title: Implicit Authorization Sequence
RO->CL: Click some button on CL asks for a redirect to
CL->UA: Do that redirect to /authorize RO asked.
UA->AS: I need you to authorize this RO.
AS-->UA: OK, but I will need his sessionid cookie for domain
UA->AS: Here is RO sessionid cookie
AS-->RO: I've identified you being user xxx123 based on your sessionid cookie. Do you wish to authorize this CL?
RO->AS: yes
AS->UA: RO Agreed redirect him to
UA-->CL: I am redirecting RO to /
CL-->RO: I have grabbed the token I can read your data.

note over UA: User Agent (browser)
note over CL: let's assume client is JS app running at
note over AS: Authorization Server running on domain

Proudly representing Lithuania 🇱🇹 as dovydasgulbinas