OAuth 2.0 Access Token - Invalid Scope

OAuth 2.0 Access Token - Invalid Scope

Using schoology and been trying to use their oauth 2.0 access token endpoint get an access token using a jwt token we obtained though the oidc authorization endpoint. at first it was throwing errors about how we signed the client_assertion jwt, we were able to find the issue and move forward, it now keeps complaining about the scope. it keeps throwing an error of `invalid scope`. tried many different options for the scope but none seem to work.

I've also seen a few scopes while searching here as well as the scopes used in the following package:

our code looks something like this:


'grant_type' => 'client_credentials',
'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
'client_assertion' => '....',
'scope' => '',

what is it expecting as the scope? what are the available scopes?

we use LTI 1.3

thank you!


looks like it now works, we get back a JWT token that looks like this:

"sub": "xxxxx",
"iat": 1696281538,
"exp": 1696285138,
"": ""

now since we use schoology we should be able to query ? but it always returns a 401. using the LTI method are we supposed to hit a different api endpoint?

thank you.