diff --git a/images/SM-B_Auth_with_DPoP.png b/images/SM-B_Auth_with_DPoP.png
index c3bfa13..6f7f19c 100644
Binary files a/images/SM-B_Auth_with_DPoP.png and b/images/SM-B_Auth_with_DPoP.png differ
diff --git a/images/SM-B_Auth_with_DPoP.svg b/images/SM-B_Auth_with_DPoP.svg
index d1e5c7f..6a6b315 100644
--- a/images/SM-B_Auth_with_DPoP.svg
+++ b/images/SM-B_Auth_with_DPoP.svg
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="1173px" preserveAspectRatio="none" style="width:1126px;height:1173px;background:#FFFFFF;" version="1.1" viewBox="0 0 1126 1173" width="1126px" zoomAndPan="magnify"><defs/><g><rect fill="#F8F8FF" height="1161.4688" style="stroke:#181818;stroke-width:0.5;" width="186.5" x="192" y="6"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="277.75" y="15.2822">LEI</text><rect fill="#C9FFC9" height="1161.4688" style="stroke:#181818;stroke-width:0.5;" width="539" x="480" y="6"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="723" y="15.2822">Betreiber</text><rect fill="#F4A460" height="1144.8281" style="stroke:#181818;stroke-width:0.5;" width="424" x="480" y="22.6406"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="663.5" y="31.9229">ZT Cluster</text><rect fill="#8FBC8F" height="1144.8281" style="stroke:#181818;stroke-width:0.5;" width="103" x="916" y="22.6406"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="931" y="31.9229">TI 2.0 Dienst</text><rect fill="#FFFFFF" height="144.2031" style="stroke:#FFFFFF;stroke-width:1.0;" width="764" x="10" y="88.5625"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="26" x2="26" y1="76.5625" y2="1123.1875"/><rect fill="#FFFFFF" height="1020.625" style="stroke:#181818;stroke-width:1.0;" width="10" x="21" y="84.5625"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="228" x2="228" y1="76.5625" y2="1123.1875"/><rect fill="#FFFFFF" height="76.9219" style="stroke:#181818;stroke-width:1.0;" width="10" x="223" y="427.8906"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="354" x2="354" y1="76.5625" y2="1123.1875"/><rect fill="#FFFFFF" height="25.6406" style="stroke:#181818;stroke-width:1.0;" width="10" x="349" y="453.5313"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="541" x2="541" y1="76.5625" y2="1123.1875"/><rect fill="#FFFFFF" height="664.2969" style="stroke:#181818;stroke-width:1.0;" width="10" x="536" y="199.125"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="725" x2="725" y1="76.5625" y2="1123.1875"/><rect fill="#FFFFFF" height="25.6406" style="stroke:#181818;stroke-width:1.0;" width="10" x="720" y="129.8438"/><rect fill="#FFFFFF" height="177.4844" style="stroke:#181818;stroke-width:1.0;" width="10" x="720" y="927.7031"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="882" x2="882" y1="76.5625" y2="1123.1875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="967.5" x2="967.5" y1="76.5625" y2="1123.1875"/><rect fill="#FFFFFF" height="64.2813" style="stroke:#181818;stroke-width:1.0;" width="10" x="962.5" y="1015.2656"/><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="42" x="5" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="12" y="66.2041">Client</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="64" x="196" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="203" y="66.2041">Konnektor</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="41" x="333.5" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="340.5" y="66.2041">SM-B</text><rect fill="#E2E2F0" height="37.2813" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="114" x="484" y="38.2813"/><text fill="#000000" font-family="Helvetica" font-size="10" x="530.5" y="54.5635">PEP</text><text fill="#000000" font-family="Helvetica" font-size="10" x="491" y="66.2041">Authorization Server</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="66" x="692" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="699" y="66.2041">http Proxy</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="36" x="864" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="871" y="66.2041">PDP</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="95" x="920" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="927" y="66.2041">Resource Server</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="42" x="5" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="12" y="1139.4697">Client</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="64" x="196" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="203" y="1139.4697">Konnektor</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="41" x="333.5" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="340.5" y="1139.4697">SM-B</text><rect fill="#E2E2F0" height="37.2813" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="114" x="484" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="530.5" y="1139.4697">PEP</text><text fill="#000000" font-family="Helvetica" font-size="10" x="491" y="1151.1104">Authorization Server</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="66" x="692" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="699" y="1139.4697">http Proxy</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="36" x="864" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="871" y="1139.4697">PDP</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="95" x="920" y="1123.