Open ID Connect default scope

Hey folks,

I have a working Keycloak installation, and I added a OpenID Connect Application which is exactly what I’m having issues with.

I configured two scopes, but Keycloak provides the “openid” scope by default, causing the application to return an error. Can I remove this default scope? I couldn’t find anything about it, so I’m giving it a shot here.


“openid” scope defines that you want to use Open ID Connect (OIDC) on top OAuth 2.0 protocol. Does your app really supports OIDC or only OAuth protocol?

The app only supports the OAuth 2.0 protocol. I figured that that shouldn’t matter, as Open ID Connect should be a “layer” of the OAuth 2.0 framework?

Am I wrong at this point, and is there anything I could do to support OAuth 2?

Yes, but how is client configured?

So client is OIDC and not OAuth. I don’t think so you can use OIDC client as OAuth client.

I found an extension on GitHub which was made specifically for this application. It didn’t seem to like OAuth with OIDC as you mentioned.

Thank you for your comments!

Could you share with us the GitHub link?