While going through the WSO2 IS documents, I can observe that scope is an Optional parameter in /oauth2/token request. But when I remove scope from the request, I get Invalid Scope! error. Is this expected behavior? Can someone point me to the correct document for the same. Thanks.
Try Client Credential grant type without scopes
https://is.docs.wso2.com/en/5.11.0/learn/try-client-credentials-grant/
POST
https://<host>:<port>/oauth2/token
Authorization: Basic [Base64encode(Client-ID>:<ClientSecret>)]
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
Example:
POST
https://localhost:9443/oauth2/token
Authorization: Basic Q3g0TEtGTk9iZXVYb2N4N3hnT3B6NXZmekZvYTogVWRUNm5XbnFXWkdnNDFHWnI5TXBTWGs5eU04YQ==
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials