The image shows an EU Customer identity federation instance that uses OAuth 2.0 credentials to access user groups within an EU customer. The customer contains its root, subordinate to which are three identity domains (ID) and some EU committee compartments. Within each AD is a sub-SC root, subordinate to which are compartments and users/groups. Outside the tenancy sub-SC ID federation uses OAuth 2.0 credentials to access the users/groups in their respective ID.