Best practices for handling access tokens and scopes for OAuth2 implementation?

Question

Assume we have an OAuth2 implementation that supports \"read\" and \"write\" scope.

I retrieve an access token \"f482c829\" with \"read\" scope. If I then change my mind

Answer 1

Say one client (mobile) of an application needs read-only access and another client (website) needs to write as well. This would require client to be able to decide the scope of token request and hence provider to store multiple tokens with different scopes.

However, it is up to you if you want to extend the scope of an existing token. This means you can keep one scope per application. This can also make easy to revoke access of an application by a user.