Ory Hydra does not automatically add scopes that were not specified by the client in the request by default. However, there is a specific case for the client credentials grant: if no scope is requested, Hydra will, by default, return an empty scope. If you want Hydra to grant the OAuth2 Client's default scopes when an empty scope is requested for a client_credentials grant, you can enable this behavior with the following configuration:

ory patch oauth2-config "{your-project-id}" \   --replace '/oauth2/client_credentials/default_grant_allowed_scope=true'

With this setting enabled, Hydra will behave similarly to MITREid and grant the client's allowed scopes when none are specified in the request for the client_credentials flow. Outside of this specific configuration, Hydra does not automatically add or request scopes that the client did not explicitly request in the OAuth2 flow. The consent app or webhook can also influence granted scopes, but these require explicit logic or configuration by the implementer, not automatic addition by Hydra itself [see Migrating from MITREid](https://www.ory.sh/docs/hydra/self-hosted/migrating-from-mitreid).