in the last couple days I’m trying to figure out how OpenID works in conjunction with Line : https://developers.line.biz/en/reference/line-login/ , so I installed openid
The OpenID Connect discovery document for Line is found here:
I setup the openid profile and email scopes.
According to line.biz the email address is in the token. And everything looks ok so far when I look in my logs.
I got the email address in the JWT file extracted from the token
OIDC Log: Verified JWT—
But after requesting https://api.line.me/oauth2/v2.1/userinfo
The email address isn’t included. only name and the sub UserId.
A look at the line documents under userinfo seems like this is correct. The userinfo doesn’t include the email.
So what could I do to extract the email address in the JWT response. ? I tried to use claims and maybe there is a way to get it that I’m missing? Or is that going to nowhere? . Makes me dizzy
I read on the OpenID Plugin Page: openid
If the discovery document includes a
userinfo_endpoint parameter, then the plugin will use that to collect user metadata. If not, the plugin will extract metadata from the
id_token (A JWT) supplied by the token endpoint.
So one solution would be to tell the plugin not using the userinfo endpoint? That would be great. But I could do that?