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="927" y="1139.4697">Resource Server</text><path d="M10,88.5625 L70,88.5625 L70,92.2031 L60,102.2031 L10,102.2031 L10,88.5625 " fill="#EEEEEE" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="144.2031" style="stroke:#000000;stroke-width:1.5;" width="764" x="10" y="88.5625"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="25" y="98.8447">alt</text><line style="stroke:#000000;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="10" x2="774" y1="174.4844" y2="174.4844"/><polygon fill="#181818" points="708,125.8438,718,129.8438,708,133.8438,712,129.8438" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="714" y1="129.8438" y2="129.8438"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="125.4854">[01]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="125.4854">GET /resource</text><polygon fill="#181818" points="42,151.4844,32,155.4844,42,159.4844,38,155.4844" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="719" y1="155.4844" y2="155.4844"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="151.126">[02]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="151.126">401 Unauthorized; json body with Well-Known json Document</text><polygon fill="#181818" points="524,195.125,534,199.125,524,203.125,528,199.125" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="530" y1="199.125" y2="199.125"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="194.7666">[03]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="194.7666">GET /.well-known/oauth-authorization-server&#160;</text><polygon fill="#181818" points="42,220.7656,32,224.7656,42,228.7656,38,224.7656" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="535" y1="224.7656" y2="224.7656"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="220.4072">[04]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="220.4072">200 OK; json body with Well-Known json Document</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="264.4063" y2="264.4063"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="264.4063" y2="277.4063"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="277.4063" y2="277.4063"/><polygon fill="#181818" points="42,273.4063,32,277.4063,42,281.4063,38,277.4063" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="260.0479">[05]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="260.0479">generate DPoP keypair</text><polygon fill="#181818" points="524,299.0469,534,303.0469,524,307.0469,528,303.0469" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="530" y1="303.0469" y2="303.0469"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="298.6885">[06]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="298.6885">GET /nonce</text><polygon fill="#181818" points="42,324.6875,32,328.6875,42,332.6875,38,328.6875" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="535" y1="328.6875" y2="328.6875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="324.3291">[07]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="324.3291">return 200 OK new-nonce: nonce</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="389.25" y2="389.25"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="389.25" y2="402.25"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="402.25" y2="402.25"/><polygon fill="#181818" points="42,398.25,32,402.25,42,406.25,38,402.25" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="367.4307">[08]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="349.9697">create JWT with</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="361.6104">nonce</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="373.251">Client and OS Information</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="384.8916">DPoP Thumbprint</text><polygon fill="#181818" points="211,423.8906,221,427.8906,211,431.8906,215,427.8906" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="217" y1="427.8906" y2="427.8906"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="423.5322">[09]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="423.5322">externalAuthenticate JWT-hash</text><polygon fill="#181818" points="337,449.5313,347,453.5313,337,457.5313,341,453.5313" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="233" x2="343" y1="453.5313" y2="453.5313"/><text fill="#000000" font-family="Helvetica" font-size="10" x="240" y="449.1729">[10]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="264" y="449.1729">sign JWT-hash</text><polygon fill="#181818" points="244,475.1719,234,479.1719,244,483.1719,240,479.1719" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="238" x2="348" y1="479.1719" y2="479.1719"/><text