In the simplest form of the idea, the endpoint location would be specified as property userinfo_endpoint in the metadata endpoint, and requests would take the form of a GET request, with an Authorization token that had, at minimum, the profile and/or email scope, and the return would match the default return provided in the IndieAuth spec.
Opening this issue to discuss, as raised at the 2021 IndieAuth 2 Pop-Up, the possibility of adding a user informaiton endpoint in future.
Prior art would be OpenID Connect https://openid.net/specs/openid-connect-core-1_0.html
In the simplest form of the idea, the endpoint location would be specified as property userinfo_endpoint in the metadata endpoint, and requests would take the form of a GET request, with an Authorization token that had, at minimum, the profile and/or email scope, and the return would match the default return provided in the IndieAuth spec.