3. Userinfo Endpoint

The UserInfo endpoint is an OAuth 2.0 protected resource of the Singpass Authentication server; where client applications can retrieve consented claims, or assertions, about the logged-in end-user.

The claims are typically packaged in a JSON object where the sub member denotes the subject (end-user) identifier, along with the data items that were tagged to the scopes requested in the /auth request parameters earlier.

The full list of scopes are under the Myinfo Data Catalogue.

For the purposes of Userinfo in the context of Singpass, we will be returning an encrypted payload in the form of a signed JSON Web Token (JWS) in a JSON Web Encrypted (JWE) token.