fill="#000000" font-family="Helvetica" font-size="10" x="250" y="474.8135">[11]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="274" y="474.8135">JWT-Signature</text><polygon fill="#181818" points="42,500.8125,32,504.8125,42,508.8125,38,504.8125" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="36" x2="222" y1="504.8125" y2="504.8125"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="500.4541">[12]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="500.4541">JWT-signature</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="530.4531" y2="530.4531"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="530.4531" y2="543.4531"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="543.4531" y2="543.4531"/><polygon fill="#181818" points="42,539.4531,32,543.4531,42,547.4531,38,543.4531" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="526.0947">[13]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="526.0947">create SM-B signed JWT</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="569.0938" y2="569.0938"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="569.0938" y2="582.0938"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="582.0938" y2="582.0938"/><polygon fill="#181818" points="42,578.0938,32,582.0938,42,586.0938,38,582.0938" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="564.7354">[14]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="564.7354">create DPoP Proof</text><polygon fill="#181818" points="524,673.5781,534,677.5781,524,681.5781,528,677.5781" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="530" y1="677.5781" y2="677.5781"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="638.2979">[15]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="603.376">POST /token</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="615.0166">{SM-B signed JWT}</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="626.6572">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="626.6572">DPoP:&#160;eyJh...</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="638.2979">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="638.2979">grant_type=authorization_code</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="649.9385">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="649.9385">code=...</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="661.5791">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="661.5791">client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="673.2197">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="673.2197">client_assertion=eyJh....</text><path d="M273,690.5781 L273,711.5781 L536,711.5781 L536,700.5781 L526,690.5781 L273,690.5781 " fill="#FEFFDD" style="stroke:#181818;stroke-width:0.5;"/><path d="M526,690.5781 L526,700.5781 L536,700.5781 L526,690.5781 " fill="#FEFFDD" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="279" y="704.8604">RFC7523 (JWT Client Assertion), RFC9449 (DPoP)</text><line style="stroke:#181818;stroke-width:1.0;" x1="546" x2="588" y1="734.8594" y2="734.8594"/><line style="stroke:#181818;stroke-width:1.0;" x1="588" x2="588" y1="734.8594" y2="747.8594"/><line style="stroke:#181818;stroke-width:1.0;" x1="547" x2="588" y1="747.8594" y2="747.8594"/><polygon fill="#181818" points="557,743.8594,547,747.8594,557,751.8594,553,747.8594" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="553" y="730.501">[16]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="577" y="730.501">verify Client Assertion, DPoP</text><polygon fill="#181818" points="870,769.5,880,773.5,870,777.5,874,773.5" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="546" x2="876" y1="773.5" y2="773.5"/><text fill="#000000" font-family="Helvetica" font-size="10" x="553" y="769.1416">[17]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="577" y="769.1416">POST /v1/data/authz, json body {  "input": {...}}</text><polygon fill="#181818" points="557,795.1406,547,799.1406,557,803.1406,553,799.1406" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="551" x2="881" y1="799.1406" y2="799.1406"/><text fill="#000000" font-family="Helvetica" font-size="10" x="563" y="794.7822">[18]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="587" y="794.7822">200 OK, json body {"result": {"allow": true, ...}}</text><line style="stroke:#181818;stroke-width:1.0;" x1="546" x2="588" y1="824.7813" y2="824.7813"/><line style="stroke:#181818;stroke-width:1.0;" x1="588" x2="588" y1="824.7813" y2="837.7813"/><line style="stroke:#181818;stroke-width:1.0;" x1="547" x2="588" y1="837.7813" y2="837.7813"/><polygon fill="#181818" points="557,833.7813,547,837.7813,557,841.7813,553,837.7813" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="553" y="820.4229">[19]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="577" y="820.4229">issue tokens</text><polygon fill="#181818" points="42,859.4219,32,863.4219,42,867.4219,38,863.4219" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="36" x2="535" y1="863.4219" y2="863.4219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="859.0635">[20]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="859.0635">200 