diff --git a/pkg/spamasaurusrex/main.go b/pkg/spamasaurusrex/main.go
index 7f0d5c7..c583d8b 100644
--- a/pkg/spamasaurusrex/main.go
+++ b/pkg/spamasaurusrex/main.go
@@ -23,7 +23,9 @@ func handler(w http.ResponseWriter, r *http.Request) {
 	clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
 	tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
 	// redirectURI := "https://alias.spamasaurus.com/"
-	scopes := []string{"email"}
+	scopes := []string{"user.read"}
+
+	ctx := context.Background()
 
 	// confidential clients have a credential, such as a secret or a certificate
 	cred, err := confidential.NewCredFromSecret("client_secret")
@@ -36,10 +38,10 @@ func handler(w http.ResponseWriter, r *http.Request) {
 		// TODO: handle error
 	}
 
-	result, err := confidentialClient.AcquireTokenSilent(context.TODO(), scopes)
+	result, err := confidentialClient.AcquireTokenSilent(ctx, scopes)
 	if err != nil {
 		// cache miss, authenticate with another AcquireToken... method
-		result, err = confidentialClient.AcquireTokenByCredential(context.TODO(), scopes)
+		result, err = confidentialClient.AcquireTokenByCredential(ctx, scopes)
 		if err != nil {
 			// TODO: handle error
 		}