diff --git a/apps/oauth2/appinfo/routes.php b/apps/oauth2/appinfo/routes.php
index 4ba398e13431f..86d39b6a3beae 100644
--- a/apps/oauth2/appinfo/routes.php
+++ b/apps/oauth2/appinfo/routes.php
@@ -43,5 +43,10 @@
 			'url' => '/api/v1/token',
 			'verb' => 'POST'
 		],
+		[
+			'name' => 'OauthApi#getUserInfo',
+			'url' => '/api/v1/userinfo',
+			'verb' => 'GET'
+		],
 	],
 ];
diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php
index 46b68b1d5859a..5c4b0d15140cd 100644
--- a/apps/oauth2/lib/Controller/OauthApiController.php
+++ b/apps/oauth2/lib/Controller/OauthApiController.php
@@ -45,6 +45,7 @@
 use OCP\Security\ICrypto;
 use OCP\Security\ISecureRandom;
 use Psr\Log\LoggerInterface;
+use OCP\IUserSession;
 
 class OauthApiController extends Controller {
 	// the authorization code expires after 10 minutes
@@ -62,6 +63,7 @@ public function __construct(
 		private LoggerInterface $logger,
 		private IThrottler $throttler,
 		private ITimeFactory $timeFactory,
+		private IUserSession $userSession,
 	) {
 		parent::__construct($appName, $request);
 	}
@@ -226,4 +228,21 @@ public function getToken(
 			]
 		);
 	}
+
+	/**
+	 * @PublicPage
+	 * @NoCSRFRequired
+	 *
+	 * @return JSONResponse
+	 */
+	public function getUserInfo() {
+		$user = $this->userSession->getUser();
+		$displayname = explode(' ', $user->getDisplayName());
+		return new JSONResponse([
+			'sub' => $user->getUID(),
+			'given_name' => $displayname[0],
+			'family_name' => $displayname[1] ? $displayname[1] : $displayname[0],
+			'email' => $user->getEMailAddress()
+		]);
+	}
 }