Hi Hanen, This error usually means that in the initially, you have obtained an access token that does not contain 'openid' scope and used it on the userinfo endpoint. Here, 'openid' is not related to the OpenID protocol.
Can you try adding 'openid' as a scope in your initial OAuth2 token request and use that token to invoke the https://host:9443/oauth2/userinfo endpoint? For example, If you are using password grant type, curl -k -v --user *<client_id>:<client_secret>* -d "grant_type=password&username=*<username>*&password=*<password>*&scope=scope1 openid" https://localhost:9443/oauth2/token And then do a get on the user info endpoint curl -k -H "Authorization: Bearer* <your_access_token_with_openid_scope>*" https://localhost:9443/oauth2/userinfo?schema=openid Thanks, Farasath. Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Fri, Mar 24, 2017 at 10:05 PM, Hanen Ben Rhouma <[email protected]> wrote: > Hi, > > Do I need extra params to invoke the userinfo endpoint ( > https://host:9443/oauth2/userinfo) ? > > I'm getting > "error_description": "Access token does not have the openid scope", > "error": "insufficient_scope" > > Eventhough I'm using Oauth2 without OpenID > > Regards, > Hanen > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
