Scope - A string that describes a certain type of access that can be
granted to a user using OAuth.
Access token - A token that gives access to perform actions on behalf of a
user. It will commonly have a short expiry time, and be limited to a set of
scopes. Part of the OAuth protocol.
ID token - A JWT used to prove a user's identity, containing for example
the user's email. Part of OpenID Connect.
Offline access - OAuth flow that results in both a refresh and access
token, where the refresh token has a long expiration or never expires, and can
be used to request more access tokens in the future. This lets the user go
"offline" with respect to the token issuer, but still be able to request more
tokens at a later time without further direct interaction for the user.
Code grant - OAuth flow where the client receives an authorization code
that is passed to the backend to be exchanged for an access token and possibly
refresh token.