No way to reduce auth scope?

This is intended. Whenever you request scopes, it’s additive to scopes already requested.

What’s the case for when a user wants to have fine grained control over their scopes? Why would one of your users want to revoke specific scopes?