{
"exp": 1728241188,
"iat": 1728239388,
"iss": "https://testsso.kapitalbank.az/realms/birid",
"aud": "account",
"preferred_username": "994705105514",
"typ": "Bearer",
"azp": "umico",
"sid": "80ca83b6-4df2-4423-b033-f4ff54c041d2",
"scope": "openid"
"sub": "a716d622-181c-449c-8574-4060b6920dd3",
}exp (Expiration Time):The time when the JWT token will expire, given as a Unix timestamp (seconds since January 1, 1970). In this case, 1728241188 is the expiration time of the token, meaning after this timestamp, the token will no longer be valid.
iat (Issued At):The time when the token was issued, also represented as a Unix timestamp. Here, 1728239388 is the issued time. This field helps ensure that the token is only valid from the time it was created.
iss (Issuer):The issuer of the token. It typically contains the URL of the authorization server that issued the token. Here, https://testsso.kapitalbank.az/realms/birid indicates the URL of the issuer.
aud (Audience):This identifies the intended recipient(s) of the token, which can be one or more services. In this case, account is the audience, meaning the token is intended to be used by the service named account.
sub (Subject):Id of the user - birid.
preferred_username:phone number which user logged in with.
typ (Type):The type of token. In this case, it is Bearer, indicating that this token is a bearer token, which means the bearer of the token can access resources without further authentication.
azp (Authorized Party):The client application that is authorized to use this token. Here, umico is the authorized client that can use the token on behalf of the user.
sid (Session ID):A unique identifier for the user session. It can be used to track or manage the session server-side. In this case, 80ca83b6-4df2-4423-b033-f4ff54c041d2 is the session ID provided.
scope (Scope):Specifies the scope of access granted by the token. Here, openid email profile indicates that the token allows access to certain scopes, including openid.
| Description | Provides profile information about the authenticated end-user. It requires a valid access token (a bearer token) in the request |
| HTTP Method | GET |
| URL | /v1/openid-connect/userinfo |
curl -X 'GET' \
'https://dmzid.kapitalbank.az/api/v1/openid-connect/userinfo' \
-H 'Authorization: Bearer ${token}'| Name | Type | Description |
|---|---|---|
id | string (UUID) | Unique identifier of the user. |
username | string | Login identifier (phone number). |
firstName | string | User's first name. |
lastName | string | User's last name. |
patronymic | string | Middle name or father's name (patronymic). |
pin | string | Personal Identification Number (unique national ID code). |
idCardNumber | string | User's identity card number. |
profilePicture | string (URL) | URL to the user's profile picture. |
birthDate | string (date) | User's date of birth. |
resident | boolean | Indicates if the user is a resident. |
active | boolean | Indicates if the user account is active. |
verificationStatus.id | integer | Numeric identifier of verification status. |
verificationStatus.value | string | Textual representation of verification status (e.g., "Verified"). |
gender.id | integer | Numeric identifier of gender. |
gender.value | string | Textual representation of gender (e.g., "Male", "Female"). |