This article explains how to customize the email claim included in the ID token or returned from the Userinfo endpoint when the email scope is requested, specifically when using the Org Authorization Server.

• API Access Management
• Org Authorization Server
• Claims

When using the Org Authorization Server, it is not possible to add custom claims that directly modify the email value for use in the applications. The default behavior restricts customization of the email claim, which can limit flexibility in how user email information is presented.

To customize the email claim value returned in the ID token or Userinfo endpoint, it is necessary to modify the email attribute mapping for the application by following these steps:

1. Navigate to Directory > Profile Editor in the Okta Admin Console.

2. Locate the application and click on Mappings.

3. Ensure Okta User to App mapping is selected.

4. Modify the expression for the email attribute according to the desired format or requirement.
    

5. Click Save Mapping and then Apply Updates to save the modified mapping expression.

After completing these steps, the ID token will include the modified email claim value as per the updated mapping.