Try curl with bearer token in header?
refer this test: frappe/test_oauth20.py at develop · frappe/frappe · GitHub
As per this CodiMD Documentation - HackMD default scope is email, referring (OAuth Redirect URI not working - #5 by rtdany10)
can you change that to openid and all or add email to scope field separated by space in OAuth Client on your frappe/erpnext server