OK, access token, refresh token, bound to DPoP</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="889.0625" y2="889.0625"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="889.0625" y2="902.0625"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="902.0625" y2="902.0625"/><polygon fill="#181818" points="42,898.0625,32,902.0625,42,906.0625,38,902.0625" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="884.7041">[21]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="884.7041">Create DPoP Proof for RS</text><polygon fill="#181818" points="708,923.7031,718,927.7031,708,931.7031,712,927.7031" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="714" y1="927.7031" y2="927.7031"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="923.3447">[22]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="923.3447">GET /resource (access token, DPoP)</text><line style="stroke:#181818;stroke-width:1.0;" x1="730" x2="772" y1="964.9844" y2="964.9844"/><line style="stroke:#181818;stroke-width:1.0;" x1="772" x2="772" y1="964.9844" y2="977.9844"/><line style="stroke:#181818;stroke-width:1.0;" x1="731" x2="772" y1="977.9844" y2="977.9844"/><polygon fill="#181818" points="741,973.9844,731,977.9844,741,981.9844,737,977.9844" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="737" y="954.8057">[23]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="948.9854">verify access token and</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="960.626">DPoP Binding</text><polygon fill="#181818" points="950.5,1011.2656,960.5,1015.2656,950.5,1019.2656,954.5,1015.2656" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="730" x2="956.5" y1="1015.2656" y2="1015.2656"/><text fill="#000000" font-family="Helvetica" font-size="10" x="737" y="1005.0869">[24]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="999.2666">forward GET /resource</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="1010.9072">(access token, DPoP)</text><line style="stroke:#181818;stroke-width:1.0;" x1="972.5" x2="1014.5" y1="1040.9063" y2="1040.9063"/><line style="stroke:#181818;stroke-width:1.0;" x1="1014.5" x2="1014.5" y1="1040.9063" y2="1053.9063"/><line style="stroke:#181818;stroke-width:1.0;" x1="973.5" x2="1014.5" y1="1053.9063" y2="1053.9063"/><polygon fill="#181818" points="983.5,1049.9063,973.5,1053.9063,983.5,1057.9063,979.5,1053.9063" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="979.5" y="1036.5479">[25]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="1003.5" y="1036.5479">provide resource access</text><polygon fill="#181818" points="741,1075.5469,731,1079.5469,741,1083.5469,737,1079.5469" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="735" x2="961.5" y1="1079.5469" y2="1079.5469"/><text fill="#000000" font-family="Helvetica" font-size="10" x="747" y="1075.1885">[26]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="771" y="1075.1885">200 OK, resource</text><polygon fill="#181818" points="42,1101.1875,32,1105.1875,42,1109.1875,38,1105.1875" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="36" x2="719" y1="1105.1875" y2="1105.1875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="1100.8291">[27]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="1100.8291">200 OK, resource</text><!--SRC=[ZLNRRkCs47tNLqorBrd0SfmqHR4gKY2siqascxLWkGZQfWXeQsmnbac3ekmuGVvblsM_h4DIikLBYlh5adZcpE7Xp90LMefYDaG5_j-jrZ- -bq-vc3F5Pf3Wc1MP_Yo5ZlaBmadhyE8tDaEunco1cezO3TDrc3ifP3vd8qpMw8ui54TLmsOe9ZgzI9wAN8EG0ZtlfxbYana3ZV85j2he4s4f1vypeQ6JSHJQ6yfdyBzUtlZmuIgLkRvFkKOFw5S7tqeXSAgbsbk9xzh0Sl3Zkw3jUoWI84RFqRPHA-Ha3f4FBZlNttfVUrT_MWgx_jU0L91W2uYPI5Pj9PV20dRpN1GwZMscw39w4EPLAlx2D9S2ObGBGt8myZgoOQdMSuYKV5xv1s5Hr-7etm5eBsOhbTh13PmsMz0bryZY3rscfZ6oAuLuM73VgUrZJeSrmafZdNhj5Xjflc0QgqDX6MNOd8Jx2i7lj9SGhYu7SAnAMhk-3h-Ex3ljE22m2mlXh7K2VmXMEeR9R_2Kasb3cQnWoNKAzvXbmQqWwzrALuwAcT5Xo1AiqsEM8-o8iaTJwcek3TVKS1rBap9WzPCASkl2Z-_RkYs3_UIEkQx-jDM2tkt_rqocUjv6N4KpGO7AvEf6Ce8fhkQCA-_m9gX_oDbzAGfreKIf20Gk0uiCmGNi9nqfD2c_t0-iw0S13ceUIZHLFVHYk15ZgMRM8xDeHGvIcYnpnMbJ6-fr9uQ0pzGvWcL6AAtIy72vWfJbwQQcDhsxVZ94rBWXv7mY3eJGccSQUpkVmSKKmCW5z6frOU1RtDN-JKH-A6AZwNtNp4In0Z4nHEy3hLdKsNAyVvvHBwO3rNAArjVN7T8tyz7t3GFvkVgIDfjDttSV9uhQ-56lvdY-LSEF8vbW1JBFvxMWaHNmo78gT0ksyLGr8KSz3ksmpaFR6Q731cjiOB3Xqr87GsIAPiKxdEUbK4hg2Ka6P3ZM8CVhDkf_xlpwo-dFS6GAhxJaeeh-s33hdyxEFi6HsVT7EuOCZrUL_DezQbK-NkrHDApb6pIDpChfnSbnmZGxDXjyQTIQzfLsGfTLeVqGNadxsnjuPkG6csokhxQ2V9fpT0MQ69zbcLpIaxdA6c0fzWJpF2yGx77dcyNjKTAWkJF2F7Um1dNrcBAarUjG5kI7bcwFjPfrxkvNOMUt2e5QcSP_lRJtvZOSROjm9r6Vj6Q8ky3o5Ee1Pcmy29kopKN2nQJ4zya4IhzaAjbE-23-EoFfxSSLmrp91KyGrcfTQ8amcYehr_TGpIYYSc9sVJy4levsGcjlvMtuBm00]--></g></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="1196px" preserveAspectRatio="none" style="width:1052px;height:1196px;background:#FFFFFF;" version="1.1" viewBox="0 0 1052 1196" width="1052px" zoomAndPan="magnify"><defs/><g><rect