The social /authorize person returns code at the callback, but after that I call userinfo after getting the access token, but it does not return a profile.
(For the Authorization Code Flow /authorize, the profile information is returned in userinfo.
Question 1.
(What is the use of (social /authorize)?
Question 2.
(Why can’t I get a profile with the (social /authorize) code?
Additional findings.
scope=openid+profile
was given, the user information was returned to id_token. However, the description page for social /authorize did not mention it in the request parameters for the scope parameter.
https://auth0.com/docs/api/authentication#social
I’m not sure I understand the rules around this.