diff --git a/gitlab/types.py b/gitlab/types.py
index e07d078e1..cb1740ab7 100644
--- a/gitlab/types.py
+++ b/gitlab/types.py
@@ -45,6 +45,15 @@ def get_for_api(self):
         return ",".join(self._value)
 
 
+class ScopesListAttribute(ListAttribute):
+    def get_for_api(self):
+        # scopes are expected to be a list of strings
+        if isinstance(self._value, str):
+            return [self._value]
+
+        return self._value
+
+
 class LowercaseStringAttribute(GitlabAttribute):
     def get_for_api(self):
         return str(self._value).lower()
diff --git a/gitlab/v4/objects/applications.py b/gitlab/v4/objects/applications.py
index ddb9d234d..2b56168e0 100644
--- a/gitlab/v4/objects/applications.py
+++ b/gitlab/v4/objects/applications.py
@@ -1,5 +1,6 @@
 from gitlab.base import RESTManager, RESTObject
 from gitlab.mixins import CreateMixin, DeleteMixin, ListMixin, ObjectDeleteMixin
+from gitlab.types import ScopesListAttribute
 
 __all__ = [
     "Application",
@@ -16,3 +17,5 @@ class ApplicationManager(ListMixin, CreateMixin, DeleteMixin, RESTManager):
     _path = "/applications"
     _obj_cls = Application
     _create_attrs = (("name", "redirect_uri", "scopes"), ("confidential",))
+
+    _types = {"scopes": ScopesListAttribute}
diff --git a/gitlab/v4/objects/deploy_tokens.py b/gitlab/v4/objects/deploy_tokens.py
index b9d0bad7d..e45085117 100644
--- a/gitlab/v4/objects/deploy_tokens.py
+++ b/gitlab/v4/objects/deploy_tokens.py
@@ -1,6 +1,6 @@
 from gitlab.base import RESTManager, RESTObject
 from gitlab.mixins import CreateMixin, DeleteMixin, ListMixin, ObjectDeleteMixin
-
+from gitlab.types import ScopesListAttribute
 
 __all__ = [
     "DeployToken",
@@ -39,6 +39,7 @@ class GroupDeployTokenManager(ListMixin, CreateMixin, DeleteMixin, RESTManager):
             "username",
         ),
     )
+    _types = {"scopes": ScopesListAttribute}
 
 
 class ProjectDeployToken(ObjectDeleteMixin, RESTObject):
@@ -59,3 +60,4 @@ class ProjectDeployTokenManager(ListMixin, CreateMixin, DeleteMixin, RESTManager
             "username",
         ),
     )
+    _types = {"scopes": ScopesListAttribute}
diff --git a/gitlab/v4/objects/users.py b/gitlab/v4/objects/users.py
index 4f14e86b3..317a6459d 100644
--- a/gitlab/v4/objects/users.py
+++ b/gitlab/v4/objects/users.py
@@ -13,6 +13,7 @@
     SaveMixin,
     UpdateMixin,
 )
+from gitlab.types import ScopesListAttribute
 
 from .custom_attributes import UserCustomAttributeManager
 from .events import UserEventManager
@@ -406,6 +407,7 @@ class UserImpersonationTokenManager(NoUpdateMixin, RESTManager):
     _from_parent_attrs = {"user_id": "id"}
     _create_attrs = (("name", "scopes"), ("expires_at",))
     _list_filters = ("state",)
+    _types = {"scopes": ScopesListAttribute}
 
 
 class UserMembership(RESTObject):
diff --git a/tools/functional/cli/test_cli_v4.py b/tools/functional/cli/test_cli_v4.py
index a63c1b1b5..4cba64823 100644
--- a/tools/functional/cli/test_cli_v4.py
+++ b/tools/functional/cli/test_cli_v4.py
@@ -561,11 +561,10 @@ def test_create_project_with_values_from_file(gitlab_cli, tmpdir):
     assert description in ret.stdout
 
 
-def test_create_project_deploy_token(gitlab_cli, project):
+def do_test_create_project_deploy_token(gitlab_cli, project, scopes, expected_scopes):
     name = "project-token"
     username = "root"
     expires_at = "2021-09-09"
-    scopes = "read_registry"
 
     cmd = [
         "-v",
@@ -588,7 +587,19 @@ def test_create_project_deploy_token(gitlab_cli, project):
     assert name in ret.stdout
     assert username in ret.stdout
     assert expires_at in ret.stdout
-    assert scopes in ret.stdout
+    assert expected_scopes in ret.stdout
+
+
+def test_create_project_deploy_token_one_scope(gitlab_cli, project):
+    scopes = "read_registry"
+    expected_scopes = "['read_registry']"
+    do_test_create_project_deploy_token(gitlab_cli, project, scopes, expected_scopes)
+
+
+def test_create_project_deploy_token_many_scopes(gitlab_cli, project):
+    scopes = "read_registry,read_repository"
+    expected_scopes = "['read_repository', 'read_registry']"
+    do_test_create_project_deploy_token(gitlab_cli, project, scopes, expected_scopes)
 
 
 def test_list_all_deploy_tokens(gitlab_cli, deploy_token):

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/python-gitlab/python-gitlab/pull/1360.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/python-gitlab/python-gitlab/pull/1360.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/python-gitlab/python-gitlab/pull/1360.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/python-gitlab/python-gitlab/pull/1360.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>