diff --git a/app/Models/OAuth2/Client.php b/app/Models/OAuth2/Client.php
index 4067d6d7..6d93a6f3 100644
--- a/app/Models/OAuth2/Client.php
+++ b/app/Models/OAuth2/Client.php
@@ -235,8 +235,13 @@ class Client extends BaseModelEloquent implements IClient
         return explode(',',$this->redirect_uris);
     }
 
+    /**
+     * @param string $scope
+     * @return bool
+     */
     public function isScopeAllowed($scope)
     {
+        if(empty($scope)) return false;
         $res            = true;
         $desired_scopes = explode(" ",$scope);
         foreach($desired_scopes as $desired_scope){
diff --git a/app/libs/OAuth2/Exceptions/ScopeNotAllowedException.php b/app/libs/OAuth2/Exceptions/ScopeNotAllowedException.php
index 1439c6b3..4e6712c9 100644
--- a/app/libs/OAuth2/Exceptions/ScopeNotAllowedException.php
+++ b/app/libs/OAuth2/Exceptions/ScopeNotAllowedException.php
@@ -18,6 +18,14 @@ use OAuth2\OAuth2Protocol;
  */
 final class ScopeNotAllowedException extends OAuth2BaseException
 {
+    /**
+     * @param string $scope
+     */
+    public function __construct($scope = null)
+    {
+        $description = empty($scope) ? "missing scope param" : sprintf("scope not allowed %s", $scope);
+        parent::__construct($description);
+    }
 
     /**
      * @return string
diff --git a/app/libs/OAuth2/GrantTypes/InteractiveGrantType.php b/app/libs/OAuth2/GrantTypes/InteractiveGrantType.php
index 217a39b9..04fd64d1 100644
--- a/app/libs/OAuth2/GrantTypes/InteractiveGrantType.php
+++ b/app/libs/OAuth2/GrantTypes/InteractiveGrantType.php
@@ -210,8 +210,8 @@ abstract class InteractiveGrantType extends AbstractGrantType
             //check requested scope
             $scope = $request->getScope();
             $this->log_service->debug_msg(sprintf("scope %s", $scope));
-            if (!$client->isScopeAllowed($scope)) {
-                throw new ScopeNotAllowedException(sprintf("scope %s", $scope));
+            if (empty($scope) || !$client->isScopeAllowed($scope)) {
+                throw new ScopeNotAllowedException($scope);
             }
 
             $authentication_response = $this->auth_service->getUserAuthenticationResponse();
diff --git a/tests/OAuth2ProtocolTest.php b/tests/OAuth2ProtocolTest.php
index d5332b79..b3c9db36 100644
--- a/tests/OAuth2ProtocolTest.php
+++ b/tests/OAuth2ProtocolTest.php
@@ -1170,4 +1170,31 @@ class OAuth2ProtocolTest extends OpenStackIDBaseTest
         }
 
     }
+
+    public function testMissingScope()
+    {
+
+        $client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client';
+
+        $params = array(
+            'client_id' => $client_id,
+            'redirect_uri' => 'https://www.test.com/oauth2',
+            'response_type' => 'code',
+        );
+
+        $response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth",
+            $params,
+            array(),
+            array(),
+            array());
+
+        $this->assertResponseStatus(302);
+
+        $url = $response->getTargetUrl();
+
+        $comps = @parse_url($url);
+
+        $this->assertTrue(isset($comps["query"]));
+        $this->assertTrue($comps["query"] == "error=invalid_scope&error_description=missing+scope+param");
+    }
 }
\ No newline at end of file