Hi @htnc ,
Typically we would refer the the “Client” as the medium a user interacts with. For example, a web browser. The “resource server” would the back-end with protected routes/information. The client will usually receive an access/ID token, and send it to the resource server as a header in the request that is sent.
If you’re simply using the access token to decide what routes the user is able to navigate to, you could consider the client to be the browser, and I’d probably consider the webserver the app runs on to be the resource server