Scope sprawl occurs when identities, applications, or tokens accumulate broader permissions than they need to perform their intended tasks. It often stems from weak internal standards, unclear documentation, or pressure on engineering teams to move quickly. For example, consider the following scenarios.
A developer wires an integration, requests a broad OAuth token sco...