Fully customizable consent screen that describes scopes that the user is authorizing to the application.
After an authorization flow, OAuth client will receive tokens which are used to access protected resources.
Claims including the scope and optionally authorization details are embedded in issued tokens.
By default, clients inherit global branding options which can be overridden on a per-client basis which get propagated to all hosted pages, emails, and consent screen.
Standard OpenID Connect claims about the user as well as custom user metadata-based claims can be configured on a per-client basis to be included in id token.
Resources access can be enabled on a per-client basis. This enables to include only relevant permissions in the scope of the issued access token.