Ahhh! Excellent observation - I have the same question - where can the requested scopes be found? I was trying to preserve them by only assigning context.accessToken.scope if it was undefined, but it seems as those requested scope values ought to be there already.