When a user is redirected to a login page of an authorization server usually a user is either informed or can select what kind information (scope) client wants. If a client app wants an access that requires different scope it again needs to redirect to authorization server login page to inform user that a client wants additional access so a user will decide if it’s correct.