diff --git a/aleksis/core/apps.py b/aleksis/core/apps.py
index 9679c309ed9e6280495b420651e6c17fe56d3daf..c9cc51b9efebca6927dfa8c88a365a49647c52cc 100644
--- a/aleksis/core/apps.py
+++ b/aleksis/core/apps.py
@@ -136,3 +136,19 @@ class CoreConfig(AppConfig):
         if has_person(user):
             # Save the associated person to pick up defaults
             user.person.save()
+
+    @classmethod
+    def get_all_scopes(cls) -> dict[str, str]:
+        scopes = {
+            "read": "Read anything the resource owner can read",
+            "write": "Write anything the resource owner can write",
+        }
+        if settings.OAUTH2_PROVIDER.get("OIDC_ENABLED", False):
+            scopes |= {
+                "openid": _("OpenID Connect scope"),
+                "profile": _("Given name, family name, link to profile and picture if existing."),
+                "address": _("Full home postal address"),
+                "email": _("Email address"),
+                "phone": _("Home and mobile phone"),
+            }
+        return scopes
diff --git a/aleksis/core/util/apps.py b/aleksis/core/util/apps.py
index 5f597af29b10363ca003622e347bc76380864efd..c05818cc9b5baea7e4fb44dc0b9996a95211c527 100644
--- a/aleksis/core/util/apps.py
+++ b/aleksis/core/util/apps.py
@@ -214,6 +214,33 @@ class AppConfig(django.apps.AppConfig):
         """
         pass
 
+    @classmethod
+    def get_all_scopes(cls) -> dict[str, str]:
+        """Return all OAuth scopes and their descriptions for this app."""
+        return {}
+
+    @classmethod
+    def get_available_scopes(
+        cls,
+        application: Optional["AbstractApplication"] = None,
+        request: Optional[HttpRequest] = None,
+        *args,
+        **kwargs,
+    ) -> list[str]:
+        """Return a list of all OAuth scopes available to the request and application."""
+        return list(cls.get_all_scopes().keys())
+
+    @classmethod
+    def get_default_scopes(
+        cls,
+        application: Optional["AbstractApplication"] = None,
+        request: Optional[HttpRequest] = None,
+        *args,
+        **kwargs,
+    ) -> list[str]:
+        """Return a list of all OAuth scopes to always include for this request and application."""
+        return []
+
     def _maintain_default_data(self):
         from django.contrib.auth.models import Permission
         from django.contrib.contenttypes.models import ContentType