is an Endpoint
that provides a standardized REST API
for Identity Attributes
Communication with the Userinfo_endpoint MUST utilize TLS. Section 16.17 for more information on using TLS.
The Userinfo_endpoint MUST support the use of the HTTP GET and HTTP POST methods defined in RFC 2616.
The Userinfo_endpoint MUST accept Access Tokens as OAuth 2.0 Bearer Token Usage RFC 6750.
The Userinfo_endpoint SHOULD support the use of Cross Origin Resource Sharing (CORS) and or other methods as appropriate to enable Java Script Clients to access the endpoint.
There might be more information for this subject on one of the following: