Here is a somewhat easy-to-understand explanation of the hard-to-understand OAuth and OpenID Connect standards — and they come with HTTP call examples. I found them from a playlist on the YouTube channel named Oracle Learning.
Flows are the interaction between the participants in the OAuth standard or the OpenId Connect standard.
Grant Types are ways for a client application to acquire an access token.
Each grant type has its own Flow to acquire an access token. And these flows involve the interaction of public or confidential clients.
OAuth defines two types of clients: Confidential Client and Public Client.
There are two distinct ways in which the clients communicate with the authorization server: via the Front Channel and via the Back Channel.
An Illustrated Guide to OAuth and OpenID Connect by David Neal from Okta
OpenID Connect explained from Connect2id
public-key cryptography for non-geeks by Vrypan
What happens during a TLS handshake? from CloudFlare