diff --git a/utils/auth-client/index.js b/utils/auth-client/index.js
index 9d79899..12bf177 100644
--- a/utils/auth-client/index.js
+++ b/utils/auth-client/index.js
@@ -8,6 +8,7 @@ import {
   getUserInfo,
   clear,
   getExpiresAt,
+  getAccessToken,
 } from './storage';
 
 export default class AuthenticationClient {
@@ -113,4 +114,8 @@ export default class AuthenticationClient {
   idToken() {
     return getIdToken();
   }
+
+  accessToken() {
+    return getAccessToken();
+  }
 }
diff --git a/utils/auth-client/storage.js b/utils/auth-client/storage.js
index 144c860..42f3130 100644
--- a/utils/auth-client/storage.js
+++ b/utils/auth-client/storage.js
@@ -43,4 +43,5 @@ export const clearStateAndNonce = () => {
 
 export const getUserInfo = () => JSON.parse(localStorage.getItem(STORAGE_USER));
 export const getIdToken = () => localStorage.getItem(STORAGE_ID);
+export const getAccessToken = () => localStorage.getItem(STORAGE_ACCESS);
 export const getExpiresAt = () => JSON.parse(localStorage.getItem(STORAGE_EXPIRES));
diff --git a/utils/auth.js b/utils/auth.js
index 6958564..3040038 100644
--- a/utils/auth.js
+++ b/utils/auth.js
@@ -10,7 +10,7 @@ const auth0Config = {
   redirectUri: getRedirectUri(),
   audience: "http://dancefinder.unbound.se",
   responseType: "token id_token",
-  scope: "openid profile readwrite:settings"
+  scope: "openid profile email readwrite:settings"
 };
 
 const webAuth = new AuthClient(auth0Config);
diff --git a/utils/graph-client/middleware.js b/utils/graph-client/middleware.js
index f9bae9a..101bbdd 100644
--- a/utils/graph-client/middleware.js
+++ b/utils/graph-client/middleware.js
@@ -2,7 +2,7 @@ const webAuth = require("../auth").default;
 
 module.exports = {
   includeCredentials: (uri, options) => {
-    const token = webAuth.idToken();
+    const token = webAuth.accessToken();
     if (token) {
       options.headers['Authorization'] = 'Bearer ' + token;
     }