text

Author: damienbod

aspnetcore/security/authentication/configure-jwt-bearer-authentication.md

@@ -258,7 +258,7 @@ Secure web applications require a backend and store access tokens somewhere on t
 APIs sometimes require user data from downstream APIs on behalf of the user authenticated in the calling application. The API could just implement an OAuth client credentials flow, but this would mean a full trust between the two API applications. A better way to implement this would be to use a zero-trust strategy and use a delegated user access token. For this to work, the API requires access for the new identity, the user calling the application and the API itself. There are fours ways to implement this:
 
 ### Use OAuth 2.0 Token Exchange to request a new delegated access token
-This is a great way to implement this requirement but is complicated if you must implement this requirement yourself. 
+This is a great way to implement this requirement but is complicated if you must implement the OAuth flow yourself. 
 
 See [OAuth 2.0 Token Exchange](https://datatracker.ietf.org/doc/html/rfc8693)