UserInfo Request is done by the OpenID Connect Relying Party
) which sends the request to the Userinfo_endpoint
to obtain Claims
about the Resource Owner
(End-User) using the Access Token
obtained through OpenID Connect Authentication
UserInfo Request can use OpenID Connect Standard Claims and possibly other Claims
All Communication with the Userinfo_endpoint MUST utilize TLS.
UserInfo Request SHOULD use the HTTP GET method and the Access Token SHOULD be sent using the HTTP Request Header Authorization Header.
More Information #
There might be more information for this subject on one of the following: