scopes

A list of permissions that define the access level for which the user should be authenticated. The following scopes will be added if they are missing, as they are essential for generating the necessary tokens and ensuring appropriate access to protected resources:

• offline_access: This scope allows an application to request permission to obtain refresh tokens from the authorization server. The refresh token enables the application to regenerate short-lived access and ID tokens without requiring the user to log in again.

• openid: This scope permits an application to request an ID token from the authorization server. The ID token is essential for authenticating users with the Identity-Aware Proxy (IAP).

• profile: This scope allows an application to request access to the user's basic profile information, including their name and username.