How should the profile scope be represented in Consent and Authorisation screens? The profile scope isn't addressed in any of the CX Standards or Guidelines. Should it be dependent on the
For example, if
bank:accounts.basic:read are requested, the ADR has access to Personally Identifiable Information (PII) for the user. If the profile scope is not displayed, the user may be unaware that PII is available to the ADR.
See DB216 for full details of this discussion.