diff --git a/stacklet/client/platform/vendored/auth.py b/stacklet/client/platform/vendored/auth.py
index c5f6c72..988bb7a 100644
--- a/stacklet/client/platform/vendored/auth.py
+++ b/stacklet/client/platform/vendored/auth.py
@@ -136,6 +136,8 @@ class BrowserAuthenticator:
     REDIRECT_URI = f"http://localhost:{CLI_REDIRECT_PORT}"
     SHORT_LINK = f"http://localhost:{CLI_REDIRECT_PORT}/stacklet_auth"
 
+    SCOPES = ("email", "openid", "stacklet/platform")
+
     def __init__(self, authority_url, client_id, idp_id=""):
         self.authority_url = authority_url
         self.client_id = client_id
@@ -156,7 +158,7 @@ def build_url(self):
                 "response_type": "token",
                 "redirect_uri": self.REDIRECT_URI,
                 "client_id": self.client_id,
-                "scope": "email+openid",
+                "scope": "+".join(self.SCOPES),
                 "idp_identifier": self.idp_id,
             }
         )