userInfo call is returning empty object


I am using auth0-js npm package v9.3.0 for social connections on my website. Lately I am getting empty object when I call auth0.client.userInfo call with access_token after user has been successfully authenticated.
Does anyone know why one would get completely empty object as response to userInfo call with latest access token every time? This is breaking the login flow in production.

You need to make sure you’ve set the openid and profile scopes when you request the access token. If these aren’t present you will receive an empty response from userinfo.


I have got “profile email” in scope and it was working till couple of days ago and suddenly I am getting an empty response.

1 Like

I am getting the same problem nowadays. Last i tried i was getting 200 response along with the email and name. any ideas ?

Hey there @vikhyat.chandra!

Can you tell me SDK / framework / package of ours you use and share the code snippet to retrieve user info object? Have you got the scope set correctly?

Please provide me with more context as of now I don’t have enough details to start investigating this. Thank you!

well as of now i was trying to call the endpoint using postman.For more insight. I’m trying to implement the authO service in a Google assistant action app in a nodeJs environment.I am able to sign in using the Google sign-In also retrieving the access token in my logs.Then same token i’m applying in the header and calling the service through postman.I also remember receiving the email address a few days back.Once i can successfully call the endpoint in postman i will start with the client logic.Also how do i set open id profile scope?

Thanks for providing more context. Here are our docs that will guide you on setting the scope you want:

Hey just wanted to check if by chance the /userinfo endpoint is deprecated?..Is that the reason I’ve been receiving empty response body since a past few days??

Hey there @vikhyat.chandra!

The /userinfo endpoint is not deprecated, it’s widely used for getting the user profile. I see that you added auth0.js tag as well as you’re talking about Postman.

Have you tried checking our doc on Postman Collections?

It will guide you step by step on how to get all the endpoints you can hit in our API and only by providing your auth0-domain and auth0_token you will be able to get certain user.

Here’s also the JavaScript quickstart on retrieving user profile:

Let me know if that helps!

Hey there @vikhyat.chandra!

Have you had some time to see my previous message?

Hi @konrad.sopala. Yes i did go through those documentation they were indeed very helpful piece of information.However i forgot to mention that initially I’m setting up a Google identity provider sign in. Last i tired, I called the user info api with which I just got the “sub” field which was the unique Google consent of that very user i’m guessing,Thereafter i called one of the api suggested by the authO docs using that i got the user info. However is that the right way to access??

Unfortunately I was unable to access the postman collections URL. When redirected it gives an error postman://app/collections/import/90d43da958b7e910ff1a? address wasn’t understood.

Ok @vikhyat.chandra.

I’m not sure if we understood each other correctly as there were a few threads actually described. Let’s get everything together here.


The doc I sent you guide you step by step how to import all our endpoints that we offer in our APIs into Postman so that you can choose the one your are interested in from Postman sidebar and by setting up right domain and token hit those endpoints.

You can create an environment for yourself so that you don’t need to update those info every time you go in (in Postman in the upper right corner, clicking on eye icon).

Regarding the issue you brought up in your last message can you provide me more info about when you faced it at which step, what can I do to potentially reproduce it?


Regarding this one I’m not sure I understood you correctly. I totally get what you are trying to build but can you let me know what are you receiving when calling this endpoint and what problems you potentially have. Were you able to successfully retrieve user profile in the end?

Thank you for providing all that context in detailed manner!

Yes i’m able to successfully receive the profile of the user from the identity provider endpoints. As of now i’m figuring out a way to call the those endpoints from a front end section using webtasks as suggested by the docs. any ideas or bullets i should keep in mind?

Not sure what docs you are talking about as you linked the main docs site. Can you give me a link to this exact docs so I can tell you what you should be looking for?


These dare the docs i’m referring to obtain the identity provider’s access token and then the full profile details of user.

Thank you for providing that info. Apart from the steps mentioned in this doc I have no further details to add to keep in mind. Let me know if you have any other questions

Hey @konrad.sopala is it possible to set no expiration time in api token? As of now when we navigate to API’s->API Explorer the Token Expiration (Seconds) is set to 86400.

Fortunately it’s not because of the security reasons. Maximum amount of time is 2592000 seconds which is 30 days.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.