diff --git a/langdev/web/templates/thirdparty/app.html b/langdev/web/templates/thirdparty/app.html
index 03e869d..6c183fd 100644
--- a/langdev/web/templates/thirdparty/app.html
+++ b/langdev/web/templates/thirdparty/app.html
@@ -103,6 +103,17 @@ <h1>Not Found</h1>
   even if there is no given user, give <code>error=ignore</code> option into
   request.</p>
 
+  <h3>Request the user information</h3>
+  <p>If you need the information of given user when the authentication has
+  succeed, give <code>with=userinfo</code> option into request.</p>
+
+  <h3>Response example: when <code>with=userinfo</code> option was given</h3>
+  <pre>HTTP/1.1 200 OK
+Vary: Accept
+Content-Type: application/json
+
+{{ require('langdev.web.serializers').json(current_user) }}</pre>
+
   <h2>Delete</h2>
   {% call render_raw_form('delete_app', app_key=app.key) %}
     <input type="submit" value="Delete" />
diff --git a/langdev/web/thirdparty.py b/langdev/web/thirdparty.py
index d95816b..93dd880 100644
--- a/langdev/web/thirdparty.py
+++ b/langdev/web/thirdparty.py
@@ -87,6 +87,7 @@ def delete_app(app_key):
 def sso(app_key, user_login):
     """Simple SSO API."""
     app = get_app(app_key)
+    require_userinfo = request.values.get('with') == 'userinfo'
     error_ignored = request.values.get('error') == 'ignore'
     success = None
     if User.LOGIN_PATTERN.match(user_login):
@@ -108,5 +109,12 @@ def sso(app_key, user_login):
             success = False
     if success is None:
         success = app.hmac(user.password) == request.values['password']
-    return render('thirdparty/sso', success, success=success)
+    if success and require_userinfo:
+        result = user
+        # workaround to include ``email`` attribute in the response.
+        # see also :func:`langdev.objsimplify.transform`.
+        g.current_user = user
+    else:
+        result = success
+    return render('thirdparty/sso', result, success=success)