Integration Reference
Next ReasonNext Reason CareersNext Identity Status
Start typing to search…

User Info

How to integrate the Next Identity Hosted Journeys user info workflow

Retrieving key details from a user's profile with Next Identity Journeys is an optional workflow in your integration with Next Identity.

In this use case, the user is already signed in and you have a valid access token for them.

Endpoint URL

The user info request consists of the base domain + the endpoint (/userinfo) + parameters. Available parameters are listed below the example.

curl --location --request POST 'https://id.eu.nextreason.com/userinfo' \
--header 'Authorization: Bearer {{access_token}}' \
--header 'Content-Type: application/json' \

Required Parameters

The following parameters must be included on every request.

ParameterDescription
header authorizationA header for authorization including a bearer token (the access token retrieved from the /token call) valid for the user.

Response Handling

This endpoint provides comprehensive information about an authenticated user, including their unique identifier, name, email, verification status, last update time, and locale.

Sample Result:

{ "sub": "9cde62ef-3d64-4aff-89f4-5362ec858cc3", "name": "John", "given_name": "Smith", "family_name": "John", "email": "[[email protected]](mailto:[email protected])", "email_verified": true, "updated_at": "2020-12-14 21:22:11.304747 +0000", "locale": "en-US" }

Structure:

AttributeDescription
sub (string)Unique identifier for the user
name (string)Full name of the user
given_name (string)Given name of the user
family_name (string)Family name of the user
email (string)Email address of the user
email_verified (boolean)Indicates whether the user's email is verified
updated_at (dateTime)Represents the last time the user's information was updated
locale(string)Indicates the user's language and regional preferences

Configuration Options

The /userinfo endpoint can be configured to return specific information based on the application's requirements.

Error Handling

Code

Error

Cause

401 Unauthorized

{
"error": "http_exception",
"error_details": {
"message": "Unauthorized"
}
}

Incorrect code

400 Bad Request

{
"stat": "error",
"error": "invalid_request"
}

Invalid base domain

400 Bad Request

{
"stat": "error",
"error": "invalid_request"
}

Empty Access Token

Security Considerations

Ensure that the responses that are considered as personally identifiable information (PII) is transmitted securely over HTTPS to prevent interception by unauthorized parties.

Integration

  1. Redirect to Authorization Endpoint: Initiate the authentication request.
  2. Handle Redirect Back with Authorization Code: Capture and process the authorization response.
  3. Exchange Authorization Code for Tokens: Obtain access and possibly refresh tokens.
  4. Use the obtained access token and run the userinfo endpoint
  5. Use the obtained user details for the approved use case like personalizing user experience, display a user profile or perform other application-specific tasks.