diff --git a/auth.ts b/auth.ts
index 565be480c..33b093d4e 100644
--- a/auth.ts
+++ b/auth.ts
@@ -75,7 +75,7 @@ const curityMFAProvider = {
   authorization: {
     ...sharedConfig.authorization,
     params: {
-      scope: ["profile_update", "openid"].join(" "),
+      scope: ["profile_update", "openid", "profile"].join(" "),
       /**
        * The below acr value is required as for New Web same Curity Client is used for MFA
        * while in current web it is being setup using different Curity Client ID and secret
@@ -156,7 +156,6 @@ export const config = {
         cookieStore.set("_SecureMFA-token", mfaCookie.toString(), {
           maxAge: maxAge,
         })
-        return null
       }
 
       const loginType = getLoginType(user)