CD
Cloudflare Developers3w ago
wawa

Erisa's discord oidc - User email was not returned. API permissions are likely incorrect.

Hi, I've tried setting up erisa' discord oidc worker with zero trust - https://github.com/Erisa/discord-oidc-worker However, whenever I tried to authenticate I get this error 
Failed to get your identity
Looks like something went wrong. Here are the details.

User email was not returned. API permissions are likely incorrect.
{
  "oidc_fields": {
    "id": "1058768145722134528"
  }
}
Failed to get your identity
Looks like something went wrong. Here are the details.

User email was not returned. API permissions are likely incorrect.
{
  "oidc_fields": {
    "id": "1058768145722134528"
  }
}
wrangler.toml 
name = "discord-oidc"
main = "worker.js"
compatibility_date = "2022-12-24"

kv_namespaces = [
  { binding = "KV", id = "1f45766d5a794468b08caa016de08c5f", preview_id = "b43c22430b5240dea89cd6cc350d3946" }
]
name = "discord-oidc"
main = "worker.js"
compatibility_date = "2022-12-24"

kv_namespaces = [
  { binding = "KV", id = "1f45766d5a794468b08caa016de08c5f", preview_id = "b43c22430b5240dea89cd6cc350d3946" }
]
config.json 
{
    "clientId": "1417209439089463296",
    "clientSecret": "redacted",
    "redirectURL": "https://jbzkehitys.cloudflareaccess.com/cdn-cgi/access/callback",
    "serversToCheckRolesFor": [

    ]
}
{
    "clientId": "1417209439089463296",
    "clientSecret": "redacted",
    "redirectURL": "https://jbzkehitys.cloudflareaccess.com/cdn-cgi/access/callback",
    "serversToCheckRolesFor": [

    ]
}
GitHub
GitHub - Erisa/discord-oidc-worker: Sign into Discord on Cloudflare...
Sign into Discord on Cloudflare Access, powered by Cloudflare Workers! - Erisa/discord-oidc-worker
No description
No description
No description
4 Replies
wawa
wawaOP3w ago
let me know if you need any other info (pls ping on reply)
Erisa
Erisa3w ago
the email claim in the zt config needs to be set to the string email, not any actual email address this only isnt mentioned in the readme because that field didnt exist when i made this, it would always use email implicitly im pretty sure you can also leave it blank, given its optional and my apps made prior to its existence have it blank
wawa
wawaOP3w ago
Thanks, that worked ill submit a pr
Erisa
Erisa3w ago
cool, thanks

Did you find this page helpful?