While working on implementing support for OAuth login in Continuwuity, I found that the matrix-js-sdk includes the openid scope when performing the authorization code grant, which is not one of the allocated scopes listed in the Matrix specification. I believe that this behavior is caused by the oidc-client-ts library injecting the scope, since the SDK itself does not request it, but I don't know where in the library the scope is added. Since this scope is only relevant for OIDC, not OAuth, I would expect the SDK not to provide it when signing in.
While working on implementing support for OAuth login in Continuwuity, I found that the matrix-js-sdk includes the
openidscope when performing the authorization code grant, which is not one of the allocated scopes listed in the Matrix specification. I believe that this behavior is caused by the oidc-client-ts library injecting the scope, since the SDK itself does not request it, but I don't know where in the library the scope is added. Since this scope is only relevant for OIDC, not OAuth, I would expect the SDK not to provide it when signing in.