...
Your website sends a https post request to the OIDC authentication portal using your client key/secret (this will navigate your user away from your website). Part of the request will be your callback url
Some stuff happens on the other site – usually the user will log in and then do some 2FA stuff – you don’t need to worry about it, as we trust the OIDC portal!
The portal will redirect to your callback url with an auth token – you can store this info and use parts of it to refresh itself. Honestly this bit gets a bit hairy, so if possible you should probably just use a library.
...