Hi @Extant-1,
Thanks for sharing the configuration. My first issue was that I was missing v2.0 in the AUTH_PROVIDER URL, that’s probably the reason for the malformed token.
The second issue was that my custom scope had to be specified in the AUTH_SCOPES, in addition to the three default ones.
The SSO works now.
Thanks again !