of the user, configured to log in to the Identity provider. The acct claim can be a combination of the user’s username and domain in URLEncoded(username)@domain format or the user’s email or the UPN of the user.


string
context Optional

The context identifier in which the token was issued.


string
context_name Optional

The context name (equals to CSP organization ID) in which the token was issued.


string
domain Optional

The identity provider (IdP) domain of the user.


string
email Optional

The email address of the user.


boolean
email_verified Optional

True if the user’s e-mail address has been verified.


string
family_name Optional

The family name of the user.


string
given_name Optional

The ‘given’ name of the user.


array of string
group_ids Optional

Group ids the user belongs to. Property will be returned only if the client registered with ‘group_ids’ scope.


array of string
group_names Optional

Group names the user belongs to. Property will be returned only if the client registered with ‘group_names’ scope.


string
sub Optional

The user on behalf of which the token was issued.


string
username Optional

The username of the user.

Errors

Errors

400

Authorization header must be specified | Invalid authorization header. Missing “Bearer” prefix | Invalid bearer token. Missing valid token.


404

The requested resource could not be found


429

The user has sent too many requests


500

An unexpected error has occurred while processing the request

Code Samples

Code Samples

PowerCLI Client SDK Example

Invoke-GetOidcUserInfoUsingGET -Authorization "MyAuthorization"

cURL Command

curl -H "authorization: string" https://{api_host}/csp/gateway/am/api/userinfo
Vendor Extensions

Vendor Extensions

This operation contains the following vendor extensions defined in the spec:
x-required-roles: ""
x-slo-tier: TIER2


[{"label":"Latest (v1.0)","version":"latest"}]
csp
Feedback

Was this page helpful?