accessible-resources API doesn't validate scopes per product instance and blindly trusts that the APP has a Grant for ALL instances of the same product. This isn't always true and some customer gets a list back with a product instance that the OAuth token doesn't have access to.