From 31b0d0770c3746eac0e9953f486cf3b8f392284e Mon Sep 17 00:00:00 2001
From: "Robert St. John" <restjohn@users.noreply.github.com>
Date: Tue, 20 Feb 2024 21:06:36 -0700
Subject: [PATCH] add doc with notes on oauth setup

---
 docs/admin.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 docs/admin.md

diff --git a/docs/admin.md b/docs/admin.md
new file mode 100644
index 000000000..8ab83f842
--- /dev/null
+++ b/docs/admin.md
@@ -0,0 +1,20 @@
+# Identity Providers
+
+## OAuth 2.0
+
+Here is an example of using Google's OAuth 2.0 [endpoints](https://developers.google.com/identity/gsi/web/guides/overview) to authenticate MAGE
+users.  This setup is very similar to Google OpenID Connect authentication.
+
+Obtain your _Client Identifier_ and _Client Secret_ from Google's [API Console](https://console.cloud.google.com/apis/credentials/oauthclient).
+Additionally on that page, ensure you register the correct callback URL, e.g., `https://mage.example.com/auth/oauth/callback`
+
+On the MAGE Admin page, click the  _Settings_ tab.
+
+_Authorization URL_ - `https://accounts.google.com/o/oauth2/v2/auth`
+_Token URL_ - `https://oauth2.googleapis.com/token`
+_User Profile URL_ - `https://www.googleapis.com/oauth2/v3/userinfo`
+_Scopes_ - `profile,email,openid`
+
+Click the _Advanced_ section header to expand the advanced settings panel.
+_Profile ID Property_ - `sub`
+_Display Name Property_ - `name`
\ No newline at end of file