diff --git a/.env.example b/.env.example
index 73f3013..6e2f324 100644
--- a/.env.example
+++ b/.env.example
@@ -9,4 +9,5 @@ OAUTH_ISSUER=
 OAUTH_AUTHORIZATION_URL=
 OAUTH_TOKEN_URL=
 OAUTH_USERINFO_URL=
-OAUTH_JWKS_ENDPOINT=
\ No newline at end of file
+OAUTH_JWKS_ENDPOINT=
+OAUTH_SCOPES="openid email profile offline_access"
\ No newline at end of file
diff --git a/src/app/types/env.d.ts b/src/app/types/env.d.ts
index e33577d..6746c47 100644
--- a/src/app/types/env.d.ts
+++ b/src/app/types/env.d.ts
@@ -8,5 +8,6 @@ declare namespace NodeJS {
 		OAUTH_USERINFO_URL: string;
 		OAUTH_ISSUER: string;
 		OAUTH_JWKS_ENDPOINT: string;
+		OAUTH_SCOPES: string;
 	}
 }
diff --git a/src/app/types/next-auth.d.ts b/src/app/types/next-auth.d.ts
index f262b7a..bb658ee 100644
--- a/src/app/types/next-auth.d.ts
+++ b/src/app/types/next-auth.d.ts
@@ -56,7 +56,7 @@ declare module "next-auth/jwt" {
 		accessToken: string;
 		accessTokenExpires: Moment;
 		refreshToken: string;
-		refreshTokenExpires: Moment;
+		refreshTokenExpires: Moment | undefined;
 		error?: string;
 		user: User | AdapterUser;
 	}
diff --git a/src/authOptions.ts b/src/authOptions.ts
index 443b8b5..45b760e 100644
--- a/src/authOptions.ts
+++ b/src/authOptions.ts
@@ -18,7 +18,7 @@ export const authOptions: AuthOptions = {
 			authorization: {
 				url: process.env.OAUTH_AUTHORIZATION_URL,
 				params: {
-					scope: "openid email profile",
+					scope: process.env.OAUTH_SCOPES,
 					response_type: "code",
 				},
 			},
@@ -49,10 +49,11 @@ export const authOptions: AuthOptions = {
 				token.refreshToken = account.refresh_token;
 
 				token.accessTokenExpires = moment.unix(account.expires_at);
-				token.refreshTokenExpires = moment().add(
-					account.refresh_expires_in,
-					"seconds",
-				);
+
+				token.refreshTokenExpires =
+					account.refresh_expires_in != 0
+						? moment().add(account.refresh_expires_in, "seconds")
+						: undefined;
 
 				const accessTokenDecode = jsonwebtoken.decode(
 					account.access_token,