OAuth2 Implicit Grant and SPA
Everything you always wanted to know (but were afraid to ask)
On The Nature of OAuth2’s Scopes
Stretching OAuth2 scopes beyond intended usage leads to trouble in complex architectures.
Open standards won’t save you from vendor lock-in
...or at least, they won’t as often or as thoroughly as advertised.