The UserInfo Endpoint

The UserInfo Endpoint can be used to retrieve claims about a user. See the specification for more details.

The UserInfo Endpoint is available at the path connect/userinfo relative to the authority. For instance, the UserInfo Endpoint in the test environment will look like this:

https://helseid-sts.test.nhn.no/connect/userinfo

The endpoint can be used both by a Client and by an API.

⚠️  Usage of the UserInfo Endpoint

In most circumstances, the usage of this endpoint is not necessary, as the only specific information about the user it can issue, is the details regarding the user's authorization(s) in HPR (Helsepersonellregisteret). If this information is not required for the software, the use of Scopes will be sufficient both for Clients and APIs.

Requests to the UserInfo Endpoint

The caller will need to send a valid Access Token in the request:

GET https://helseid-sts.nhn.no/connect/userinfo
Authorization: Bearer <access_token>

In order to get a response back, the Access Token must contain at least the openid scope.

Response from the UserInfo Endpoint

The response is structured as a JSON object. It will contain Claims regarding the user. In particular, the helseid://claims/hpr/hpr_details Claim will include extra details regarding the user's authorization(s) in HPR (Helsepersonellregisteret) if any such authorization is present.

Example of a response:

{
    "helseid://claims/identity/pid": "06828399789",
    "helseid://claims/identity/security_level": "4",
    "helseid://claims/identity/assurance_level": "high",
    "helseid://claims/identity/pid_pseudonym": "PGzVzvP2JvlXV\u002B\u002BOJSJAQG5d99BH8QsikmxpdIAKSZk=",
    "helseid://claims/hpr/hpr_number": "565505933",
    "name": "KVART GREVLING",
    "given_name": "KVART",
    "middle_name": "",
    "family_name": "GREVLING",
    "helseid://claims/identity/network": "internett",
    "userinfo_issued_at": 1714715867,
    "helseid://claims/hpr/hpr_details": {
        "approvals": [
            {
                "profession": "LE",
                "authorization": {
                    "value": "1",
                    "description": "Autorisasjon"
                },
                "requisition_rights": [
                    {
                        "value": "1",
                        "description": "Full rekvisisjonsrett"
                    }
                ],
                "specialities": []
            }
        ],
        "hpr_number": 565505933
    },
    "sub": "PGzVzvP2JvlXV\u002B\u002BOJSJAQG5d99BH8QsikmxpdIAKSZk="
}