3 files changed, 8 insertions, 6 deletions

diff --git a/gn_auth/__init__.py b/gn_auth/__init__.py
index 6e2a884..b695ebf 100644
--- a/gn_auth/__init__.py
+++ b/gn_auth/__init__.py
@@ -25,7 +25,7 @@ def check_mandatory_settings(app: Flask) -> None:
     undefined = tuple(
         setting for setting in (
             "SECRET_KEY", "SQL_URI", "AUTH_DB", "AUTH_MIGRATIONS",
-            "OAUTH2_SCOPE")
+            "OAUTH2_SCOPES_SUPPORTED")
         if not ((setting in app.config) and bool(app.config[setting])))
     if len(undefined) > 0:
         raise ConfigurationError(
diff --git a/gn_auth/auth/authorisation/users/admin/views.py b/gn_auth/auth/authorisation/users/admin/views.py
index fb22e5d..5ad9038 100644
--- a/gn_auth/auth/authorisation/users/admin/views.py
+++ b/gn_auth/auth/authorisation/users/admin/views.py
@@ -197,7 +197,7 @@ def register_client():
     if request.method == "GET":
         return render_template(
             "admin/register-client.html",
-            scope=app.config["OAUTH2_SCOPE"],
+            scope=app.config["OAUTH2_SCOPES_SUPPORTED"],
             users=with_db_connection(__list_users__),
             granttypes=_FORM_GRANT_TYPES_,
             current_user=session.session_user())
@@ -262,7 +262,7 @@ def view_client(client_id: uuid.UUID):
     return render_template(
         "admin/view-oauth2-client.html",
         client=with_db_connection(partial(oauth2_client, client_id=client_id)),
-        scope=app.config["OAUTH2_SCOPE"],
+        scope=app.config["OAUTH2_SCOPES_SUPPORTED"],
         granttypes=_FORM_GRANT_TYPES_)
 
 
diff --git a/gn_auth/settings.py b/gn_auth/settings.py
index 2a78be3..d561fa9 100644
--- a/gn_auth/settings.py
+++ b/gn_auth/settings.py
@@ -21,9 +21,11 @@ REDIS_URI = "redis://localhost:6379/0"
 REDIS_JOB_QUEUE = "GN_AUTH::job-queue"
 
 # OAuth2 settings
-OAUTH2_SCOPE = (
-    "profile", "group", "role", "resource", "user", "masquerade",
-    "introspect")
+OAUTH2_SCOPES_SUPPORTED = (
+    # Used by Authlib's `authlib.integrations.flask_oauth2.AuthorizationServer`
+    # class to setup the supported scopes.
+    "profile", "group", "role", "resource", "register-client", "user",
+    "masquerade", "introspect", "migrate-data")
 
 CORS_ORIGINS = "*"
 CORS_HEADERS = [