[ 'displayErrorDetails' => true, ], Server::class => function () { // Init our repositories $clientRepository = new ClientRepository(); $scopeRepository = new ScopeRepository(); $accessTokenRepository = new AccessTokenRepository(); $privateKeyPath = 'file://'.__DIR__.'/../private.key'; $publicKeyPath = 'file://'.__DIR__.'/../public.key'; // Setup the authorization server $server = new Server( $clientRepository, $accessTokenRepository, $scopeRepository, $privateKeyPath, $publicKeyPath ); return $server; }, ]); $app->add(new ResourceServerMiddleware($app->getContainer()->get(Server::class))); $app->post('/api/example', function (Request $request, Response $response) { $params = []; if (in_array('basic', $request->getAttribute('oauth_scopes', []))) { $params = [ 'id' => 1, 'name' => 'Alex', 'city' => 'London', ]; } if (in_array('email', $request->getAttribute('oauth_scopes', []))) { $params['email'] = 'alex@example.com'; } $response->getBody()->write(json_encode($params)); return $response; }); $app->run();