fill="#F8F8FF" height="1184.75" style="stroke:#181818;stroke-width:0.5;" width="193" x="185.5" y="6"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="274.5" y="15.2822">LEI</text><rect fill="#C9FFC9" height="1184.75" style="stroke:#181818;stroke-width:0.5;" width="539" x="480" y="6"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="723" y="15.2822">Betreiber</text><rect fill="#F4A460" height="1168.1094" style="stroke:#181818;stroke-width:0.5;" width="424" x="480" y="22.6406"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="663.5" y="31.9229">ZT Cluster</text><rect fill="#8FBC8F" height="1168.1094" style="stroke:#181818;stroke-width:0.5;" width="103" x="916" y="22.6406"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="931" y="31.9229">TI 2.0 Dienst</text><rect fill="#FFFFFF" height="144.2031" style="stroke:#FFFFFF;stroke-width:1.0;" width="764" x="10" y="88.5625"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="26" x2="26" y1="76.5625" y2="1146.4688"/><rect fill="#FFFFFF" height="1043.9063" style="stroke:#181818;stroke-width:1.0;" width="10" x="21" y="84.5625"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="228" x2="228" y1="76.5625" y2="1146.4688"/><rect fill="#FFFFFF" height="76.9219" style="stroke:#181818;stroke-width:1.0;" width="10" x="223" y="427.8906"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="354" x2="354" y1="76.5625" y2="1146.4688"/><rect fill="#FFFFFF" height="25.6406" style="stroke:#181818;stroke-width:1.0;" width="10" x="349" y="453.5313"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="541" x2="541" y1="76.5625" y2="1146.4688"/><rect fill="#FFFFFF" height="560.375" style="stroke:#181818;stroke-width:1.0;" width="10" x="536" y="303.0469"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="725" x2="725" y1="76.5625" y2="1146.4688"/><rect fill="#FFFFFF" height="25.6406" style="stroke:#181818;stroke-width:1.0;" width="10" x="720" y="129.8438"/><rect fill="#FFFFFF" height="25.6406" style="stroke:#181818;stroke-width:1.0;" width="10" x="720" y="199.125"/><rect fill="#FFFFFF" height="200.7656" style="stroke:#181818;stroke-width:1.0;" width="10" x="720" y="927.7031"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="882" x2="882" y1="76.5625" y2="1146.4688"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="967.5" x2="967.5" y1="76.5625" y2="1146.4688"/><rect fill="#FFFFFF" height="87.5625" style="stroke:#181818;stroke-width:1.0;" width="10" x="962.5" y="1015.2656"/><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="42" x="5" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="12" y="66.2041">Client</text><rect fill="#E2E2F0" height="37.2813" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="189.5" y="38.2813"/><text fill="#000000" font-family="Helvetica" font-size="10" x="196.5" y="54.5635">Konnektor or</text><text fill="#000000" font-family="Helvetica" font-size="10" x="200" y="66.2041">TI-Gateway</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="41" x="333.5" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="340.5" y="66.2041">SM-B</text><rect fill="#E2E2F0" height="37.2813" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="114" x="484" y="38.2813"/><text fill="#000000" font-family="Helvetica" font-size="10" x="530.5" y="54.5635">PEP</text><text fill="#000000" font-family="Helvetica" font-size="10" x="491" y="66.2041">Authorization Server</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="66" x="692" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="699" y="66.2041">http Proxy</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="36" x="864" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="871" y="66.2041">PDP</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="95" x="920" y="49.9219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="927" y="66.2041">Resource Server</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="42" x="5" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="12" y="1162.751">Client</text><rect fill="#E2E2F0" height="37.2813" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="77" x="189.5" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="196.5" y="1162.751">Konnektor or</text><text fill="#000000" font-family="Helvetica" font-size="10" x="200" y="1174.3916">TI-Gateway</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="41" x="333.5" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="340.5" y="1162.751">SM-B</text><rect fill="#E2E2F0" height="37.2813" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="114" x="484" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="530.5" y="1162.751">PEP</text><text fill="#000000" font-family="Helvetica" font-size="10" x="491" y="1174.3916">Authorization Server</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="66" x="692" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="699" y="1162.751">http Proxy</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="36" x="864" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="871" y="1162.751">PDP</text><rect fill="#E2E2F0" height="25.6406" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="95" x="920" y="1146.