 Do you know what an access token is used for? When an application wants to access resources that's managed by another application's API, for example, when LinkedIn wants to access your Gmail contacts, an access token is needed. Access tokens allow one application access to another application's API to get or modify data. The access token says that it's okay for one application to have access to the user's data and another application's API. An access token also has information about what the application that is getting access is allowed to do on behalf of the user. That is called scope. Scopes are a way to limit what the application can do on behalf of the user. For example, if LinkedIn wants to try and send emails from your Gmail account, it won't be allowed because the access token has only been scoped to allow access to contacts. And this has been identity in a minute.