OAuth scopes are not properly ordered

The OAuth scopes are not properly ordered in the list. 

It looks like it is ordered by risk levels. Maybe we neeed to provide options to reorder this - product-wise, access-wise (read / write / modify / delete), and then risk-wise. 

<img width="746" height="905" alt="Image" src="https://github.com/user-attachments/assets/aabd7309-30f0-4f60-9012-e0109b0dfc74" />

