GH-17: Add "Access token" section in docs

Author: ArtyomVancyan

docs/references/tutorials.md

@@ -28,6 +28,35 @@ generated the client ID and secret to configure your `OAuth2Middleware` with at
 Once the authentication is successful, the user will be redirected to the `redirect_uri` and the `request.user` will
 contain the user information obtained from the IDP.
 
+## Access token
+
+When the user is authenticated, the `request.user` will contain the user information obtained from the IDP and
+the `request.auth` will contain the authentication related information including the access token issued by the IDP. It
+can be used to perform authorized requests to the IDP's API endpoints. Just make sure the token is issued with the
+scopes required for the API endpoint.
+
+::: details `request.auth.provider.access_token`
+
+```mermaid
+flowchart TB
+  subgraph level2["request (Starlette's Request object)"]
+    direction TB
+    subgraph level1["auth (Starlette's extended Auth Credentials)"]
+        direction TB
+        subgraph level0["provider (OAuth2 provider with client's credentials)"]
+            direction TB
+            token["access_token (Access token for the specified scopes)"]
+        end
+    end
+  end
+  style level2 fill:#00948680,color:#f6f6f7,stroke:#3c3c43;
+  style level1 fill:#2b75a080,color:#f6f6f7,stroke:#3c3c43;
+  style level0 fill:#5c837480,color:#f6f6f7,stroke:#3c3c43;
+  style token fill:#44506980,color:#f6f6f7,stroke:#3c3c43;
+```
+
+:::
+
 ## Claims mapping
 
 The `Claims` class includes permanent attributes like `display_name`, `identity`, `picture`, and `email`. It also allows
@@ -105,7 +134,7 @@ calculating the `identity` attribute.
 :::
 
 <style>
-.info {
+.info, .details {
   border: 0;
 }
 </style>