Is there any way to get the email in the initial token so I do not have to do another request to domain/userinfo to get the email? I am reaching too many requests limit…
I found this url linked when someone else asked the same question:
You may have to request the email scope to let the server know that you would like email and email_verified claims in the id token. You have checked the response when you use the getIdTokenClaims method?
The scopes you’re requesting, openid profile email have an affect on the ID token, not the access token (what you’re showing above is the access token, see token docs for general info). The email claim will be added to the ID token, not the access token.
If you need the info in the access token as well, you should add this via Rule as custom claim.
It was a lot easier than I tought, its too bad I spent HOURS looking for this before asking you guys
If anyone else is a noob like me and strugling, add this as a new rule under rules: