When a customer signs into your website, you receive information about them in the form of an ID token. If a customer then changes their email or name, or purchase or cancel their subscription from within Pliro, the information received in the original ID token will be out of date. For the most part this is fine, but in some cases it can cause problems.

For example, if a customer signs into your website, purchases a subscription from within Pliro, and then tries to access a protected piece of content on your website, you run the risk of denying them access since you have yet to learn about their purchase.

In cases like this you'll want to retrieve updated information about the customer. This can be done with a request to the userinfo endpoint:

GET /oauth/userinfo HTTP/1.1
Host: example-publication.plirotest.page
Authorization: Bearer example-access-token

The request needs to include Bearer authentication using the customer's access token.

The successful response includes the customer's email, name, and plan if the corresponding scopes where requested when creating the access token:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "sub": "cus_1BxEm4QKh4Rb5v6Qvu2THx",
  "email": "customer@example.com",
  "name": "Example Name",
  "plan": "example-plan"
}

Error handling

If the request fails due to an invalid access token, the server responds with an HTTP 401 status code and a WWW-Authenticate containing the invalid_token error code:

HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer realm="Pliro", error="invalid_token", error_description="The access token is invalid"

When this happens, you might want to try silently re-authenticating the customer before signing the them out of your website.