Until today I was able to receive “email” and “email_verified” in JWT if I set scope to “email”.
I didn’t do any changes in my code. May it be a regression bug in Auth0 or am I missing something?
I’m using hosted login page. Its URL looks like this:
https://my-domain.auth0.com/login?client=XYZ&protocol=oauth2&redirect_uri=https%3A%2F%2Fexample.com%2Fauth0-callback&response_type=token%20id_token&scope=email&audience=https%3A%2F%2Fmy-domain.auth0.com%2Fuserinfo&nonce=iaixUfQzTpL87xoewhoks9i1mh7YHIv2&auth0Client=xxx%3D&state=zzz