diff --git a/pkg/op/authrequest.go b/pkg/op/authrequest.go
index 4d6118c..9e320f8 100644
--- a/pkg/op/authrequest.go
+++ b/pkg/op/authrequest.go
@@ -121,7 +121,7 @@ func ValidateAuthReqScopes(client Client, scopes []string) ([]string, error) {
 			scope == oidc.ScopePhone ||
 			scope == oidc.ScopeAddress ||
 			scope == oidc.ScopeOfflineAccess) &&
-			!utils.Contains(client.AllowedScopes(), scope) {
+			!client.IsScopeAllowed(scope) {
 			scopes[i] = scopes[len(scopes)-1]
 			scopes[len(scopes)-1] = ""
 			scopes = scopes[:len(scopes)-1]
diff --git a/pkg/op/client.go b/pkg/op/client.go
index 790933e..0e77627 100644
--- a/pkg/op/client.go
+++ b/pkg/op/client.go
@@ -34,9 +34,9 @@ type Client interface {
 	AccessTokenType() AccessTokenType
 	IDTokenLifetime() time.Duration
 	DevMode() bool
-	AllowedScopes() []string
 	AssertAdditionalIdTokenScopes() bool
 	AssertAdditionalAccessTokenScopes() bool
+	IsScopeAllowed(scope string) bool
 }
 
 func ContainsResponseType(types []oidc.ResponseType, responseType oidc.ResponseType) bool {