diff --git a/src/index.js b/src/index.js
index e1778d3..2add961 100644
--- a/src/index.js
+++ b/src/index.js
@@ -31,7 +31,7 @@ async function main () {
   const command = core.getInput('command')
   const noPublish = core.getInput('noPublish')
   const key = core.getInput('key')
-  const scopes = core.getInput('scopes')
+  const scopes = core.getInput('scopes') || undefined
   const clientId = core.getInput('clientId')
   const clientSecret = core.getInput('clientSecret')
   const techAccId = core.getInput('technicalAccountId')
diff --git a/test/utils.test.js b/test/utils.test.js
index 68c9ad3..a7ab10f 100644
--- a/test/utils.test.js
+++ b/test/utils.test.js
@@ -198,6 +198,20 @@ describe('generateOAuthSTSAuthToken', () => {
     await expect(generateOAuthSTSAuthToken(inputs)).rejects.toThrow('[generateOAuthSTSAuthToken] Validation errors:')
   })
 
+  test('scopes is an empty string', async () => {
+    const inputs = {
+      ims,
+      key: 'key',
+      clientId: 'client-id',
+      clientSecret: 'client-secret',
+      techAccId: 'tech-acct-id',
+      techAccEmail: 'tech-acct-email',
+      imsOrgId: 'ims-org-id',
+      scopes: ''
+    }
+    await expect(generateOAuthSTSAuthToken(inputs)).rejects.toThrow('[generateOAuthSTSAuthToken] Validation errors:')
+  })
+
   test('use default scopes', async () => {
     const inputs = {
       ims,