See openid-connect Menu

Get User Info

Use this API to get the user information related to a given access_token.

Note that the user info return by this call is determined by the scopes that were used to generate the access_token

Resource URL


Header Parameter




Set to Bearer <access_token>.

The access_token is returned when you create a new session via Authorization Code or Password Grant

Resource Parameter




Set to the subdomain of your OneLogin instance.

e.g. oidc-sample where the instance is

Sample Response

The openid profile & email scopes were supplied in initial authorization

    "sub": "32916209",
    "email": "",
    "preferred_username": "peggy.sue",
    "name": "Peggy Sue",
    "updated_at": "2017-11-10T06:36:34.456Z",
    "given_name": "Peggy",
    "family_name": "Sue"

No scopes were supplied in initial authorization


Authorization header is missing

    "error": "invalid_request",
    "error_description": "no bearer token provided"

Authorization header value needs to be “Bearer access_token

    "error": "invalid_request",
    "error_description": "invalid authorization header value format"
    "error": "invalid_token",
    "error_description": "invalid token provided"

Response Elements

sub The OneLogin ID for the user that started the session
email The email address of the user
preferred_username The username for the user. Not always an email address.
name The full name of the user
updated_at The date the users profile was last updated.
given_name The first name of the user
family_name The last name of the user

Sample Code


Replace sample values indicated by < > with your actual values.

curl -XGET "https://<subdomain>" \
-H "Authorization: Bearer <access_token>"

Have a Question?

Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.