OIDC (Authentik) [ERROR] Neither id token nor userinfo contained an email #6639
Replies: 1 comment 1 reply
-
|
Turns out it was wrong SSO_SCOPES env setup, used quotes in the config |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
I get the same error but, I'm not use the env in docker. I used the admin WEB UI to config the sso. And in field 'Authorization request scopes' I have simply the value 'email profile offline_access' without quotes. What could be wrong in my case? |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Authentik: 2025.10.3
Vaultwarden: 1.35.1
Vaultwarden Web: 2025.12.1
OS: arm64 raspberry pi lite OS on docker
Reverse Proxy: Caddy (with X-Real-IP header)
"INVITATIONS_ALLOWED=false",
"SIGNUPS_ALLOWED=false",
"SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION=false"
"SSO_AUTHORITY=https://${domain}/application/o/vaultwarden/",
"SSO_ENABLED=true",
"SSO_SIGNUPS_MATCH_EMAIL=true",
"SSO_SCOPES="email profile offline_access"",
When i click on the use sso button i see sso loadingscreen popup twice and then i see "Neither id token nor userinfo contained an email" as toast message and in docker logs.
I did make the token valid time more than 5m and offline_access in provider settings in Authentik.
Not sure what's wrong here. I use same email address in vaultwarden and authentik
Beta Was this translation helpful? Give feedback.
All reactions