diff --git a/config/src/main/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProvider.java b/config/src/main/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProvider.java
index d45dde61a5..92c2417fac 100644
--- a/config/src/main/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProvider.java
+++ b/config/src/main/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProvider.java
@@ -24,6 +24,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
 import org.springframework.web.client.RestTemplate;
 
 import com.nimbusds.oauth2.sdk.GrantType;
@@ -99,7 +100,7 @@ public final class OidcConfigurationProvider {
 		Scope scope = metadata.getScopes();
 		if (scope == null) {
 			// If null, default to "openid" which must be supported
-			return Arrays.asList("openid");
+			return Arrays.asList(OidcScopes.OPENID);
 		} else {
 			return scope.toStringList();
 		}