4.1.10. Requesting Data

In this step you will use the token received in the previous authentication step to get the user’s data. The data needs to be retrieved from the UserInfo Endpoint.

The UserInfo Endpoint always returns an attribute sub (subject), in the response which uniquely identifies the user and should be used to validate the response using an ID Token.

The user’s data should be processed only in case the response is found valid.

An example of requesting data:

state = aresp.to_dict()['state']
resp = client.complete(state)
uinfo = client.get_user_info(state)

An example of communication with server:

GET /oidc/userinfo/ HTTP/1.1
Host: mojeid.cz
Authorization: Bearer SlAV32hkKG
HTTP/1.1 200 OK
Content-Type: application/json

 "sub": "248289761001",
 "name": "Jane Doe",
 "given_name": "Jane",
 "family_name": "Doe",
 "preferred_username": "j.doe",
 "email": "janedoe@example.com"