After performing the previous steps in Keycloak, an OAuth 2.0 scope and client is available. To get the scope after the OAuth 2.0 client authenticates against Keycloak, you need to assign the scope to the client.
Log on to Keycloak and go to clients and select oidclient. This is the client created earlier.
Go to tab “Client Scopes”
Assign the previously created scope to the client.
The scope is assigned to the client. Now the client can authenticate and Keycloak will issue the OIDC tokens and include the given scope.