Closed vanillajonathan closed 2 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Questions are community supported only and the authors/maintainers may or may not have time to reply. If you or your company would like commercial support, please see here for more information.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
The RFC 7662 OAuth 2.0 Token Introspection has "scope" as a string. https://datatracker.ietf.org/doc/html/rfc7662#section-2.2
The IdentityServer4 documentation has scope as a string. https://identityserver4.readthedocs.io/en/latest/topics/resources.html#authorization-based-on-scopes
But from IdentityServer4 I get an access token with the scope as a list of strings.
Is this a bug?