you are encoding the URL where you shouldn’t be/where other encoding already processed
Try
Or don’t use URLSearchParam
With scopes you need to literally send +
and :
not their encoded forms.
Covered on, some really old posts after searching the forums to be sure