I am calling the /userinfo endpoint outlined here: Authentication API Explorer in order to get the user info for an access_token, however the data I’m getting back does not include the email. Here is what I am getting:
(PS: The main reason I am calling this is because I am calling my ASPNet Core web api with the access_token from my mobile app. The User in ASPNet Core does not have any of the normal user data that it would when coming in from the html site, so I might be doing other things improperly as well here).
I was having a similar problem with Ruby on Rails (after following the Auth0 quickstart). I’m not sure what the reasoning of the quickstart author was for leaving out the “email” scope, but it resulted in a behavior that looked like a bug (userinfo null email field).
The solution for Ruby on Rails was to add “email” to the scope: line in auth0.rb initializer.
I highly imagine that most apps outsourcing their user auth/management would want to see the users’ email addresses, so I think the quickstart should be updated to include the email scope.