User information for specific users#

Information about specific users is available at this endpoint. The information is fetched from Feide directories. In order to access the endpoint, a number of requirements have to be met.

API endpoint#{userid_sec}


The access token has the scopes system-all-users, userid-feide and userinfo-name. The endpoint is called for the testuser like so:

curl -sSLf -H 'Authorization: Bearer ....' \

This gives the following output:

    "cn": [
        "Asbj\u00f8rn ElevG Hansen"
    "displayName": "Asbj\u00f8rn ElevG Hansen",
    "eduPersonPrincipalName": "",
    "givenName": [
        "Asbj\u00f8rn ElevG"
    "sn": [
    "uid": [



The userid_sec path parameter specifies the target user. This parameter contains the secondary user ID of the user, e.g. feide:user@kommune.test. Only Feide identifiers are supported.

The userid_sec must be percent encoded as specified in the rules for path segments in RFC 3986.



Return values#

The endpoint returns a JSON object with data from Feide directories. The keys in the returned object are the attribute names. The attribute names are specified in the Feide information model. See example.

Which attributes are included depends on which scopes/attribute groups are available to the service. See Scopes, claims and attribute groups.


The endpoint returns 403 Forbidden when the requirements below aren’t met.

It returns 404 Not Found when the specified userid_sec can’t be found.

Requirements for accessing the endpoint#

  • The service must have the system-all-users scope.

  • The access token must have been obtained using the client credentials flow.

  • The service must have been activated for one of the organization units the user belongs to or the entire organization.