> ## Documentation Index
> Fetch the complete documentation index at: https://docs-staging-actions-triggers-prototype.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Get User Info

> Return a user's profile using an Auth0 Access Token when the openid scope was granted.

export const ResponseSchema = ({statusCode, type = "{}", children}) => {
  const [open, setOpen] = useState(false);
  return <div className="border border-gray-100 dark:border-gray-800 rounded-lg mb-3 overflow-hidden">
      <div className={`flex items-center gap-2.5 px-4 py-2.5 cursor-pointer select-none ${open ? "bg-gray-50 dark:bg-gray-800" : ""}`} onClick={() => setOpen(!open)}>
        {statusCode && <span className="border border-gray-300 dark:border-gray-600 text-gray-700 dark:text-gray-300 font-mono text-xs px-1.5 py-0.5 rounded">
            {statusCode.startsWith("default") ? "default" : statusCode}
          </span>}
        <span className="text-gray-500 dark:text-gray-400 text-sm font-mono">
          {type}
        </span>
        <span className="text-gray-400 dark:text-gray-500 text-sm italic">
          application/json
        </span>
        <svg className={`ml-auto opacity-50 transition-transform duration-200 ${open ? "rotate-180" : ""}`} width="16" height="16" viewBox="0 0 16 16" fill="none">
          <path d="M4 6l4 4 4-4" stroke="currentColor" strokeWidth="1.5" strokeLinecap="round" strokeLinejoin="round" />
        </svg>
      </div>
      {open && <div className="px-4 pt-1 pb-3 border-t border-gray-100 dark:border-gray-800">
          {children}
        </div>}
    </div>;
};

## Endpoint

`GET /userinfo`

Given the Auth0 Access Token obtained during login, this endpoint returns a user's profile. This endpoint will work only if `openid` was granted as a scope for the Access Token. The user profile information included in the response depends on the scopes requested. For example, a scope of just `openid` may return less information than a scope of `openid profile email`.

### Remarks

* The sample auth0.js script uses the library version 8. If you are using auth0.js version 7, please see this [reference guide](https://auth0.com/docs/libraries/auth0js/v7).
* The auth0.js `parseHash` method requires that your tokens are signed with `RS256`, rather than `HS256`.
* To return `user_metadata` or other custom information from this endpoint, add a custom claim to the ID token with an [Action](https://auth0.com/docs/secure/tokens/json-web-tokens/create-custom-claims#create-custom-claims). For more information refer to [User profile claims and scope](https://auth0.com/docs/get-started/apis/scopes/openid-connect-scopes).
* This endpoint will return three HTTP Response Headers that provide relevant data on its rate limits:
  * `X-RateLimit-Limit`: Number of requests allowed per minute.
  * `X-RateLimit-Remaining`: Number of requests available. Each new request reduces this number by 1. For each minute that passes, requests are added back, so this number increases by 1 each time.
  * `X-RateLimit-Reset`: Remaining time until the rate limit (`X-RateLimit-Limit`) resets. The value is in [UTC epoch seconds](https://en.wikipedia.org/wiki/Unix_time).
* The `Email` claim returns a snapshot of the email at the time of login.
* Standard claims (other than `email`) return the latest value (unless the value comes from an external IdP).
* Custom claims always return the latest value of the claim.
* To access the most up-to-date values for the `email` or custom claims, you must get new tokens. You can log in using silent authentication (where the `prompt` parameter for your call to the [`authorize` endpoint](https://auth0.com/docs/api/authentication#authorization-code-grant) equals `none`).
* To access the most up-to-date values for standard claims that were changed using an external IdP (for example, the user changed their email address in Facebook), you must get new tokens. Log in again using the external IdP, but *not* with silent authentication.

### Learn More

* [Auth0.js v8 Reference: Extract the authResult and get user info](https://auth0.com/docs/libraries/auth0js#extract-the-authresult-and-get-user-info)
* [Auth0 API Rate Limit Policy](https://auth0.com/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy)

## Headers

<ParamField header="access_token" type="string" required />

<ParamField header="DPoP" type="string">
  A DPoP proof for the request. This is optional and only required if your application uses Demonstrating Proof-of-Possession.
</ParamField>

## Response Schema

<ResponseSchema>
  <ResponseField name="sub" type="string">
    The user's unique identifier.
  </ResponseField>

  <ResponseField name="name" type="string">
    The user's full name.
  </ResponseField>

  <ResponseField name="given_name" type="string">
    The user's given name.
  </ResponseField>

  <ResponseField name="family_name" type="string">
    The user's family name.
  </ResponseField>

  <ResponseField name="middle_name" type="string">
    The user's middle name.
  </ResponseField>

  <ResponseField name="nickname" type="string">
    The user's nickname.
  </ResponseField>

  <ResponseField name="preferred_username" type="string">
    The user's preferred username.
  </ResponseField>

  <ResponseField name="profile" type="string">
    URL of the user's profile page.
  </ResponseField>

  <ResponseField name="picture" type="string">
    URL of the user's profile picture.
  </ResponseField>

  <ResponseField name="website" type="string">
    URL of the user's website.
  </ResponseField>

  <ResponseField name="email" type="string">
    The user's email address.
  </ResponseField>

  <ResponseField name="email_verified" type="boolean">
    Whether the user's email address has been verified.
  </ResponseField>

  <ResponseField name="gender" type="string">
    The user's gender.
  </ResponseField>

  <ResponseField name="birthdate" type="string">
    The user's date of birth.
  </ResponseField>

  <ResponseField name="zoneinfo" type="string">
    The user's time zone.
  </ResponseField>

  <ResponseField name="locale" type="string">
    The user's locale.
  </ResponseField>

  <ResponseField name="phone_number" type="string">
    The user's phone number.
  </ResponseField>

  <ResponseField name="phone_number_verified" type="boolean">
    Indicates whether the user's phone number has been verified.
  </ResponseField>

  <ResponseField name="address" type="object">
    The user's address.
  </ResponseField>

  <ResponseField name="updated_at" type="integer">
    The time of the user's last information update, in Unix time.
  </ResponseField>
</ResponseSchema>

## Response Messages

| Status | Description                                    |
| ------ | ---------------------------------------------- |
| 200    | User profile retrieved successfully.           |
| 401    | Unauthorized, invalid or missing access token. |