diff --git a/ingestion/src/metadata/ingestion/ometa/auth_provider.py b/ingestion/src/metadata/ingestion/ometa/auth_provider.py
index 85c44d0a4f5..cb3795194a5 100644
--- a/ingestion/src/metadata/ingestion/ometa/auth_provider.py
+++ b/ingestion/src/metadata/ingestion/ometa/auth_provider.py
@@ -224,10 +224,11 @@ class OktaAuthenticationProvider(AuthenticationProvider):
             )
             parameters = {
                 "grant_type": "client_credentials",
-                "scope": " ".join(config["client"]["scopes"]),
                 "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
                 "client_assertion": jwt_token,
             }
+            if config["client"].get("scopes"):
+                parameters["scope"] = " ".join(config["client"]["scopes"])
             encoded_parameters = urlencode(parameters, quote_via=quote)
             url = f"{self.security_config.orgURL}?" + encoded_parameters
             token_request_object = await request_exec.create_request(
diff --git a/openmetadata-docs/content/deployment/security/okta/index.md b/openmetadata-docs/content/deployment/security/okta/index.md
index 0b88c695c29..923f204e603 100644
--- a/openmetadata-docs/content/deployment/security/okta/index.md
+++ b/openmetadata-docs/content/deployment/security/okta/index.md
@@ -245,6 +245,5 @@ workflowConfig:
       orgURL: "{ISSUER_URL}/v1/token"
       privateKey: "{public/private keypair}"
       email: "{email}"
-      scopes:
-      - token
+      scopes: []
 ```