Auth0 `/userinfo` endpoint documentation is incorrect

justice · June 3, 2025, 7:50pm

Should be fairly easy to fix: The documentation states that the /userinfo endpoint accepts only 1 header, specifically access_token. When a request is built using the tool on [the documentation website] in cURL, and executed, a 401 Unauthorized code is returned. The correct header that works for this endpoint is Authorization: Bearer <token>.

So the request goes from

curl -L -g 'https://{yourDomain}/userinfo' \
-H 'Accept: application/json' \
-H 'access_token: <Token>'

(generated by the tool on the documentation)

to

curl -L -g 'https://{yourDomain}/userinfo' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <Token>'

dawid.matuszczyk · June 29, 2025, 9:54pm

Hi there!

Welcome to the Auth0 Community!

Thank you for reporting that! I’ve sent that over to our Documentation team to review and update!

Thank you for your contribution!
Dawid

system · July 13, 2025, 9:55pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
/userinfo endpoint returns 401 Get Help management-api , users	1	560	November 29, 2023
401 on /userinfo Get Help	4	7264	September 3, 2019
Calling /userinfo returns an unauthorized error Get Help userinfo	3	8264	March 2, 2018
Auth0 /userinfo endpoint is returning 200 with empty response body Get Help login-experience , new-universal-login-experience	4	1271	June 12, 2023
Invalid credentials when hitting the /userinfo endpoint Get Help userinfo , invalid-credentials , endpoint	3	6151	March 2, 2018

Auth0 `/userinfo` endpoint documentation is incorrect

Related topics