Hello. We're trying to implement OAuth with Ory Cloud. But we're not getting the email address from the userinfo endpoint. Found an issue described here https://github.com/ory/kratos/issues/3060 Any idea how to setup what gets passed via userinfo on the cloud?

You have to implement your own login, respectively consent provider. Here is an example https://github.com/ory/hydra-login-consent-node. The corresponding concept is also part of hydras documentation.

But we're using cloud.

I assume you're talking about scopes. Typically, you have to configure the allowed scopes during the registration of a client in hydra. If you don't configure any, you'll get an empty permission dialogue, respectively list upon which the dialogue is built. But this is related to hydra only. Hydra by itself doesn't know anything about profile attributes. These are managed by kratos. That way, if there is an integration between kratos and hydra, which effectively is just a login provider implementation, I was talking about in my reply to your question, that implementation must implement a mapping between possible oidc scopes and attributes available in kratos so that upon a successful execution of the authorization grant flow the session created on hydra side has these attributes.

@victorious-controller-5388 do you happen to know anything about this?

email,profile IIRC

Yep, unfortunately there's no email there... Here's the raw response from the flow.

Does your client actually send the email scope when starting the authorization grant flow? If not, that could be the explanation why you don't get that data

Damn, that was it. Thanks.