Hi all,
I have the following scopes enabled for a connected app: api, id, refresh_token, web
However, when I go to authenticate with this app via OAuth, it says:

App is is asking to:
Access your basic information
Access and manage your data

Additionally, when I get the JSON verification request, I see this:
'scope': u'id api'

I've been toying around with the scopes for a while, trying to get any other scopes to show up. It seems like these are the only scopes that I can enable, and if I *don't* enable them, I get an OAUTH_APPROVAL_ERROR_GENERIC error with the following in the url: error=invalid_scope&error_description=the+requested+scope+is+not+allowed

What gives? I'm trying to get a refresh_token out of this, and it seems like there is something beyond my connected app setting that is preventing me from enabling any permission other than 'id' and 'api'.

Thanks,
Malcolm