OAuth UserInfo

Reads profile claims of the subject bound to the access token.

Method and path

• Method: GET
• Path: /oauth/userinfo
• Auth: Authorization: Bearer <access_token>

Success response

200 OK

{
  "sub": "asa_xxx",
  "name": "Demo User",
  "email": "demo@example.com",
  "email_verified": true,
  "picture": "https://openasa.com/avatar.png"
}

Errors

• 401: token missing/invalid/expired/revoked
• 400: malformed request