diff --git a/security.py b/security.py
index 5ad8bb7..b76916f 100644
--- a/security.py
+++ b/security.py
@@ -141,8 +141,9 @@ async def get_current_user(
     user = get_user(username=token_data.username)
     if user is None:
         raise credentials_exception
+    allowed_scopes = set(user.scopes.split())
     for scope in security_scopes.scopes:
-        if scope not in token_data.scopes:
+        if scope not in allowed_scopes or scope not in token_data.scopes:
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
                 detail="Not enough permissions",
@@ -159,6 +160,10 @@ async def get_current_active_user(
     return current_user
 
 
+async def verify_team_scope(user: Annotated[Player, Depends(get_current_active_user)]):
+    allowed_scopes = set(user.scopes.split())
+
+
 async def login_for_access_token(
     form_data: Annotated[OAuth2PasswordRequestForm, Depends()], response: Response
 ) -> Token: