Is your feature request related to a problem? Please describe.
I want to use a specific scope for the mcp connection, that access tokens can only authenticate to a mcp server if they for example have the mcp scope. Right now this is not possible because no scope is passed to the authorize url which means only the default scopes are used.

Describe the solution you'd like
It would be great if the field scopes_supported from /.well-known/oauth-protected-resource is used when available and all scopes in that list are passed to the authorize url.