How to get email from Microsoft graph api oidc/userinfo endpoint

Kay Khan 26 Reputation points
2022-10-24T09:38:55.287+00:00

I have setup oauth via azure, i have received an authorization_code which i have exchanged for an access_token. I am then attempting to use that access token to get userinfo data including the email as described in the docs (https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo). However in the response it does not return to me the email.

   {  
       "sub": "<redacted>",  
       "name": "John Doe",  
       "family_name": "John",  
       "given_name": "Doe",  
       "picture": "https://graph.microsoft.com/v1.0/me/photo/$value"  
   }  

The documentation suggests that in order for email to be returned in the response it requires the email scope. https://learn.microsoft.com/en-us/azure/active-directory/develop/userinfo#userinfo-response

However i believe i am already specifying that i want the email scope.

App Permissions

https://i.stack.imgur.com/0xcyf.png

/oauth2/v2.0/token (the scope shows profile, openid, email and user.Read)

https://i.stack.imgur.com/SX5RD.png

What am i missing?>

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,785 questions
0 comments No comments
{count} votes

Accepted answer
  1. Zehui Yao_MSFT 5,856 Reputation points
    2022-10-28T08:36:57.04+00:00

    Hi @Kay Khan ,

    Great to know that this issue has been resolved and thanks for sharing the update here.

    By the way, since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others.". and according to the scenario introduced here: Answering your own questions on Microsoft Q&A, I would make a brief summary of this thread:

    [How to get email from Microsoft graph api oidc/userinfo endpoint]

    Issue Symptom:
    When request microsoft graph api oidc/userinfo endpoint, the email field is not returned in the response.

    Current status:
    This issue has been solved in other platforms and this issue occurs because the email field in the user profile is not set after you update the email field by editing the user's properties. The endpoint can return a response that has an email field.

    You could click the "Accept Answer" button for this summary to close this thread, and this can make it easier for other community member's to see the useful information when reading this thread. Thanks for your understanding!

    1 person found this answer helpful.
    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Zehui Yao_MSFT 5,856 Reputation points
    2022-10-24T11:45:30.957+00:00

    Hi, @Kay Khan , you can use the token you obtained to access the Microsoft graph API endpoint: https://graph.microsoft.com/v1.0/me to receive the logged-in user's information including the email address. Hope this can help you.

    253545-untitled1024.png


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments No comments

  2. Kay Khan 26 Reputation points
    2022-10-24T11:52:13.437+00:00

    This problem was resolved here -https://stackoverflow.com/questions/74179077/how-to-get-email-from-microsoft-graph-api-oidc-userinfo-endpoint/74180543#74180543

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.