diff --git a/modules/distribution/src/repository/resources/conf/deployment.toml b/modules/distribution/src/repository/resources/conf/deployment.toml
index 4d16278ad4f..931e8c402a7 100644
--- a/modules/distribution/src/repository/resources/conf/deployment.toml
+++ b/modules/distribution/src/repository/resources/conf/deployment.toml
@@ -72,3 +72,7 @@ app_password= "dashboard"
 #password= "xxxx"
 #hostname= "smtp.gmail.com"
 #port= 587
+
+[oauth]
+drop_unregistered_scopes= true
+allowed_scopes= ["^device_.*"]
diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_encryption_enabled.toml b/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_encryption_enabled.toml
index 5beb46bf566..30bf0540519 100644
--- a/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_encryption_enabled.toml
+++ b/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_encryption_enabled.toml
@@ -29,3 +29,5 @@ password = "wso2carbon"
 
 [oauth]
 hash_tokens_and_secrets = true
+drop_unregistered_scopes= true
+allowed_scopes= ["^device_.*"]
diff --git a/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_hash_enabled.toml b/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_hash_enabled.toml
index 62f1a79b668..9d1070c7c02 100644
--- a/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_hash_enabled.toml
+++ b/modules/integration/tests-integration/tests-backend/src/test/resources/artifacts/IS/identity_hash_enabled.toml
@@ -28,4 +28,6 @@ file_name = "wso2carbon.jks"
 password = "wso2carbon"
 
 [oauth]
-hash_token_algorithm = "SHA-512"
\ No newline at end of file
+hash_token_algorithm = "SHA-512"
+drop_unregistered_scopes= true
+allowed_scopes= ["^device_.*"]
\ No newline at end of file