Description of Oauth-flow.png

This is a diagram of the flow for OAuth. The Client application gets an access token from the Identity Provider based on the OAuth Grants and scope requested. The Client application then sends the access token along with the request as a Bearer Token to the APICS Gateway, which acts as an OAuth enforcer. The APICS gateway then fulfills the policies and routes the request to the endpoint.