Getting the "profile" scope included in access_token for /userinfo

I’m using OAuth2 to authenticate users within my website and app by using /authorize with response type “code” to get a single use code, then /token with the code to get an access token. I then want to be able to pass the access token into /userinfo to get information such as their name and email that the reference here says I should be able to do:

However, I’m currently only getting the “sub” value and nothing else, because the only scope included with the access token is openid, but I don’t seem to be able to include profile at all. If I include it in the initial /authorize request, I’m sent straight to my redirect_uri with the following: error=invalid_scope&error_description=Custom+scopes+are+not+allowed+for+this+request.

If I include the key scope with value profile in my /token request, it is seemingly ignored and I’m still given an access_token back but only with the openid scope again.

What am I missing?


EDIT: I was comma separating the scopes instead of space separating them. Oof.