Error of the "scope" Claim Cannot Be Set during Client Credentials Exchange

Problem statement

The following error is received during client credentials exchange:

{
"error": "server_error",
"error_description": "The \"scope\" claim cannot be set."
}.

Solution

This error can occur if the scope claim of the access token is being set in a client credentials hook or action. This behavior is disallowed for security reasons, hence why this error is returned.