Get Personal Information using userinfo API

I am using OIDC with PKCE flow to fetch access token of user. I am able to successfully get access_token and id_token. i have requested “openid profile email” scope. Also, I have granted below API scopes to the application.
okta.clients.read
okta.sessions.read
okta.users.read
okta.users.read.self

We have custom saleforceId data in user Personal Information. I am not able to fetch this value using oauth2/default/v1/userinfo api.

Is there any way to fetch entire user detail?

Hello,

The /userinfo endpoint will return the users information from their application user profile associated with the OAuth application that was used to retrieve the access_token.
If you want to be able to get an attribute (saleforceId) from the /userinfo endpoint you would create a mapping.
See here for attribute mapping documentation.

Another option if you are using a custom authorization server is create a claim in either the id or access token that returns the value directly in the token.
See here for creating custom claims.

Thank You

2 Likes