diff --git a/lenticular_cloud/views/api.py b/lenticular_cloud/views/api.py
index 3e00f85..3846f99 100644
--- a/lenticular_cloud/views/api.py
+++ b/lenticular_cloud/views/api.py
@@ -16,32 +16,6 @@ from ..auth_providers import LdapAuthProvider
 
 api_views = Blueprint('api', __name__, url_prefix='/api')
 
-@api_views.route('/userinfo', methods=['GET', 'POST'])
-def userinfo():
-    if 'authorization' not in request.headers:
-        return 'not token found', 400
-    token = request.headers['authorization'].replace('Bearer ', '')
-    token_info = current_app.hydra_api.introspect_o_auth2_token(token=token)
-    if not token_info.active:
-        return 'token not valid', 403
-
-    user_db = User.query.get(token_info.sub)
-    user = User.query_().by_username(user_db.username)
-
-    public_url = current_app.config.get('HYDRA_PUBLIC_URL')
-    r = requests.get(
-            f"{public_url}/userinfo",
-            headers={
-                'authorization': request.headers['authorization']})
-    userinfo = r.json()
-    scopes = token_info.scope.split(' ')
-    if 'email' in scopes:
-        userinfo['email'] = str(user.email)
-    if 'profile' in scopes:
-        userinfo['username'] = str(user.username)
-    print(userinfo)
-    return jsonify(userinfo)
-
 
 @api_views.route('/users', methods=['GET'])
 def user_list():
diff --git a/lenticular_cloud/views/auth.py b/lenticular_cloud/views/auth.py
index 98bc8be..cc6265b 100644
--- a/lenticular_cloud/views/auth.py
+++ b/lenticular_cloud/views/auth.py
@@ -8,7 +8,7 @@ from flask.templating import render_template
 from flask_babel import gettext
 
 from flask import request, url_for
-from flask_login import login_required, login_user, logout_user
+from flask_login import login_required, login_user, logout_user, current_user
 import logging
 from urllib.parse import urlparse
 from base64 import b64decode, b64encode
@@ -36,9 +36,16 @@ def consent():
 
     requested_scope = consent_request.requested_scope
     requested_audiences = consent_request.requested_access_token_audience
-    user = User.query.get(consent_request.subject)
 
     if form.validate_on_submit() or consent_request.skip:
+        token_data = {
+            'preferred_username': str(current_user.username),
+            'email': str(current_user.email),
+            'email_verified': True,
+        }
+        id_token_data = {}
+        if 'openid' in requested_scope:
+            id_token_data = token_data
         resp = current_app.hydra_api.accept_consent_request(
             consent_request.challenge, body={
                 'grant_scope': requested_scope,
@@ -46,11 +53,9 @@ def consent():
                 'remember': form.data['remember'],
                 'remember_for': remember_for,
                 'session': {
-                    'access_token': {},
-                    'id_token': {
-                        'preferred_username': user.username
-                        }
-                    }
+                    'access_token': token_data,
+                    'id_token': id_token_data
+                }
             })
         return redirect(resp.redirect_to)
     return render_template(