For ID tokens, this parameter has to be updated to include the ID token scopes: openid and optionally profile and e mail. what we??re utilizing the domains for will make a huge variance as to which just one we use.OAuth2 Authorization code was previously redeemed, be sure to retry that has a new valid code or use an current refresh token.some thing