I have implemented OAuth both as a client and a server. The most complicated part is the scattered documentation, and little gotchas from different providers. In itself, the whole thing is not complex.
The diagram shows five boxes, apparently each representing a server, but I am not at all clear on which (of exactly two?) legal business entities controls certain of those servers.
user3939382|8 days ago
Meanwhile https://www.couchbase.com/blog/wp-content/uploads/2021/05/oa...
magicalhippo|7 days ago
The diagram on Microsoft's page[1] for that exact same scenario/flow is much clearer IMHO.
[1]: https://learn.microsoft.com/en-us/entra/identity-platform/v2...
everybodyknows|8 days ago