In the OAuth authorization flows, the following are the OAuth 2 defined participants:
Resource Owner: a user who owns the resource.
Resource Server: a server that provides APIs to access user data and perform user functions.
Authorization Server: a server that protects the resource server APIs.
Here, the authorization server is NetIQ Access Manager.
Client: an application that requires to access the protected data on the resource server.
The simplified interaction between these participants is illustrated in the following figure: