UserInfo

curl -X GET 'https://sandbox.connect.hopae.com/userinfo' \
  -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIs...'

{
  "sub": "otV9EMJr-iG-dj-AHhrCslfdRkUUBQJ1",
  "acr": "urn:hopae:loa3",
  "hopae_loa": 3,
  "hopae_loa_label": "substantial",
  "missing_claims": [
    "email",
    "gender",
    "picture"
  ],
  "user": {
    "birthdate": "1905-04-04",
    "given_name": "OK",
    "family_name": "TESTNUMBER",
    "nationality": "LT",
    "name": "OK TESTNUMBER"
  },
  "provenance": {
    "presentation": {
      "channel": {
        "type": "centralized_idp",
        "transport": "internet"
      },
      "credentials": [
        {
          "type": "smartid",
          "issuer": {
            "id": "urn:hopae:issuer:ee:smartid",
            "authority_name": "SK ID Solutions AS",
            "is_government": false
          },
          "claims": {
            "documentNumber": "PNOLT-40504040001-MOCK-Q",
            "birthdate": "1905-04-04",
            "countryCode": "LT",
            "givenName": "OK",
            "surname": "TESTNUMBER"
          },
          "evidence": {
            "token": {
              "id_token": "<BASE64_ID_TOKEN>",
              "expires_at": "2025-10-31T05:43:14.000Z",
              "access_token": "<OPAQUE_ACCESS_TOKEN>",
              "token_type": "Bearer"
            },
            "names": "id_token;expires_at;access_token;token_type"
          }
        }
      ]
    },
    "_metadata": {
      "verification_id": "3162dd47a26b4218b5fa708761889e44",
      "verified_at": "2025-10-28T06:20:36.992Z"
    }
  }
}

GET

https://sandbox.connect.hopae.com

userinfo

curl -X GET 'https://sandbox.connect.hopae.com/userinfo' \
  -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIs...'

{
  "sub": "otV9EMJr-iG-dj-AHhrCslfdRkUUBQJ1",
  "acr": "urn:hopae:loa3",
  "hopae_loa": 3,
  "hopae_loa_label": "substantial",
  "missing_claims": [
    "email",
    "gender",
    "picture"
  ],
  "user": {
    "birthdate": "1905-04-04",
    "given_name": "OK",
    "family_name": "TESTNUMBER",
    "nationality": "LT",
    "name": "OK TESTNUMBER"
  },
  "provenance": {
    "presentation": {
      "channel": {
        "type": "centralized_idp",
        "transport": "internet"
      },
      "credentials": [
        {
          "type": "smartid",
          "issuer": {
            "id": "urn:hopae:issuer:ee:smartid",
            "authority_name": "SK ID Solutions AS",
            "is_government": false
          },
          "claims": {
            "documentNumber": "PNOLT-40504040001-MOCK-Q",
            "birthdate": "1905-04-04",
            "countryCode": "LT",
            "givenName": "OK",
            "surname": "TESTNUMBER"
          },
          "evidence": {
            "token": {
              "id_token": "<BASE64_ID_TOKEN>",
              "expires_at": "2025-10-31T05:43:14.000Z",
              "access_token": "<OPAQUE_ACCESS_TOKEN>",
              "token_type": "Bearer"
            },
            "names": "id_token;expires_at;access_token;token_type"
          }
        }
      ]
    },
    "_metadata": {
      "verification_id": "3162dd47a26b4218b5fa708761889e44",
      "verified_at": "2025-10-28T06:20:36.992Z"
    }
  }
}

Fetch verified user claims using the access token from /token.

The ID Token contains no PII. All personal attributes are returned only by /userinfo. Unsupported (requested) standard claims are listed in missing_claims. Verification context is provided in provenance. Evidence is included when the credential source returns it; the object contains a token payload and a semicolon‑delimited names list describing the keys. Keys vary by provider, so always read them from names. Content is relayed from the credential source.

Headers

Authorization

string

default:"Bearer eyJhbGci..."

required

Bearer access token issued by /token.

Responses

sub

string

required

Pairwise subject identifier.

acr

string

Authentication Context Class Reference (e.g., urn:hopae:loa3).

hopae_loa

number

Numeric assurance level.

hopae_loa_label

string

Human‑readable assurance label (e.g., substantial).

missing_claims

string[]

Requested standard claims not provided by the source.

user

object

Personal attributes (present per granted scopes and source availability).

Show User fields

name

string

Display name

given_name

string

Given nam

family_name

string

Family name

birthdate

string

Birthdate in YYYY-MM-DD

string

Email address

email_verified

boolean

Whether the email is verified

phone_number

string

Phone number in E.164 format

phone_number_verified

boolean

Whether the phone number is verified

address

object | string

Structured address

nationality

string

ISO 3166-1 alpha‑2.

middle_name

string

Middle name(s)

nickname

string

Casual name or handle

preferred_username

string

Preferred username

profile

string

URL of the user’s profile page

picture

string

URL of the user’s profile picture

website

string

URL of the user’s website

gender

string

Gender value

zoneinfo

string

Time zone (IANA)

locale

string

Locale (BCP 47)

updated_at

number

Unix timestamp of last profile update

provenance

object

Verification context for this event.

Show Presentation

provenance.presentation.channel.type

string

centralized_idp, wallet, etc.

provenance.presentation.channel.transport

string

internet, nfc, etc.

provenance.presentation.credentials[]

array

Credentials presented for this verification.

provenance.presentation.credentials[].type

string

Provider identifier used when initiating the verification (for example, smartid).

provenance.presentation.credentials[].issuer.id

string

Issuer identifier.

provenance.presentation.credentials[].issuer.authority_name

string

Issuer display name.

provenance.presentation.credentials[].issuer.is_government

boolean

Government authority flag.

provenance.presentation.credentials[].claims

object

Raw source claims, when available.

provenance.presentation.credentials[].evidence

object

Token evidence object from the source (when provided). Includes token (provider-supplied key/value pairs) and names (semicolon-delimited list of keys present under token).

Show Metadata

provenance._metadata.verification_id

string

Verification session id.

provenance._metadata.verified_at

string

ISO 8601 verification timestamp.

Example

curl -X GET 'https://sandbox.connect.hopae.com/userinfo' \
  -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIs...'

{
  "sub": "otV9EMJr-iG-dj-AHhrCslfdRkUUBQJ1",
  "acr": "urn:hopae:loa3",
  "hopae_loa": 3,
  "hopae_loa_label": "substantial",
  "missing_claims": [
    "email",
    "gender",
    "picture"
  ],
  "user": {
    "birthdate": "1905-04-04",
    "given_name": "OK",
    "family_name": "TESTNUMBER",
    "nationality": "LT",
    "name": "OK TESTNUMBER"
  },
  "provenance": {
    "presentation": {
      "channel": {
        "type": "centralized_idp",
        "transport": "internet"
      },
      "credentials": [
        {
          "type": "smartid",
          "issuer": {
            "id": "urn:hopae:issuer:ee:smartid",
            "authority_name": "SK ID Solutions AS",
            "is_government": false
          },
          "claims": {
            "documentNumber": "PNOLT-40504040001-MOCK-Q",
            "birthdate": "1905-04-04",
            "countryCode": "LT",
            "givenName": "OK",
            "surname": "TESTNUMBER"
          },
          "evidence": {
            "token": {
              "id_token": "<BASE64_ID_TOKEN>",
              "expires_at": "2025-10-31T05:43:14.000Z",
              "access_token": "<OPAQUE_ACCESS_TOKEN>",
              "token_type": "Bearer"
            },
            "names": "id_token;expires_at;access_token;token_type"
          }
        }
      ]
    },
    "_metadata": {
      "verification_id": "3162dd47a26b4218b5fa708761889e44",
      "verified_at": "2025-10-28T06:20:36.992Z"
    }
  }
}

Evidence keys are provider-specific. Inspect names to determine which fields are present under evidence.token.

Token JWKS

⌘I

Overview

OIDC

REST API

Headers

Responses

Example

Overview

OIDC

REST API

​Headers

​Responses

​Example

Headers

Responses

Example