docs: add Flow C for self-service profile updates via SPA OIDC

- Introduced a new documentation file detailing the second OIDC flow for the Auth0 Management API audience, enabling users to manage their own profiles.
- Updated Flow D and Flow E documentation to reference the new access token naming convention.
- Revised the README to link to the new Flow C documentation.

This addition enhances the clarity and usability of the authentication documentation for self-service profile updates.

Jira Ticket: https://linuxfoundation.atlassian.net/browse/LFXV2-888

Reviewed with [GitHub Copilot](https://github.com/features/copilot)

Signed-off-by: Mauricio Zanetti Salomao <mauriciozanetti86@gmail.com>

Author: mauriciozanettisalomao

…ows/C-auth-service-m2m-profile-update.md …/auth-flows/C-spa-profile-update-oidc.mddocs/auth-flows/C-auth-service-m2m-profile-update.md renamed to docs/auth-flows/C-spa-profile-update-oidc.md docs/auth-flows/C-auth-service-m2m-profile-update.md renamed to docs/auth-flows/C-spa-profile-update-oidc.md

@@ -1,4 +1,4 @@
-# Flow C: 2nd SPA OIDC flow for Management API audience ('self' Auth0 access)
+# Flow C: Self-Service Profile Update via SPA OIDC for Management API audience ('self' Auth0 access)
 
 ## Description
 Second OIDC flow for Auth0 Management API audience, allowing users to manage their own profiles ("self" Auth0 access). This flow shares a client with Flow D's SPA client (recommended approach).

docs/auth-flows/D-spa-social-identity-linking.md

@@ -1,7 +1,7 @@
 # Flow D: Link Social Identity via Popup/WebMessage (No Audience)
 
 ## Description
-SPA flow for linking social identities by authenticating with the social provider in a popup. Uses access_token2 from Flow C (Management API token) to perform the actual linking operation.
+SPA flow for linking social identities by authenticating with the social provider in a popup. Uses access_token_mgmt_self from Flow C (Management API token) to perform the actual linking operation.
 
 ## Sequence Diagram
 

docs/auth-flows/E-passwordless-email-linking.md

@@ -1,7 +1,7 @@
 # Flow E: Link Email Identity via Passwordless
 
 ## Description
-SPA/SSR flow for linking additional email addresses to a user's account using passwordless authentication. All Auth0 API calls (both passwordless and Management API) are made by Auth Service, with SSR communicating via NATS pub/sub pattern. Uses access_token2 from Flow C (Management API token) to perform the actual linking operation. The user verifies ownership of the email by entering a one-time verification code in LFX One.
+SPA/SSR flow for linking additional email addresses to a user's account using passwordless authentication. All Auth0 API calls (both passwordless and Management API) are made by Auth Service, with SSR communicating via NATS pub/sub pattern. Uses access_token_mgmt_self from Flow C (Management API token) to perform the actual linking operation. The user verifies ownership of the email by entering a one-time verification code in LFX One.
 
 ## Sequence Diagram
 

docs/auth-flows/README.md

@@ -17,7 +17,7 @@ The authentication architecture uses multiple Auth0 clients and flows to support
 |------|-------------|-------------|----------|---------|
 | [Flow A](A-auth-service-m2m-profile-lookup.md) | Auth Service M2M | Auth Service M2M | `auth0_mgmt` | Read user profiles and check email-to-username mappings |
 | [Flow B](B-lfx-one-login-ssr-oidc.md) | LFX One Login (SSR OIDC) | LFX One | `lfxv2` | Authenticate users and obtain access tokens for LFX v2 API |
-| [Flow C](C-auth-service-m2m-profile-update.md) | Self-Service Profile Updates | LFX One Profile | `auth0_mgmt` | Allow users to update their own profiles via Management API |
+| [Flow C](C-spa-profile-update-oidc.md) | Self-Service Profile Updates | LFX One Profile | `auth0_mgmt` | Allow users to update their own profiles via Management API |
 | [Flow D](D-spa-social-identity-linking.md) | Social Identity Linking | LFX One Profile | None | Link social identities (Google, GitHub, etc.) to user accounts |
 | [Flow E](E-passwordless-email-linking.md) | Email Identity Linking | LFX One Passwordless | None | Link additional email addresses using passwordless OTP verification |