mod_http_oauth2: Rudimentary support for scopes (but not really) We don't support limiting access, but this change will inform the client what permissions the created token has (e.g. is the user an admin or not). There is some work in progress on real scope support.

---
summary: Allow server administrators to probe any user
...

This module lets server administrators send `<presence type="probe"/>`
to any local user and receive their presence in response, bypassing
roster checks.