...
One additional policy rule is provided, with xsi:type="oidc:OIDCScope", which returns true if and only if any of the scope values in the OIDC authentication request matches a supplied string. The By default, the scope requested must be a scope registered in the client's metadata. This can also be customised, see OPScopeFiltering .
It supports the following XML Attributes:
...