diff --git a/pkg/common/constants/constants.go b/pkg/common/constants/constants.go
index 4874e433c..c900ad5ca 100644
--- a/pkg/common/constants/constants.go
+++ b/pkg/common/constants/constants.go
@@ -81,6 +81,7 @@ const (
 	OAuthScmConfiguration                      = "oauth-scm-configuration"
 	AccessToken                                = "access_token"
 	IdToken                                    = "id_token"
+	OpenShiftOAuthScope                        = "user:full"
 
 	// Labels
 	KubernetesComponentLabelKey = "app.kubernetes.io/component"
diff --git a/pkg/deploy/gateway/oauth_proxy.go b/pkg/deploy/gateway/oauth_proxy.go
index fd0de4384..ad6e20a57 100644
--- a/pkg/deploy/gateway/oauth_proxy.go
+++ b/pkg/deploy/gateway/oauth_proxy.go
@@ -78,7 +78,7 @@ upstreams = [
 ]
 client_id = "%s"
 client_secret = "%s"
-scope = "user:full"
+scope = "%s"
 openshift_service_account = "%s"
 cookie_secret = "%s"
 cookie_expire = "24h0m0s"
@@ -91,6 +91,7 @@ skip_provider_button = false
 		ctx.CheHost,
 		oauthClientName,
 		oauthSecret,
+		utils.GetValue(ctx.CheCluster.Spec.Networking.Auth.OAuthScope, constants.OpenShiftOAuthScope),
 		GatewayServiceName,
 		cookieSecret,
 		skipAuthConfig(ctx.CheCluster))