What is then the “intention” purpose of this endpoint? Why would anyone call this endpoint, if not to get current user profile? (at the time of authentication we can get user information in claims don’t need another call)
- If this endpoint returns “information about last authentication” it should not be called “userinfo” (misleading name)
- None of this “intent” or use is even mentioned in documentation that states:
to obtain the user’s profile
- suggestion to get the actual user profile through 2 hoops of API/Management API instead of single call to the source of information is cumbersome at best.