You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Should easily be fixed by adding it to the "$json_response"-object in "sub _access_token_request". Thank you for looking into that. Might be faster than me trying to figure out how to contribute to this.
RFC6749 section 5.1 says that Access Token Response should include the authorized scope when it does not match the requested one:
The text was updated successfully, but these errors were encountered: