Hello, After reading that [in the doc here](https://gluu.org/docs/ce/latest/admin-guide/uma/#scopes) >For some actions the Resource Server (RS) may want multiple scopes at the same time. For instance, a "read" action should only be allowed if the authorization request includes the "read" **and** "all" scopes. I tried to do it with oxd (commit version 9941510157c6a9fe48c2c1fd3a027581c1e21312) but I found out that when RS check access is done, it is only necessary for the user to have granted a unique scope in the list of scope of the ressource set. ``` [RsCheckAccessOpenration:98] boolean containsAny = !Collections.disjoint(requiredScopes, permission.getScopes()); ``` I don't think that I would need such feature but I wanted to know if it was normal and the doc was wrong or is it just a lack of oxd? I re-thought about it and is it even possible to allow such feature without breaking the current way of working? I mean by that, that I think the only way to achieve this without adding additionnal info to the ressource set is to allow the registration (which is already possible) but also the proccess of all the resource sets containing the same path and http_methods(in contrary for now to process the first registered set). Thanks for your support, Pek Templeton