diff --git a/django_airavata/apps/auth/backends.py b/django_airavata/apps/auth/backends.py
index 1987e4b7..bd8292a0 100644
--- a/django_airavata/apps/auth/backends.py
+++ b/django_airavata/apps/auth/backends.py
@@ -103,8 +103,8 @@ def _get_token_and_userinfo_password_flow(self, username, password):
             token_url = settings.KEYCLOAK_TOKEN_URL
             userinfo_url = settings.KEYCLOAK_USERINFO_URL
             verify_ssl = settings.KEYCLOAK_VERIFY_SSL
-            oauth2_session = OAuth2Session(client=LegacyApplicationClient(
-                client_id=client_id))
+            scope = ['openid', 'profile', 'email']
+            oauth2_session = OAuth2Session(client=LegacyApplicationClient(client_id=client_id), scope=scope)
             verify = verify_ssl
             if verify_ssl and hasattr(settings, 'KEYCLOAK_CA_CERTFILE'):
                 verify = settings.KEYCLOAK_CA_CERTFILE
@@ -113,7 +113,8 @@ def _get_token_and_userinfo_password_flow(self, username, password):
                                                password=password,
                                                client_id=client_id,
                                                client_secret=client_secret,
-                                               verify=verify)
+                                               verify=verify,
+                                               scope=scope)
             userinfo = oauth2_session.get(userinfo_url).json()
             return token, userinfo
         except InvalidGrantError as e:
@@ -133,7 +134,7 @@ def _get_token_and_userinfo_redirect_flow(self, request):
         redirect_uri = request.session['OAUTH2_REDIRECT_URI']
         logger.debug("state={}".format(state))
         oauth2_session = OAuth2Session(client_id,
-                                       scope='openid',
+                                       scope='openid profile email',
                                        redirect_uri=redirect_uri,
                                        state=state)
         verify = verify_ssl
@@ -159,7 +160,7 @@ def _get_token_and_userinfo_from_refresh_token(self,
         token_url = settings.KEYCLOAK_TOKEN_URL
         userinfo_url = settings.KEYCLOAK_USERINFO_URL
         verify_ssl = settings.KEYCLOAK_VERIFY_SSL
-        oauth2_session = OAuth2Session(client_id, scope='openid')
+        oauth2_session = OAuth2Session(client_id, scope='openid profile email')
         verify = verify_ssl
         if verify_ssl and hasattr(settings, 'KEYCLOAK_CA_CERTFILE'):
             verify = settings.KEYCLOAK_CA_CERTFILE
diff --git a/django_airavata/apps/auth/views.py b/django_airavata/apps/auth/views.py
index 1c7cf6a5..a05b2480 100644
--- a/django_airavata/apps/auth/views.py
+++ b/django_airavata/apps/auth/views.py
@@ -78,7 +78,7 @@ def redirect_login(request, idp_alias):
         if passthrough_query_param in request.GET:
             redirect_uri += f"&{passthrough_query_param}={quote(request.GET[passthrough_query_param])}"
     oauth2_session = OAuth2Session(
-        client_id, scope='openid', redirect_uri=redirect_uri)
+        client_id, scope='openid profile email', redirect_uri=redirect_uri)
     authorization_url, state = oauth2_session.authorization_url(
         base_authorize_url)
     authorization_url += '&kc_idp_hint=' + quote(idp_alias)
@@ -145,10 +145,7 @@ def handle_login(request):
 
 def start_logout(request):
     logout(request)
-    redirect_url = request.build_absolute_uri(
-        resolve_url(settings.LOGOUT_REDIRECT_URL))
-    return redirect(settings.KEYCLOAK_LOGOUT_URL +
-                    "?redirect_uri=" + quote(redirect_url))
+    return redirect(settings.KEYCLOAK_LOGOUT_URL)
 
 
 def callback(request):