Via OIDC, clients can confirm the identity of an end user using authentication by an authorization server.
The access token issued by the authorization server can be used to make requests to a resource server (e.g. KGS Core of tia). The resource server ensures that the token received is valid for the requested resource.