Although this package aims to be as self-explanatory as possible, some prior knowledge is required.
There are a lot of terminology specific Oauth 2.0 and OpenID Connect like "grant types", "clients", "scopes" and "claims". It is strongly recommended that you get familiar with Oauth 2.0 (and OpenID Connect if applicable) before continuing the installation and setup.
- https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
- https://www.loginradius.com/blog/async/oauth2
- https://aaronparecki.com/oauth-2-simplified
- https://alexbilbie.com/guide-to-oauth-2-grants
- https://www.oauth.com/oauth2-servers/getting-ready
Scopes only come into play in delegation scenarios, and always limit what an app can do on behalf of a user: a scope cannot allow an application to do more than what the user can do.
More information On The Nature of OAuth2’s Scopes
Since this package is aimed at Yii2, knowledge about Yii2 usage is required. For example how to run migrations and what the User Component and Identity Class are.