GET /api/oauth/userinfo

Read standard OIDC user claims for the authenticated user.

Endpoint

text

GET /api/oauth/userinfo

Authentication

Requires a valid bearer access token.

text

Authorization: Bearer <access-token>

Response Shape

The response always contains:

Field	Type	Description
`sub`	string	Stable e-Próspera user ID.

Additional fields depend on scopes:

When `profile` is granted

Field	Type
`name`	string \| null
`given_name`	string \| null
`family_name`	string \| null
`picture`	string \| null

When `email` is granted

Field	Type
`email`	string \| null
`email_verified`	boolean

Example Response

json

{
  "sub": "0b8f7c17-5f43-4f8a-9a43-0e1f2a3b4c5d",
  "name": "Maria Rodriguez",
  "given_name": "Maria",
  "family_name": "Rodriguez",
  "picture": "https://...",
  "email": "maria@example.com",
  "email_verified": false
}

Error Responses

`401 Unauthorized`

json

{
  "error": "missing_token"
}

json

{
  "error": "invalid_token"
}

`404 Not Found`

json

{
  "error": "user_not_found"
}

Notes

userinfo returns standard OIDC claims only.
Use the public /api/v1/me/* endpoints for Próspera-specific data such as residency, identity-verification images, and legal-entity records.

GET /api/oauth/userinfo ​

Endpoint ​

Authentication ​

Response Shape ​

When profile is granted ​

When email is granted ​

Example Response ​

Error Responses ​

401 Unauthorized ​

404 Not Found ​

Notes ​

GET /api/oauth/userinfo

Endpoint

Authentication

Response Shape

When `profile` is granted

When `email` is granted

Example Response

Error Responses

`401 Unauthorized`

`404 Not Found`

Notes