What is the meaning of ID token in oidc?

I'd token carries email, aud etc. fields. Why the client needs the ID token, having userInfo endpoint in Idp exposed to the client?

Solution

The ID token represents how the user authenticated and some details about the user. A common use of this token is to create a session cookie based on it.

The ID token usually has a very short lifetime, like 5 minutes, so after the session is created, then its purpose is very limited.

Verifying JWT signed with the RS256 algorithm using public key in C#
Access user info from SecurityIdentity using quarkus-oidc
How to map a user attribute to a standard OIDC claim in keycloak
Sign In with LinkedIn using OpenID Connect with Firebase Auth or GCP Identity Platform
Ping Federate Settings to configure authorization code grant flow using Postman
Proper design for th Keycloak auth with APIs and UI
Assume role in different account using an assumed role with web identity
The required field 'nonce' is missing from the credential. Ensure that you have all the necessary parameters for the login request. [Azure Open ID]
Invalid_client using OpenIdConnect in client application
Custom Claims in a Multitenant Microsoft Entra App
I/O error on GET request for "https://localhost/application/o/{name}/.well-known/openid-configuration": Connection refused
Add Github Identity Provider to AWS Cognito
unsupported_grant_type error for authorization_code grant type: Spring Security OAuth2
OWIN middleware for OpenID Connect - Code flow ( Flow type - AuthorizationCode) documentation?
Keycloak with AzureAD how to change the IDP user ID / IDP Links
How to use the Spring OAuth2 client to retrieve an access token only?
why offline_access scope is needed to request refresh token in IdentityServer (OAuth2)?
Not getting authenticated user in middleware with OpenIdConnect in ASP.NET Core 8
.NET Core OIDC challenge redirect not working with an Angular frontend
Keycloak: User needs to login every day altough refresh token is set to 30 days
OpenId Connect Identity Provider initiated backchannel logout not working
ASP.NET Core 8 and Duende Identity Server Authentication Schemes (OpenIdConnect, Cookies, JWT)
How should I use the id token returned to me by Google after a successful code exchange?
Error: Not authorized to perform sts:AssumeRoleWithWebIdentity during OIDC when a PR get merged into main
How does OpenIdConnectEvents get overrided?
When to refresh the access token
Spring authorization server RP-initiated logout not working
Second login with remote IdP through Keycloak fails, "Invalid username or password"
In Azure AD B2C who provides the ID token?
How to use Firebase Authentication with Okta?