This is the first Oauth document I've seen with a no-nonsense "Terminology" section. Thank you!
The only thing I'd suggest is putting the terminology first, so readers can first correct their misconceptions from all the terrible literature around this.
I thought about it, and settled on the compromise of referring to it up front, and then putting it at the end.
That's because there are many ways you could use a document like that. And the Terminology section is very overwhelming unless your goal is to understand how OAuth 2 REALLY works, and why it works that way.
The only thing I'd suggest is putting the terminology first, so readers can first correct their misconceptions from all the terrible literature around this.