I was under the assumption that using api:oemr could grant access to all scopes under it the same for api:fhir etc. is that not the case?
I can register fine with all scopes but when I try to refresh the token with all scopes I get an invalid scope error.
<br />
<b>Notice</b>: Key file "file:///var/www/localhost/htdocs/openemr/sites/default/documents/certificates/oaprivate.key" permissions are not correct, recommend changing to 600 or 660 instead of 700 in <b>/var/www/localhost/htdocs/openemr/vendor/league/oauth2-server/src/CryptKey.php</b> on line <b>63</b><br />
{
"error": "invalid_scope",
"error_description": "The requested scope is invalid, unknown, or malformed",
"hint": "Check the `user/Coverage.read` scope",
"message": "The requested scope is invalid, unknown, or malformed"
}
I’ve tried escaping / and periods but no matter what I always get this error when trying to refresh the token.
Thanks for your help and patience 