From 1049773f998eaa9782cca8f91998d531998585b6 Mon Sep 17 00:00:00 2001
From: Matt Brooker <matt@posthog.com>
Date: Thu, 7 May 2026 15:28:12 +0000
Subject: [PATCH] fix: drop ungrantable `introspection` scope from OAuth
 authorize URL

The authorization server rejects `introspection` as `invalid_scope` because
it isn't in `posthog/scopes.py` (the canonical scope list). Token
introspection is an endpoint per RFC 7662, not a grantable scope, so it
keeps working without being requested at authorize time.

Generated-By: PostHog Code
Task-Id: 2ba7eb25-0ba0-4c0c-9f02-7b4b35839c84
---
 README.md                | 1 -
 src/utils/setup-utils.ts | 1 -
 2 files changed, 2 deletions(-)

diff --git a/README.md b/README.md
index 5b278e85..33944056 100644
--- a/README.md
+++ b/README.md
@@ -136,7 +136,6 @@ When creating your personal API key, ensure it has the following scopes enabled:
 
 - `user:read` - Required to fetch user information
 - `project:read` - Required to fetch project details and API token
-- `introspection` - Required for API introspection
 - `llm_gateway:read` - Required for LLM gateway access
 - `dashboard:write` - Required to create dashboards
 - `insight:write` - Required to create insights
diff --git a/src/utils/setup-utils.ts b/src/utils/setup-utils.ts
index 3a0cf816..784981ee 100644
--- a/src/utils/setup-utils.ts
+++ b/src/utils/setup-utils.ts
@@ -492,7 +492,6 @@ async function askForWizardLogin(options: {
     scopes: [
       'user:read',
       'project:read',
-      'introspection',
       'llm_gateway:read',
       'dashboard:write',
       'insight:write',