diff --git a/src/oidc.js b/src/oidc.js
index 4ce749d6c..f4c9ede77 100644
--- a/src/oidc.js
+++ b/src/oidc.js
@@ -743,6 +743,40 @@ async function start() {
                 return false;
             }
         },
+        loadExistingGrant: async function (ctx) {
+            const grantId = ctx.oidc.result?.consent?.grantId
+              || ctx.oidc.session.grantIdFor(ctx.oidc.client.clientId);
+
+            console.log('=== loadExistingGrant', grantId, ctx.oidc.client);
+            if (grantId) {
+              // keep grant expiry aligned with session expiry
+              // to prevent consent prompt being requested when grant expires
+              const grant = await ctx.oidc.provider.Grant.find(grantId);
+
+              // this aligns the Grant ttl with that of the current session
+              // if the same Grant is used for multiple sessions, or is set
+              // to never expire, you probably do not want this in your code
+              if (ctx.oidc.account && grant.exp < ctx.oidc.session.exp) {
+                grant.exp = ctx.oidc.session.exp;
+
+                await grant.save();
+              }
+
+              return grant;
+            } else if (ctx.oidc.client.clientId === 'dashboard') {
+              const grant = new ctx.oidc.provider.Grant({
+                clientId: ctx.oidc.client.clientId,
+                accountId: ctx.oidc.session.accountId,
+              });
+
+              grant.addOIDCScope('openid email profile');
+              // grant.addOIDCClaims(['first_name']);
+              // grant.addResourceScope('urn:example:resource-indicator', 'api:read api:write');
+              await grant.save();
+
+              return grant;
+            }
+        },
         ttl: {
             // in seconds, can also be a function returning the seconds https://github.com/panva/node-oidc-provider/blob/b1c1a9318036c2d3793cc9e668f99937c5c36bc6/docs/README.md#ttl
             AccessToken: 3600, // 1 hour