# Flow Diagram

This page provides detailed visual diagrams of the SSO authentication flow, helping you understand exactly what happens during the login process.

## Understanding the Diagrams

These diagrams show:

* The complete OAuth 2.0 authorization code flow
* Interactions between user, application, and Oten IDP
* Different scenarios and error handling
* Security mechanisms in action

## Complete OAuth 2.0 Flow

### Main Authentication Flow

## Security Mechanisms

<figure><img src="/files/G32UjJLardaLz54qfGYF" alt=""><figcaption></figcaption></figure>

### PKCE Flow (for Public Clients)

<figure><img src="/files/eJkkEbScycG3m3v10atM" alt=""><figcaption></figcaption></figure>

> 📖 **Comprehensive PKCE Guide**: For detailed implementation examples for SPAs and native apps, see the [PKCE Implementation Guide](broken://pages/5y0aMLenY28PhaF6VqYC).

**Next**: Learn about the [Step-by-Step Process](https://gitlab.silvertiger.tech/documents/idp/-/blob/main/sso-flow/step-by-step.md) for detailed explanations of each step


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://oten.gitbook.io/identity-support/integration/understand-sso-flow/flow-diagram.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.