I really appreciate how simple you’ve tried to make this, how careful you’ve been with your words. And yet… it’s still not clear to me, and the problem boils down to the question of what is an API?
Your first diagram that illustrates the scenario for using an id token shows a browser and a “web application”. What if the architecture of the application is browser-centric, whereby all rendering is performed browser-side, using results from API calls? This is a common architecture, right? I don’t understand why, in this case, I should use access tokens to call the API, but if I had a more traditional (old-fashioned) app architecture, where the browser-to-server communication is not adorned with the formality of RESTfulness but instead just does GETs and POSTs in more raw style, identity tokens are the right solution.