Application Layer (Top – Logical / Functional) This layer expresses identity responsibilities and trust relationships: • Auth0 (Application Component) Acts as the Authorization Server / Identity Provider, issuing JWTs based on credentials and API access. • APIs / Credentials / Application Represent: o Applications requesting tokens o Credentials used for OAuth2 client authentication o Applications consuming protected APIs This layer answers: Who issues identity, and who consumes it?