In this section, we step back from the core OAuth protocol and look at the world of extensions, profiles, and complementary components that are built around that solid core. These include token formats, token management, client registration, user authentication, vertical-specific profiling, and proof of possession tokens. If you want to learn a bit about OpenID Connect, UMA, or PoP, this is where we get into it. Each of these particular topics could probably be a book unto themselves, but we’re hoping to give you enough information to get you started.