Scope per authentication type

Hi

I want to allow different scope for different authentication types.

For example for basic auth i want to allow scope A and B.
For another type like TOTP allow C and D

Thanks

I see 2 options:

  • use ACR
  • use another client somehow with a service proxy