diff --git a/OAuth2-Front-Approach.md b/OAuth2-Front-Approach.md
index f0fcf3a..59df3dd 100644
--- a/OAuth2-Front-Approach.md
+++ b/OAuth2-Front-Approach.md
@@ -174,8 +174,8 @@ export default Callback;
 
 1. The Backend **receives** the authorization `code` form the Frontend POST at `xorismesiti.gr/api/auth/exchange-token`
 2. The Backend **POST** the Authorization `code` to Google API
-3. The Google **response** to Backend POST with the tokens
-4. The Backend **response** to Frontend POST with the the tokens
+3. The Google **response** to Backend POST with the `token`
+4. The Backend **response** to Frontend POST with the the `token`
 
 *Security: The backend never expose the client_secret to the frontend. This step should always be handled on the backend.*