Configure one or more Identity Providers and Resource Authorization Servers, then run a new flow to exchange an identity assertion for an ID-JAG, trade the ID-JAG for an access token, and hit a protected API — with every request and response shown step by step.