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="927" y="1162.751">Resource Server</text><path d="M10,88.5625 L70,88.5625 L70,92.2031 L60,102.2031 L10,102.2031 L10,88.5625 " fill="#EEEEEE" style="stroke:#000000;stroke-width:1.5;"/><rect fill="none" height="144.2031" style="stroke:#000000;stroke-width:1.5;" width="764" x="10" y="88.5625"/><text fill="#000000" font-family="Helvetica" font-size="10" font-weight="bold" x="25" y="98.8447">alt</text><line style="stroke:#000000;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="10" x2="774" y1="174.4844" y2="174.4844"/><polygon fill="#181818" points="708,125.8438,718,129.8438,708,133.8438,712,129.8438" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="714" y1="129.8438" y2="129.8438"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="125.4854">[01]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="125.4854">GET /resource</text><polygon fill="#181818" points="42,151.4844,32,155.4844,42,159.4844,38,155.4844" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="719" y1="155.4844" y2="155.4844"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="151.126">[02]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="151.126">401 Unauthorized; json body with Well-Known json Document (RFC8414)</text><polygon fill="#181818" points="708,195.125,718,199.125,708,203.125,712,199.125" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="714" y1="199.125" y2="199.125"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="194.7666">[03]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="194.7666">GET /.well-known/oauth-authorization-server&#160;</text><polygon fill="#181818" points="42,220.7656,32,224.7656,42,228.7656,38,224.7656" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="719" y1="224.7656" y2="224.7656"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="220.4072">[04]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="220.4072">200 OK; json body with Well-Known json Document (RFC8414)</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="264.4063" y2="264.4063"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="264.4063" y2="277.4063"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="277.4063" y2="277.4063"/><polygon fill="#181818" points="42,273.4063,32,277.4063,42,281.4063,38,277.4063" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="260.0479">[05]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="260.0479">generate DPoP keypair</text><polygon fill="#181818" points="524,299.0469,534,303.0469,524,307.0469,528,303.0469" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="530" y1="303.0469" y2="303.0469"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="298.6885">[06]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="298.6885">GET /nonce</text><polygon fill="#181818" points="42,324.6875,32,328.6875,42,332.6875,38,328.6875" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="535" y1="328.6875" y2="328.6875"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="324.3291">[07]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="324.3291">return 200 OK new-nonce: nonce</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="389.25" y2="389.25"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="389.25" y2="402.25"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="402.25" y2="402.25"/><polygon fill="#181818" points="42,398.25,32,402.25,42,406.25,38,402.25" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="367.4307">[08]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="349.9697">create JWT with</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="361.6104">nonce</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="373.251">Client and OS Information</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="384.8916">DPoP Thumbprint</text><polygon fill="#181818" points="211,423.8906,221,427.8906,211,431.8906,215,427.8906" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="217" y1="427.8906" y2="427.8906"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="423.5322">[09]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="423.5322">externalAuthenticate JWT-hash</text><polygon fill="#181818" points="337,449.5313,347,453.5313,337,457.5313,341,453.5313" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="233" x2="343" y1="453.5313" y2="453.5313"/><text fill="#000000" font-family="Helvetica" font-size="10" x="240" y="449.1729">[10]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="264" y="449.1729">sign JWT-hash</text><polygon fill="#181818" points="244,475.1719,234,479.1719,244,483.1719,240,479.1719" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="238" x2="348" y1="479.1719" y2="479.1719"/><text fill="#000000" font-family="Helvetica" font-size="10" x="250" y="474.8135">[11]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="274" y="474.8135">JWT-Signature</text><polygon