diff --git a/OAuth2-Backend-Approach.md b/OAuth2-Backend-Approach.md
index 51cff79..7c6e150 100644
--- a/OAuth2-Backend-Approach.md
+++ b/OAuth2-Backend-Approach.md
@@ -1,6 +1,6 @@
### OAuth2 purpose
-A way for the `user` to tell `google` to give an access token to `xorismesiti.gr` app
+A way for the `user` to tell `google` to give an access to `xorismesiti.gr` app
@@ -8,9 +8,9 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
| When | What | How |
|-------|--------------------------|:------------------------------------------------:|
-| 1 | Get Code | Front ⇢ Google ⇢ Front |
-| 2 | Exchange Code with Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front |
-| 4 | Use Token | Front ⇢ Google ⇢ Front |
+| 1 | Get Code | Front ⇢ Google ⇢ Front |
+| 2 | Exchange Code with Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front |
+| 4 | Use Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front |
@@ -27,11 +27,15 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
1. Frontend **POST** the authorization `code` to the Backend
2. Backend **POST** the authorization `code` to Google
3. Google **response** to Backend with an `access_token` and a `refresh token`
- 4. Backend **response** to Frontend with an `access_token`
+ 4. Backend **response** to Frontend with the `access_token` in a **cookie**
3. Use Token
- 1. Frontend **Use** `access_token` to get user data from Google
+ 1. Frontend **GET** profile data from Backend using the **cookie**
+ 2. Backend **GET** profile data from Google using the `access_token` from Frontend **cookie**
+ 3. Google **response** to Backend with profile data
+ 4. Backend **response** to Frontend with profile data
+ 5. Frontend render profile data