This document provides an overview of OAuth and OpenID Connect specifications and grant types. It begins with introductions and defining key terms like tokens, scopes, and claims. It then explains the four main grant types - Authorization Code Flow, Implicit Flow, Resource Owner Password Flow, and Client Credentials Flow. The document notes extensions and recommends the Authorization Code Flow with PKCE for most use cases. It discusses related specifications around JSON Web Tokens, introspection, and revocation. It closes by emphasizing the need to understand which combination of specifications are required for a given implementation.