A high-level architecture diagram that explains how a web application uses the SDK library to perform a two-legged authentication flow for OAuth 2.0 and OpenID Connect 1.0. This two-legged flow uses the resource owner grant type.

After the user requests a protected URL, the application displays the Sign In page. The user submits their login credentials, and then the application uses the SDK to submit the user's credentials, and the application's Client ID and Secret, to Oracle Identity Cloud Service for validation. Oracle Identity Cloud Service issues a user access token to the application, and then the application displays content for the user.