diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js
index 9faf5dc53..0244a937f 100644
--- a/src/routes/oauth2.js
+++ b/src/routes/oauth2.js
@@ -116,7 +116,7 @@ function initialize() {
 
         var token = tokendb.generateToken();
         var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION;
-        var scope = accesscontrol.intersectScope(user.scope, client.scope);
+        var scope = accesscontrol.canonicalScope(client.scope);
 
         tokendb.add(token, user.id, client.id, expires, scope, function (error) {
             if (error) return callback(error);