diff --git a/hiboo/sso/oidc.py b/hiboo/sso/oidc.py
index dd9a77f18d0682b7c4ab0ebd5f3b8f1db8c4858c..8b69813a830ca66c831dcfde051647266d9c9f00 100644
--- a/hiboo/sso/oidc.py
+++ b/hiboo/sso/oidc.py
@@ -124,7 +124,7 @@ class Client(sqla_oauth2.OAuth2ClientMixin):
     hybrid flows.
     """
 
-    scope = "openid"
+    scope = "openid profile email"
 
     # Declare grant types using the above base classes
     AuthorizationCodeGrant = type("AuthorizationCodeGrant", (AuthorizationCodeMixin, oauth2.grants.AuthorizationCodeGrant), {})
@@ -167,8 +167,8 @@ class Client(sqla_oauth2.OAuth2ClientMixin):
         """ User info generation function used by the oidc code mixin and the userinfo endpoint
         """
         special_mappings = self.service.config.get("special_mappings", [])
-        claims = dict()    
-        if "openid" in scope:
+        claims = dict()
+        if "profile" in scope:
             claims.update(
                 sub=profile.username if "mask_sub_uuid" in special_mappings else profile.uuid,
                 name=profile.username,
@@ -176,7 +176,7 @@ class Client(sqla_oauth2.OAuth2ClientMixin):
                 login=profile.username
             )
         if "email" in scope:
-            user_email = profile.user.contact.get("email")
+            user_email = profile.user.contact.get("email") if profile.user.contact else None
             claims.update(
                 email=user_email if "original_email" in special_mappings else profile.email
             )