From d86e4bb17ec8ba71c8b440d7c5f68fd470bb59bd Mon Sep 17 00:00:00 2001
From: Enol Fernandez <enol.fernandez@egi.eu>
Date: Tue, 18 Jun 2024 15:37:05 +0100
Subject: [PATCH] Do not restrict the token

---
 .github/workflows/deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 0154878f..0ecb092a 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -33,7 +33,7 @@ jobs:
           set -x
           # using parametric scopes to only have access to cloud.egi.eu VO
           SCOPE="openid%20email%20profile%20voperson_id%20eduperson_entitlement"
-          SCOPE="$SCOPE:eduperson_entitlement:urn:mace:egi.eu:group:cloud.egi.eu:role=vm_operator#aai.egi.eu"
+          #SCOPE="$SCOPE:eduperson_entitlement:urn:mace:egi.eu:group:cloud.egi.eu:role=vm_operator#aai.egi.eu"
           OIDC_TOKEN=$(curl -X POST "https://aai.egi.eu/auth/realms/egi/protocol/openid-connect/token" \
                             -d "grant_type=refresh_token&client_id=token-portal&scope=$SCOPE&refresh_token=$REFRESH_TOKEN" \
                           | jq -r ".access_token")