1] Configuration for OpenID/OAuth2 client #1:
Allowed scopes= openid cn sn
Default scopes= openid cn sn
2] Specify no scopes in authorize request
3] You will see errr as below:
If allowed scope contains 'openid' scope, does not allow request to go through if scope query string is not mentioned.
This is along the requirement, but according to RFC 6749 Section 3.3, default scopeshould be used when client omits the scope parameter in request