When authenticating in a Cognito user pool, the ID token returns with the email field, as seen here: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-id-token.html

Moto used to provide this field, but it was removed some time ago, in this issue: #5279

This is because the access token doesn't have an email field, but the ID token does. And Moto is using the same function to generate both tokens, so when it was removed on the PR to fix the referenced issue, it was also removed from the ID token.

If I understand the documentation correctly, it should be added to the ID token, and kept away from the Access token.