How to authenticate using a `Public (Native and JS applications)` oauth2 client

Hello masters,

I’m trying to connect a SP software to my edX ecosystem using a Public (Native and JS applications) oauth2 client. ( We are currently on ironwood.master and we have not changed to DOT yet. )
But there I have a problem which I’m not able to solve.
First I’ve sent a request to the LMS and asked to authenticate.

curl -X POST 'http://localhost:18000/oauth2/access_token' \
--form 'grant_type=password' \
--form 'token_type=bearer' \
--form 'username=USER' \
--form 'password=PASS' \
--form 'client_id=CID'

This is how the response was look like:

{"access_token": "**********83efa5027f0ba8e7dcd2925fa89826", "token_type": "Bearer", "expires_in": 2591999, "scope": ""}

Then I tried to send a request to the course-discovery with the created access_token

curl -X GET 'http://localhost:18381/api/v1/course_runs/' \
--header 'Authorization: Bearer **********83efa5027f0ba8e7dcd2925fa89826' \
--header 'Content-Type: application/json' \

I faced this answer:

{"detail": "Failed to retrieve user info. Unable to authenticate."}

Checking discovery-logs I saw this:

Mar 17 13:47:47 ubuntu [service_variant=discovery][edx_rest_framework_extensions.auth.bearer.authentication] ERROR [ubuntu  20149] [/edx/app/discovery/venvs/discovery/lib/python3.5/site-packages/edx_rest_framework_extensions/auth/bearer/] - Failed to retrieve user info. Unable to authenticate.

Checking lms-logs there wasn’t anything helpful. but going further and tracing I found that user_info api send this error in response to the discovery service: This line of source code

response.content: b'{"error": "Missing openid scope."}'

Could you help me with this?
How can I set a scope?
Is there any manual about this?