The description of the authonlyprivate grant says Authentication only with access to real name and email address. When real names are disabled (via $wgHiddenPrefs) the grant description should not mention them.
|Open||None||T90925 General authentication improvements for MediaWiki|
|Open||None||T86869 Support a nice sso experience with MediaWiki's OAuth|
|Open||Tgr||T75062 OAuth permission screen needs redesign for better usability and comprehension|
|Open||Tgr||T91825 Improve text of OAuth authorization dialog|
|Open||None||T151516 Improve OAuth grant messages|
|Open||None||T151515 authonlyprivate OAuth grant should not mention real name when the wiki does not allow them|
This wording has been brought up as a concern by a user regarding the InternetArchiveBot's Management Interface. At least on the German-language Wikipedia, unless I'm mistaken there is no way to set a real name in the preferences, hence no real name can be revealed. Nevertheless, this raises questions especially for users who do not understand what kind of mechanism OAuth is.
The grant text is generated (among other things) by MWGrants::grantName() and there is no easy way to modify that, so probably the least painful approach is to use a hook such as MessageCache::get to show a different message when real names are disabled. (The message used is grant-mwoauth-authonlyprivate.)