I have a setup in place where I use microsoft as my identity provider. The configuration screen for identity providers offers the “Default scopes” option. With this field I can defined scopes that are being requested when the user logs in and gets redirected to microsoft.
My problem now is that I have multiple clients and I only want one of those clients to request certain scopes. Is there a way to define scopes on a client base level which are getting sent to the idp. Or as an alternative, can I set the scopes somehow in my JavaScript adapter and tell Keycloak to forward these scopes to the idp?