@ALostInquirer
Let me know if it ends up making any sense. I use this (alongside a few other ways of authenticating), and I still find the details a bit hard to follow. Configuring it in an application is the easy part; figuring out how it all interacts with your own system can get complicated if you need more info than what’s provided in the user info endpoint (honestly more of an enterprise problem than something we deal with outside of the office)