We are trying to connect our WebAPI/Atlas instance to Auth0 thru OpenIDC, this is the error that is being returned, that the system is not sending back the users email in order to log them in.
We get correctly redirected to the Auth0 log in and then get redirected back to Atlas before a popup with the error appears.
When inspecting the calls to Auth0 we see it reaches out to the following url:
https://[redacted].us.auth0.com/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2F172.22.32.13%2FWebAPI%2Fuser%2Foauth%2Fcallback%3Fclient_name%3DOidcClient&state=bcde9a4865&nonce=4sAE_U4EyunyZTCN0qnjGXimK6XyTT5BWNEXJ-owxRE&client_id=64IGDkG32341vCH7lUnzZvTA05IuRHnd
The only scope is the openid one which will not return with the email.
My relevant settings.xml:
<security.oid.clientId>redacted</security.oid.clientId>
<security.oid.apiSecret>redacted</security.oid.apiSecret>
<security.oid.url>https://[redacted].us.auth0.com/.well-known/openid-configuration</security.oid.url>
<security.oid.redirectUrl>https://host/Atlas/#/welcome</security.oid.redirectUrl>
<security.oauth.callback.api>https://host/WebAPI/user/oauth/callback</security.oauth.callback.api>
Please let me know if there is something else I am missing or if there is a way to set the scope in the call to Auth0.
Thanks,
Alex