I noticed the following comment in TokenManager:

    public static Set<RoleModel> getAccess(String scopeParam, ClientModel client, UserModel user) {
        // todo scopeParam is ignored until we figure out a scheme that fits with openid connect
    }

Am I right to assume this means it is not possible for an OAuth client to request an access token for a subset of the available scopes? I.e. The OAuth scope parameter is ignored?

If this is correct, is this a feature that will be added soon?