diff --git a/uffd/views/oauth2.py b/uffd/views/oauth2.py
index 8da8a68d593463ef36f0f351a2ea92e02f2ee0ae..36172f4a863e39229a7cffc8d85c0f1985913776 100644
--- a/uffd/views/oauth2.py
+++ b/uffd/views/oauth2.py
@@ -428,6 +428,10 @@ def token():
 		id_token['iat'] = int(time.time())
 		id_token['at_hash'] = key.oidc_hash(tok.access_token.encode('ascii'))
 		id_token['exp'] = id_token['iat'] + tok.EXPIRES_IN
+
+		service_user = tok.service_user
+		id_token.update(render_claims(tok.scopes, (tok.claims or {}).get('userinfo', {}), service_user))
+
 		if grant.nonce:
 			id_token['nonce'] = grant.nonce
 		resp['id_token'] = OAuth2Key.get_preferred_key().encode_jwt(id_token)