Legacy Dataporten userinfo endpoint

The legacy Dataporten userinfo endpoint dates to when OpenID Connect had not yet emerged as the leading standard. The endpoint offers roughly the same functionality OIDC userinfo.

What information the endpoint returns about the user depends on which scopes the application has.

The legacy userinfo endpoint is: https://auth.dataporten.no/userinfo

Here is an example request:

GET /userinfo HTTP/1.1
Host: auth.dataporten.no
Authorization: Bearer 083a7ef0-ea97-49ec-8804-379dc1e9b54c
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

    "user": {
        "userid": "76a7a061-3c55-430d-8ee0-6f82ec42501f",
        "userid_sec": ["feide:andreas@uninett.no"],
        "name": "Andreas \u00c5kre Solberg",
        "email": "andreas.solberg@uninett.no",
        "profilephoto": "p:a3019954-902f-45a3-b4ee-bca7b48ab507"
    "audience": "e8160a77-58f8-4006-8ee5-ab64d17a5b1e"

When using the legacy userinfo endpoint to authenticate the user, the application MUST verify that the audience property matches the client id of the application.

With only the profile and userid scopes, the accessible user properties are:

    "userid": "76a7a061-3c55-430d-8ee0-6f82ec42501f",
    "profilephoto": "p:a3019954-902f-45a3-b4ee-bca7b48ab507",
    "name": "Andreas \\u00c5kre Solberg"

User Profile photo

If the application has obtained the profilephoto public handle of the user, the application may fetch the profile photo from:

https://api.dataporten.no/userinfo/v1/user/media/{profilephoto handle}

E.g.: https://api.dataporten.no/userinfo/v1/user/media/p:a3019954-902f-45a3-b4ee-bca7b48ab507

The photo is often square, and 128 x 128px. If not square, the longest edge will be 128px, and the aspect ratio will be unchanged from the original.