Switch from OIDC UserInfo to OAuth 2.0 Token Introspection #1

ansv7779 · 2025-03-24T11:11:05+01:00

ansv7779 commented

2025-03-24 11:11:05 +01:00

The UserInfo endpoint is for fetching the users profile (name, email, phone number, picture, and so on). Token introspection is for inspecting the access token and determining the authorities the user has (subject (principal), entitlements, and scopes granted).

The [UserInfo endpoint](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo) is for fetching the users profile (name, email, phone number, picture, and so on). [Token introspection](https://datatracker.ietf.org/doc/html/rfc7662) is for inspecting the access token and determining the authorities the user has (subject (principal), entitlements, and scopes granted).

ansv7779 added 1 commit 2025-03-24 11:11:06 +01:00

Switch from OIDC UserInfo to OAuth 2.0 Token Introspection dce824b5dd

The UserInfo endpoint is for fetching the users profile (name, email, phone number, picture, and so on). Token introspection is for inspecting the access token and determining the authorities the user has (subject (principal), entitlements, and scopes granted).

erth9960 added 1 commit 2025-03-24 13:21:30 +01:00

FIX: bad syntax when looking up dict key 69fd819ee5

erth9960 merged commit dcacd0cc1d into main

2025-03-24 13:59:08 +01:00

erth9960 deleted branch token-introspection

2025-03-24 13:59:08 +01:00

erth9960 referenced this issue from a commit

2025-03-24 13:59:09 +01:00

Merge pull request 'Switch from OIDC UserInfo to OAuth 2.0 Token Introspection' (#1) from token-introspection into main

Sign in to join this conversation.