Add option to exclude API scope from GitLab URL callback
Created by: christinelovett
Title: Add option to exclude API scope from GitLab URL callback
Feature request description
Add configuration option to allow customers to specify the scope of the API token for user auth.
Is your feature request related to a problem? If so, please describe.
Customer observed that Sourcegraph sends "scope=read_user+api" in the authentication api call visible in the URL. The customer wants to remove the scope "api" from the call going to Gitlab for user authentication due to tech risk requirements.