scope should be optional in client-credentials requests

`scope` is optional in the client-credentials flow but if I make a requests to the token endpoint with `"grant_type": "client_credentials"` but without `"scope"` I get
```
{
  "error": "invalid_scope: missing openid scope",
  "error_description": null
}
```