Everyone mostly understands the OIDC login flow correct. It’s simple and staight-forward, you do the authorization code flow, validate the ID Token, set a session cookie, and done. Logout is where things becomes a bit complex and they usually happen silently.
This is part 2 of nuts and bolts of OAuth 2.0, continuing part 1. In this section, I’ll explore the client credentials flow for machine-to-machine communication
In this blog, I want to summarize whatever I learned from the nuts and bolts of OAuth 2.0 by Aaron Parecki’s Udemy course. This was one of the nicest things I have done when starting to learn OAuth myself (and I surely recommend this).
