--- a/mod_http_oauth2/mod_http_oauth2.lua	Sun May 07 19:06:37 2023 +0200
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Sun May 07 19:40:57 2023 +0200
@@ -485,7 +485,7 @@
 		end
 
 		local scope = array():append(form):filter(function(field)
-			return field.name == "scope" or field.name == "role";
+			return field.name == "scope";
 		end):pluck("value"):concat(" ");
 
 		user.token = form.user_token;
@@ -662,20 +662,7 @@
 		return render_page(templates.login, { state = auth_state, client = client });
 	elseif auth_state.consent == nil then
 		-- Render consent page
-		local scopes, requested_roles = split_scopes(parse_scopes(params.scope or ""));
-		local default_role = select_role(auth_state.user.username, requested_roles);
-		local roles = array(it.values(usermanager.get_all_roles(module.host))):filter(function(role)
-			return can_assume_role(auth_state.user.username, role.name);
-		end):sort(function(a, b)
-			return (a.priority or 0) < (b.priority or 0)
-		end):map(function(role)
-			return { name = role.name; selected = role.name == default_role };
-		end);
-		if not roles[2] then
-			-- Only one role to choose from, might as well skip the selector
-			roles = nil;
-		end
-		return render_page(templates.consent, { state = auth_state; client = client; scopes = scopes; roles = roles }, true);
+		return render_page(templates.consent, { state = auth_state; client = client; scopes = parse_scopes(params.scope or "") }, true);
 	elseif not auth_state.consent then
 		-- Notify client of rejection
 		return error_response(request, oauth_error("access_denied"));