How use all scopes in web application. (authentication failed)

I found stupid thing:
1 add to your api application ALL scopes.
2 on auth link add also ALL scopes from application
result will be “authentication error” on endpoints

But if you will use (for example) not all scopes “esi-fleets.read_fleet.v1 esi-fleets.write_fleet.v1” and “/v1/characters/{character_id}/fleet/” endpoint it will work correctly.

Why it happens? And how use all scopes?

MEGALOL accessToken becomes 4178 length with all scopes

this is php code that im trying

        $curl = curl_init();

        curl_setopt_array($curl, [
                CURLOPT_URL => $this->createUrl(),
                CURLOPT_HTTPHEADER => [
                    'Authorization: Bearer ' . $this->getAccessToken(),
                    'Accept: application/json',
                    'Cache-Control: no-cache'
                ],
                CURLOPT_RETURNTRANSFER => true,
                CURLOPT_FRESH_CONNECT => true,
                CURLOPT_VERBOSE => true,
//                CURLOPT_STDERR => fopen('curl.log', 'w+'),
            ]
        );

        $result = curl_exec($curl);

btw if ill send it in console (from swagger) it will execute correctly and gives correct result


        var_dump($result);
        echo '<pre>';
        print_r(curl_getinfo($curl));

will show

string(34) "{"error":"authentication failure"}"
Array
(
    [url] => https://esi.evetech.net/v1/characters/2120038253/fleet/?datasource=tranquility
    [content_type] => application/json; charset=utf-8
    [http_code] => 403
    [header_size] => 645
    [request_size] => 4346
    [filetime] => -1
    [ssl_verify_result] => 0
    [redirect_count] => 0
    [total_time] => 0.362791
    [namelookup_time] => 0.00202
    [connect_time] => 0.085937
    [pretransfer_time] => 0.276465
    [size_upload] => 0
    [size_download] => 34
    [speed_download] => 93
    [speed_upload] => 0
    [download_content_length] => 34
    [upload_content_length] => -1
    [starttransfer_time] => 0.362727
    [redirect_time] => 0
    [redirect_url] => 
    [primary_ip] => 52.19.10.36
    [certinfo] => Array
        (
        )

    [primary_port] => 443
    [local_ip] => 127.0.0.1
    [local_port] => 50151
    [http_version] => 3
    [protocol] => 2
    [ssl_verifyresult] => 0
    [scheme] => HTTPS
    [appconnect_time_us] => 276046
    [connect_time_us] => 85937
    [namelookup_time_us] => 2020
    [pretransfer_time_us] => 276465
    [redirect_time_us] => 0
    [starttransfer_time_us] => 362727
    [total_time_us] => 362791
)

What’s the exact error you’re getting? Is possible that the workaround mentioned in Eve Swagger OAuth2.0 scopes authorizations - too many scopes · Issue #519 · esi/esi-issues · GitHub would help with this.