diff --git a/www/content/tutorials/preview-mode/create-oauth-client.mdx b/www/content/tutorials/preview-mode/create-oauth-client.mdx
index 7bb38b660..a126db56b 100644
--- a/www/content/tutorials/preview-mode/create-oauth-client.mdx
+++ b/www/content/tutorials/preview-mode/create-oauth-client.mdx
@@ -27,13 +27,17 @@ As from `next-drupal 1.5`, user roles are used for OAuth scopes. The scopes are
 
 Next, assign the following permissions to the newly created role.
 
-- Bypass content access control
-- Issue subrequests
-- View user information
+- 'access content'
+- 'access user profiles'
+- 'issue subrequests'
+- 'view all revisions'
+- 'view any unpublished content'
+- 'view latest version'
+- 'view media'
 
 <Callout>
 
-We are assigning the _Bypass content access control_ permission to allow Next.js to access unpublished content and revisions.
+We are assigning the _view all revisions_ and _view any unpublished content_ permissions to allow Next.js to access unpublished content and revisions.
 
 This scope is only going to be used when making authenticated requests from Next.js to Drupal.
 
@@ -55,7 +59,7 @@ const articles = await drupal.getResource(
 
 ## 3. Create User
 
-Add a new user at `/admin/people/create` and **assign them all the roles that are going to be used for scopes, including the administrator role and the role we created above**.
+Add a new user at `/admin/people/create` and **assign them all the roles that are going to be used for scopes, including the role we created above**.
 
 ---