I am playing with Google's OAuth 2.0 Playground using my own personal Google account, but I cannot seem to recover my Gmail address using the playground.

The scope I am using is:

email profile https://www.googleapis.com/auth/plus.login

But when I call the API:

https://www.googleapis.com/oauth2/v2/userinfo

I get various information about the user such as family name, first name, gender, picture, etc. but it does not return the user's email.

How do I retrieve the user's email address? Do I have the wrong scope or am I calling the wrong API? I feel like this should be very simple but I have literally been trying to figure this out for hours and I cannot find an API and scope combination that consistently provides the user's email address.

Update: December 2018

On December 20th, Google announced that the Google+ API would be turned down in March 2019, with intermittent failure starting at the end of January 2019. As part of the the plus.people.get endpoint is deprecated and scheduled to be terminated.

The userinfo endpoint is de-deprecated and should provide the info assuming

1. You request the https://developers.google.com/identity/sign-in/web/devconsole-project scope and
2. You request the email field.

Original Answer

There are a lot of issues here in what you're doing and how you're trying to do it.

For starters, the https://www.googleapis.com/oauth2/v2/userinfo endpoint is deprecated, and scheduled to be removed in September 2014. It has begun working inconsistently - so don't use it.

As @abraham noted, you'll use the people.get endpoint at https://www.googleapis.com/plus/v1/people/me. This should give you the emails field containing an array of addresses. In your case, there will likely be only one that has a type of "account".

As of 2017: use the email scope. See Authorizing API requests.

This email scope is equivalent to and replaces the https://www.googleapis.com/auth/userinfo.email scope.

You'll want to add the https://www.googleapis.com/auth/userinfo.email scope or replace https://www.googleapis.com/oauth2/v2/userinfo with it. If you're using the HTML example they provide, you can list multiple scopes separated by a space.

<span
  class="g-signin"
  data-callback="signInCallback"
  data-clientid="{{ plus_id }}"
  data-cookiepolicy="single_host_origin"
  data-requestvisibleactions="http://schemas.google.com/AddActivity"
  data-scope="https://www.googleapis.com/auth/plus.login   
  https://www.googleapis.com/auth/userinfo.email">
</span>

I came here looking why my server did not get email in response to /oauth2/v2/userinfo api call. It was only once that I saw this & it has been working well in past.

The answer gave good lead. While fixing this, there were several other resources that helped. Still I am not sure whether expecting always email in the response is ok. so - put error handling in code in case emails are not returned.

1. Google api documentation about migrating to google+ signin.
2. https://www.googleapis.com/auth/userinfo.email scope
3. People resource documentation
4. Add google+ api to the project using google developer console. The complimentary (quota) of calls is quite high (20m for google+ signin api per day).
5. Add error handling & logging in server code in case api returns no emails. In my case, I was looking only type='account' email.

For signing in with Google using OAuth 2.0, there's no need to make a separate request to get user's email.

When Google calls the callback URL, it provides a code in the query string that you could use to exchange for access token and ID token. The ID token is a JWT that contains identity information about the user, which includes the email address.

See more information here: https://developers.google.com/identity/protocols/OpenIDConnect

This is actually a bit of a challenge as Google does not provide an email by default. You must specifically request it from Google Plus.

const scope = [
  'https://www.googleapis.com/auth/plus.me', // request access here
  'https://www.googleapis.com/auth/userinfo.email',
];

auth.generateAuthUrl({
  access_type: 'offline',
  prompt: 'consent',
  scope: scope,
});

const plus = google.plus({ version: 'v1', auth });
const me = await plus.people.get({ userId: 'me' });
const userEmail = me.data.emails[0].value;

There is a full version in this blog post I wrote: https://medium.com/@jackscott/how-to-use-google-auth-api-with-node-js-888304f7e3a0

I have been following Prisoner's answer right above, and it helped me... until I received the email from Google Developers about how Google+ API will be shutdown on March 7, 2019.

I scrounged around and found this solution to get the email using an id_token that is returned when you authorize an app with the email scope on your developer console.

From Google Sign-in for Websites:

To validate an ID token in PHP, use the Google API Client Library for PHP. Install the library (for example, using Composer):

composer require google/apiclient

Then, call the verifyIdToken() function. For example:

require_once 'vendor/autoload.php';

// Get $id_token via HTTPS POST.

$client = new Google_Client(['client_id' => $CLIENT_ID]);  // Specify the CLIENT_ID of the app that accesses the backend
$payload = $client->verifyIdToken($id_token);
if ($payload) {
  $userid = $payload['sub'];
  // If request specified a G Suite domain:
  //$domain = $payload['hd'];
} else {
  // Invalid ID token
}

This will return an array that contains the user information, that also contains the email of the user who logged in. Hope this helps anyone else.

https://developers.google.com/gmail/api/v1/reference/users/getProfile

For gmails api, add this to nodejs code:

function getUsersEmail (auth) {
  const gmail = google.gmail({version: 'v1', auth})
  gmail.users.getProfile({
    userId: 'me'
  }, (err, {data}) => {
    if (err) return console.log('The API returned an error: ' + err)
    console.log(data.emailAddress)
  })
}

Gmails api: https://developers.google.com/gmail/api/guides/