I created the client with scope profile, I did the CURL to grant bearer token, I access with bearer token, and I get this:

{
"error": "insufficient_scope",
"error_description": "The request requires higher privileges than provided by the access token."
}

The reason why, after looking, is that the CURL command provided does not have a 'scope' variable in it. It must have -F scope=profile

It would be nice if you provided tests, so I could look at reference to the exact order and method of "success" according to working pytests or unit tests, rather than documentation. Documentation can be interpreted, but tests are either right or wrong.