Legacy Dataporten userinfo endpoint

The legacy Dataporten userinfo endpoint dates to when OpenID Connect had not yet emerged as the leading standard. The endpoint offers roughly the same functionality OIDC userinfo.

The set of information that will be available from userinfo depends on which attribute groups the client has authorized and which scopes are requested in the authorization request.

The legacy userinfo endpoint is: https://auth.dataporten.no/userinfo

Here is an example request:

GET /userinfo HTTP/1.1
Host: auth.dataporten.no
Authorization: Bearer 083a7ef0-ea97-49ec-8804-379dc1e9b54c
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
    "user": {
        "userid": "76a7a061-3c55-430d-8ee0-6f82ec42501f",
        "userid_sec": ["feide:andreas@uninett.no"],
        "name": "Andreas \u00c5kre Solberg",
        "email": "andreas.solberg@uninett.no",
        "profilephoto": "p:a3019954-902f-45a3-b4ee-bca7b48ab507"
    },
    "audience": "e8160a77-58f8-4006-8ee5-ab64d17a5b1e"
}

When using the legacy userinfo endpoint to authenticate the user, the application MUST verify that the audience property matches the client id of the application.

With only the userinfo-photo, userinfo-name and userid-feide attribute groups, the accessible user properties are:

{
    "userid": "76a7a061-3c55-430d-8ee0-6f82ec42501f",
    "profilephoto": "p:a3019954-902f-45a3-b4ee-bca7b48ab507",
    "name": "Andreas \\u00c5kre Solberg"
}

User Profile photo

If the application has obtained the userinfo-photo public handle of the user, the application may fetch the profile photo from:

https://api.dataporten.no/userinfo/v1/user/media/{userinfo-photo handle}

E.g.: https://api.dataporten.no/userinfo/v1/user/media/p:a3019954-902f-45a3-b4ee-bca7b48ab507

The photo is often square, and 128 x 128px. If not square, the longest edge will be 128px, and the aspect ratio will be unchanged from the original.