To set the scene, a mobile phone application wants access to protected information (or an API) about you that you manage on a third party website (the OAuth service provider). You wish to grant the mobile application read-only access to that data without giving the application your username and password for the third-party website (or any other form of your authentication credentials). Instead the application obtains (via an OAuth authorization code flow) a delegated, scoped credential called an access token which it can use to perform only read operations.
For more OAuth demonstrations with Tivoli Federated Identity Manager read this blog post and visit the TFIM Demonstration Site. If you have any questions about this demonstration or other Tivoli Federated Identity Manager capabilities, please contact me