Not all endpoints have scopes yet, which appears to be the case with the search API. Scopes are an ongoing process and being rolled out slowly. In lieu of using scopes, you can instead apply the Report Admin user level to the user that is authenticating to the API to restrict their API access. You can learn more about user levels here: User Level Matrix - SailPoint Identity Services