diff --git a/id.saladeaula.digital/app/integrations/apigateway_oauth2/tokens.py b/id.saladeaula.digital/app/integrations/apigateway_oauth2/tokens.py
index 3bf42a5..94a12d2 100644
--- a/id.saladeaula.digital/app/integrations/apigateway_oauth2/tokens.py
+++ b/id.saladeaula.digital/app/integrations/apigateway_oauth2/tokens.py
@@ -15,7 +15,7 @@ class User:
     name: str
     email: str
     email_verified: bool = False
-    scope: list[str] | None = None
+    scope: str | None = None
 
     def get_user_id(self):
         return self.id
diff --git a/id.saladeaula.digital/app/oauth2.py b/id.saladeaula.digital/app/oauth2.py
index c052a4c..476936f 100644
--- a/id.saladeaula.digital/app/oauth2.py
+++ b/id.saladeaula.digital/app/oauth2.py
@@ -76,7 +76,7 @@ class OpenIDCode(OpenIDCode_):
         ).filter(scope)
 
         if user.scope:
-            user_info['scope'] = ' '.join(user.scope)
+            user_info['scope'] = user.scope
 
         return user_info
 
@@ -175,10 +175,17 @@ class AuthorizationCodeGrant(grants.AuthorizationCodeGrant):
         user = dyn.collection.get_items(
             TransactKey(authorization_code.user_id)
             + SortKey('0')
-            + SortKey('SCOPE', path_spec='scope', rename_key='scope'),
+            + SortKey(
+                sk='SCOPE',
+                path_spec='scope',
+                rename_key='scope',
+            ),
         )
 
-        return User(**pick(('id', 'name', 'email', 'email_verified', 'scope'), user))
+        return User(
+            **pick(('id', 'name', 'email', 'email_verified'), user),
+            scope=' '.join(user['scope']) if 'scope' in user else None,
+        )
 
 
 class TokenExchangeGrant(grants.BaseGrant):