The scopes you requested aren't being returned

Question

In my custom provider, I’ve requested the email and the address scopes, but none of this information is being returned. Any idea why?

Answer

Our first thought here is that you haven’t include an attribute map in your custom parameter. The attribute map is used to map social login provider fields to their corresponding Identity Cloud user attributes; for example, your IdP might have a field named userfullname that’s equivalent to the Identity Cloud’s displayName attribute. Suppose your custom provider doesn’t have an attribute map that tells the provider that the value of the userfullname field should be copied to the displayName attribute. In that case your custom provider will simply ignore the userfullname field.

However, even if you have an attribute map it’s possible that there might not be anything to map to. That’s because different identity providers support different scopes and different claims; it’s possible your IdP doesn’t support the email and the address scopes (or claims). For example, Spotify doesn’t support the email scope; if you’d like to get back the user’s email address you need to return the user-read-email scope. Keep in mind, too, that the user account for a social login provider might not include some of the information you’re requesting. To cite Spotify again, Spotify doesn’t track a user’s street address or their mobile device number. Consequently, street address or cell phone number will never be returned from Spotify.