fill="#181818" points="42,500.8125,32,504.8125,42,508.8125,38,504.8125" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="36" x2="222" y1="504.8125" y2="504.8125"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="500.4541">[12]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="500.4541">JWT-signature</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="530.4531" y2="530.4531"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="530.4531" y2="543.4531"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="543.4531" y2="543.4531"/><polygon fill="#181818" points="42,539.4531,32,543.4531,42,547.4531,38,543.4531" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="526.0947">[13]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="526.0947">create SM-B signed JWT</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="569.0938" y2="569.0938"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="569.0938" y2="582.0938"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="582.0938" y2="582.0938"/><polygon fill="#181818" points="42,578.0938,32,582.0938,42,586.0938,38,582.0938" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="564.7354">[14]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="564.7354">create DPoP Proof</text><polygon fill="#181818" points="524,673.5781,534,677.5781,524,681.5781,528,677.5781" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="530" y1="677.5781" y2="677.5781"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="638.2979">[15]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="603.376">POST /token</text><text fill="#000000" font-family="Helvetica" font-size="10" x="68" y="615.0166">{SM-B signed JWT}</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="626.6572">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="626.6572">DPoP:&#160;eyJh...</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="638.2979">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="638.2979">grant_type=authorization_code</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="649.9385">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="649.9385">code=...</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="661.5791">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="661.5791">client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="673.2197">&#160;&#160;</text><text fill="#000000" font-family="Courier" font-size="10" x="68" y="673.2197">client_assertion=eyJh....</text><path d="M273,690.5781 L273,711.5781 L536,711.5781 L536,700.5781 L526,690.5781 L273,690.5781 " fill="#FEFFDD" style="stroke:#181818;stroke-width:0.5;"/><path d="M526,690.5781 L526,700.5781 L536,700.5781 L526,690.5781 " fill="#FEFFDD" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="279" y="704.8604">RFC7523 (JWT Client Assertion), RFC9449 (DPoP)</text><line style="stroke:#181818;stroke-width:1.0;" x1="546" x2="588" y1="734.8594" y2="734.8594"/><line style="stroke:#181818;stroke-width:1.0;" x1="588" x2="588" y1="734.8594" y2="747.8594"/><line style="stroke:#181818;stroke-width:1.0;" x1="547" x2="588" y1="747.8594" y2="747.8594"/><polygon fill="#181818" points="557,743.8594,547,747.8594,557,751.8594,553,747.8594" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="553" y="730.501">[16]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="577" y="730.501">verify Client Assertion, DPoP</text><polygon fill="#181818" points="870,769.5,880,773.5,870,777.5,874,773.5" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="546" x2="876" y1="773.5" y2="773.5"/><text fill="#000000" font-family="Helvetica" font-size="10" x="553" y="769.1416">[17]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="577" y="769.1416">POST /v1/data/authz, json body {  "input": {...}}</text><polygon fill="#181818" points="557,795.1406,547,799.1406,557,803.1406,553,799.1406" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="551" x2="881" y1="799.1406" y2="799.1406"/><text fill="#000000" font-family="Helvetica" font-size="10" x="563" y="794.7822">[18]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="587" y="794.7822">200 OK, json body {"result": {"allow": true, ...}}</text><line style="stroke:#181818;stroke-width:1.0;" x1="546" x2="588" y1="824.7813" y2="824.7813"/><line style="stroke:#181818;stroke-width:1.0;" x1="588" x2="588" y1="824.7813" y2="837.7813"/><line style="stroke:#181818;stroke-width:1.0;" x1="547" x2="588" y1="837.7813" y2="837.7813"/><polygon fill="#181818" points="557,833.7813,547,837.7813,557,841.7813,553,837.7813" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="553" y="820.4229">[19]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="577" y="820.4229">issue tokens</text><polygon fill="#181818" points="42,859.4219,32,863.4219,42,867.4219,38,863.4219" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="535" y1="863.4219" y2="863.4219"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="859.0635">[20]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="859.0635">200 OK, access