No email or email_verified claim in id token

I’m trying to integrate with AWS Cognito, however the id_token I get back from Twitch doesn’t seem to contain the users email address. I’ve tried various combinations of scopes including “user_read” and “user:read:email” (along with “openid”) but it is never returned.

The docs and .well-known endpoint seem to indicate that “email” is a supported claim so not sure what else is required here?

Edit: it also doesn’t come back from the userinfo endpoint :frowning: Given up on Cognito and implementing our own IdP now… but still means we’ll have to make a call to the Twitch API to get these details after sign in unless this is fixable.

After seeing your post.

And then testing it

And then having it not working

And then had a DM with Some TwitchDevs about something else, where I mentioned this post.

Here is the answer:


    var url = oidc_data.authorization_endpoint
        + '?client_id=' + config.twitch.client
        + '&redirect_uri=' + config.twitch.redirect
        + '&response_type=code'
        + '&scope=' + oidc_data.scopes_supported.join('+')
        + '&claims=' + JSON.stringify({
                                                userinfo: {

Where oidc_data is the output of

Where this URL is the URL you would redirect people to, in order to authenticate with Twitch.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.