That's just a very confusing diagram of the process, which has multiple separate boxes for the same entities.

The diagram on Microsoft's page[1] for that exact same scenario/flow is much clearer IMHO.

[1]: https://learn.microsoft.com/en-us/entra/identity-platform/v2...

I hope this was meant as a joke…

Why would it?

The first diagram is literally all over, with just small labels to remind you that this box over here relates to that box over there.

The Microsoft diagram clearly show the parties involved, who they communicate with and in which sequence.

As I mentioned in another post, I found the MS pages very helpful to understand OAuth 2.0, and the clear diagrams was a large part of that.

The diagram shows five boxes, apparently each representing a server, but I am not at all clear on which (of exactly two?) legal business entities controls certain of those servers.