token, refresh token, bound to DPoP</text><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="73" y1="889.0625" y2="889.0625"/><line style="stroke:#181818;stroke-width:1.0;" x1="73" x2="73" y1="889.0625" y2="902.0625"/><line style="stroke:#181818;stroke-width:1.0;" x1="32" x2="73" y1="902.0625" y2="902.0625"/><polygon fill="#181818" points="42,898.0625,32,902.0625,42,906.0625,38,902.0625" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="884.7041">[21]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="884.7041">Create DPoP Proof for RS</text><polygon fill="#181818" points="708,923.7031,718,927.7031,708,931.7031,712,927.7031" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="31" x2="714" y1="927.7031" y2="927.7031"/><text fill="#000000" font-family="Helvetica" font-size="10" x="38" y="923.3447">[22]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="62" y="923.3447">GET /resource (access token, DPoP)</text><line style="stroke:#181818;stroke-width:1.0;" x1="730" x2="772" y1="964.9844" y2="964.9844"/><line style="stroke:#181818;stroke-width:1.0;" x1="772" x2="772" y1="964.9844" y2="977.9844"/><line style="stroke:#181818;stroke-width:1.0;" x1="731" x2="772" y1="977.9844" y2="977.9844"/><polygon fill="#181818" points="741,973.9844,731,977.9844,741,981.9844,737,977.9844" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="737" y="954.8057">[23]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="948.9854">verify access token and</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="960.626">DPoP Binding</text><polygon fill="#181818" points="950.5,1011.2656,960.5,1015.2656,950.5,1019.2656,954.5,1015.2656" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="730" x2="956.5" y1="1015.2656" y2="1015.2656"/><text fill="#000000" font-family="Helvetica" font-size="10" x="737" y="1005.0869">[24]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="999.2666">forward GET /resource</text><text fill="#000000" font-family="Helvetica" font-size="10" x="761" y="1010.9072">(access token, DPoP)</text><line style="stroke:#181818;stroke-width:1.0;" x1="972.5" x2="1014.5" y1="1064.1875" y2="1064.1875"/><line style="stroke:#181818;stroke-width:1.0;" x1="1014.5" x2="1014.5" y1="1064.1875" y2="1077.1875"/><line style="stroke:#181818;stroke-width:1.0;" x1="973.5" x2="1014.5" y1="1077.1875" y2="1077.1875"/><polygon fill="#181818" points="983.5,1073.1875,973.5,1077.1875,983.5,1081.1875,979.5,1077.1875" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="Helvetica" font-size="10" x="979.5" y="1048.1885">[25]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="1003.5" y="1036.5479">provide</text><text fill="#000000" font-family="Helvetica" font-size="10" x="1003.5" y="1048.1885">resource</text><text fill="#000000" font-family="Helvetica" font-size="10" x="1003.5" y="1059.8291">access</text><polygon fill="#181818" points="741,1098.8281,731,1102.8281,741,1106.8281,737,1102.8281" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="735" x2="961.5" y1="1102.8281" y2="1102.8281"/><text fill="#000000" font-family="Helvetica" font-size="10" x="747" y="1098.4697">[26]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="771" y="1098.4697">200 OK, resource</text><polygon fill="#181818" points="42,1124.4688,32,1128.4688,42,1132.4688,38,1128.4688" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="36" x2="719" y1="1128.4688" y2="1128.4688"/><text fill="#000000" font-family="Helvetica" font-size="10" x="48" y="1124.1104">[27]</text><text fill="#000000" font-family="Helvetica" font-size="10" x="72" y="1124.1104">200 OK, resource</text><!--SRC=[hLLTR-f647tthvZwlYGI9YHDrNjTfLA0t2GtDnU4gQAsLD621xp1xABr6aAY_9VxM_hBEhjhW_b8rOVc9TXxpioPipDZbcifyjaG5VX_DXf_-LusvMBE59j1Z6EMf_gp53hYBmYdZSE7tzWCuGRJ1Me-OXLCss7kfP3Pd8qmNgDRCbSSLGMRefZev39-oZCDGWhql1_cYarc33JA5z0gfrU4fHnypeI6LifHQ6yedy7_UdNhmuVhH6Rw8U4QFQ2_AlXE2e5JBHMm3FpDarG3qRyDhfd69LlvUxpelcaPqNtGz3qKCL0-poLjebR8oJfAtRzgtNphVErS_sv3sFC_-gIHoh60Y8burLHoAInWDyzbhfF8PkfUTGV2F4h5NvZcKa24Qc6276JUT2qjqNeENIMVYo9sOTssmz5_1w1QJ2cbslujdDKRq2PFwG8-j9cQHiYk5U9XmJsdjeSPNUK8IutLq6kts4Zp1JbSNXbBASFcdjnR27wbMaAulkh3YIh2slCr_QPhdwdYWC2E5i9vunH-4wnm3EDVu2aZquOoNi6IwmGUC4s3Eq7MkvEs7EKpa_6ezxdryVpq_DY6ZR6Q2DCCuJrvzQK9EJKXJwJ97B3gXGMPDUFlx_z5_bcZ0Psx_qcqY3rlexTCCK61oa3QNTc5AQxcZAiApZPVKHgD7jc-3cgFFDUTLTKATQv48Hu4BWDB3C7nzpMC59fuNnxwjhw100SrFmeqJGXq8hWLOwbcraXpQ3Nt4zfHSyMfUJQXrrCS0ZxJb0cM6g5qIcl8vGeIbYMRQjOCRxC1A10DUGWPduW353hpp1BOpcTm4H4OkO1UvH8CV2jsMRzXP8SO6qtlksQsZnM8iGdqFj2QHLj0ZlUljzk9w7wrdABrzNKdw9jvwVic0lcv-fBKwtNVToydYaR-KQ_cUB7Lw8yZ6MC9ChylAgIH5V38Cfe62xPywfgGenw7TkrdeHsVq663DJOmsF1fgOCXCaLxvPsO5uLGIke9IGQaEDOWnqNV0j2m_FpJsOzmP1gliEIoP1_NpFcdy_DFS6JgFhOhoyJnofPVkqVppCUhlH0rQ_a6JUkrT7fnUX8ppKvCWI-rodo_KYNqsSkr7y8hQNzx0y-ivs2JpStL5icddKWVKyFnMPhA9Vqo7yKQs11xWdcMvGZskhC30rncOACHPfd3rMYinvGcAH-7CYT3j7H5LfhMsRlVXgtTDWIQPVfML7jxRyd3qRO8TnNLlMPMfYCMrr0bcBqn43PbaukOYqc1xv4Bb7x9LBoTS23-FIFfxKLbXBcI2nuJPyDsP8ifP9LkhhzR5Qyesi6LVnXzqztXLfwAp-S_]--></g></svg>
\ No newline at end of file