diff --git a/packages/backend/src/server/api/mastodon/helpers/auth.ts b/packages/backend/src/server/api/mastodon/helpers/auth.ts
index 2974c4f1f..12adb67fd 100644
--- a/packages/backend/src/server/api/mastodon/helpers/auth.ts
+++ b/packages/backend/src/server/api/mastodon/helpers/auth.ts
@@ -50,7 +50,7 @@ export class AuthHelpers {
         if (!user) throw new MastoApiError(401, "Unauthorized");
 
         const body = ctx.request.body as any;
-        const scopes = body.scopes as string[];
+        const scopes = (typeof body.scopes === "string" ? body.scopes.split(' ') : body.scopes) ?? ['read'];
         const clientId = toSingleLast(body.client_id);
 
         if (clientId == null) throw new MastoApiError(400, "Invalid client_id");
@@ -92,7 +92,7 @@ export class AuthHelpers {
 
     public static async getAuthToken(ctx: MastoContext) {
         const body: any = ctx.request.body || ctx.request.query;
-        const scopes = body.scopes as string[] ?? ['read'];
+        const scopes = (typeof body.scopes === "string" ? body.scopes.split(' ') : body.scopes) ?? ['read'];
         const clientId = toSingleLast(body.client_id);
         const code = toSingleLast(body.code);