diff --git a/OAuth2.md b/OAuth2.md
index 80d2233..8318433 100644
--- a/OAuth2.md
+++ b/OAuth2.md
@@ -8,10 +8,10 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
### OAuth2 Standar Flow:
-1. **User clicks** "Login with Google" on your platform `xorismesiti.gr`
-2. **Authorization Request**: Redirect to Google's authorization endpoint `accounts.google.com/o/oauth2`
+1. **User** clicks button "Login with Google" on your platform `xorismesiti.gr`
+2. **Authorization Request**: Button redirects user to Google's authorization endpoint `accounts.google.com/o/oauth2`
3. **User Login and Consent**: User login to Google and grants permissions.
-4. **Authorization Code Response**: Google redirects back to your app `xorismesiti.gr/callback` with an authorization `code`.
+4. **Authorization Code Response**: Google redirects user back to your app `xorismesiti.gr/callback` with an authorization `code`.
5. **Access Token Request**: App exchanges the authorization `code` for an `access_token`.
6. **Access Protected Resources**: App uses the `access_token` to fetch the user's Google profile and email from `googleapis.com/oauth2`
7. **Token Refresh** (Optional): If the `access_token` expires, app uses the `refresh token` to get a new `access_token`.
@@ -19,15 +19,15 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
### OAuth2 Frontend/`Backend Flow:
**Frontend**
-1. **Redirect** the user to Google's OAuth authorization endpoint.
-2. **Get** the authorization `code` after Google redirects back to the frontend.
+1. **Redirect** the user to Google's OAuth authorization endpoint `accounts.google.com/o/oauth2`
+2. **Get** the authorization `code` after Google redirects back to the frontend `xorismesiti.gr/callback`
3. **Send** the authorization `code` to the backend for `token` exchange.
**Backend**
1. **exchange** the authorization `code` for an `access_token` and `refresh token`
-2. **fetch** user profile data from Google (or other resources) using the `access_token`
-3. **Store** the `tokens` securely (in session or a database).
-4. **Refresh** the `access_token` if it expires.
+2. **fetch** user profile data from from `googleapis.com/oauth2` using the `access_token`
+3. **Store** the `tokens` securely in session (front) or a database (back)
+4. **Refresh** the `access_token` if it expires