Took forever to track this one down. I don't really need 'users:read' for my application, but my authentication wasn't working because the strategy tries to make the call to users.info even though it doesn't exist in the scope. pull request incoming

I ran into this also ☹️. Just adding that users:read is required to the documentation would probably help others to avoid the problem 😃. Or it could always be appended to the scope list regardless of the defaults set in config.

@cjab would you like to open a PR to update the README? There's an outstanding PR but it's gone stale.