feature request: wildcard scope for organization token

[broncha]

What problem did you meet?

you have to enumerate all the permissions in the idtoken request config in order to have the scopes in the organization token.

Describe what you'd like Logto to have

scopes in organization token are only available when the permissions are included as scope in the initial config

const config: LogtoConfig = {
  endpoint: "http://localhost:3001/",
  appId: "i41kwordgyyl7r17xlr6o",
  scopes: [
    UserScope.Email,
    UserScope.Phone,
    UserScope.CustomData,
    UserScope.Identities,
    UserScope.Organizations,
    UserScope.OrganizationRoles,
    "read:orders"
  ]
};

If read:orders is not included, the organization token created using getOrganizationToken does not contain the scope field. Which is a bit useless in terms of a multi tenacy app, where we planned on using for org scoped requests. To get the permissions in the backend, we would need to make an extra api call to logto.
And since we have a lot of permissions, it is a bit impractical to enumerate all those permissions in the config. Only specifying read and write also does not work (similar to what is documented for resources access token)

It would be great to be able to specify wildcard scopes in the config, like read:*, write:*

[github-actions]

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.