Scopes define the "scope of access" for the token
Application level permissions
Not user level
Claims provide user details
Identity data - trusted - about the user
Scopes are coarse grained
Claims are fine grained
Last updated 1 year ago