Howdy! I’m testing integration with the Google (google-oauth2) connection in Ruby on Rails with Omniauth. For my app, it’s important to get the email address of each authed user. So I confirmed that the Google connection’s “Basic profile (email, verified flag)” setting is checked by default. But I don’t see this information in the user profile provided to the Rails controller. And when I test the Google connection via the Auth0 settings dashboard, the following user info is shown (note that email isn’t there):
My question is: What am I doing wrong? How can I guarantee that the email will always be provided in the auth hash supplied to my Rails endpoint? Thanks in advance!
Do you see the email in the user profile when you go to the Users section of the dashboard? If you do, then that means that the email address is reaching Auth0.
The connection tester (the “Try” button) uses scope=openid profile for its test (it does not request the email scope), that’s why the email is not displayed. The same thing could be happening in the Rails application, so you need to check that the requested scope in the /authorize request includes email (e.g. scope=openid profile email).
Got it, thank you, that’s exactly what I was missing.
Question: Is there some resource where I could learn what valid scopes are available, and what fields each scope provides? ie. how might I have answered my own question if this helpful community weren’t here?