Reqres simulates real application scenarios. If you want to test a user authentication system, Reqres will respond to a successful login/register request with a token for you to identify a sample user, or with a 403 forbidden response to an unsuccessful login/registration attempt.
Great to see an initiative like this. Nearly three years ago I created a simple Movies Database API exactly for this very reason: I wanted to make an API frontend consumer based on a proper API. Now I that look back at it we’ve come a long way: people have come to understand that it takes more than just changing the response to JSON in order to make an API RESTful.
Note: Here are the slides I use in my course on RESTful/Hypermedia APIs. They also cover OAuth2. Feel free to check them out.