From c6b3fdbe3e483b8255cc9f5d8c408e7830a74362 Mon Sep 17 00:00:00 2001
From: Henning Jacobs <henning@jacobs1.de>
Date: Thu, 12 Jan 2017 22:51:11 +0100
Subject: [PATCH] relevant OAuth env vars

---
 docs/access-control.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docs/access-control.rst b/docs/access-control.rst
index 4a85dbd..89347af 100644
--- a/docs/access-control.rst
+++ b/docs/access-control.rst
@@ -4,6 +4,18 @@ Access Control
 
 Kube Ops View supports protecting the UI via the OAuth Authorization Code Grant flow.
 
+Relevant configuration settings (environment variables) for OAuth are:
+
+``APP_URL``
+    The app's own URL, e.g. https://kube-ops-view.example.org. This is used to construct the OAuth 2 redirect URI (callback URL).
+``AUTHORIZE_URL``
+    OAuth 2 authorization endpoint URL, e.g. https://oauth2.example.org/authorize
+``ACCESS_TOKEN_URL``
+    Token endpoint URL for the OAuth 2 Authorization Code Grant flow, e.g. https://oauth2.example.org/token
+``CREDENTIALS_DIR``
+    Folder path to load client credentials from. The folder needs to contain two files: ``authcode-client-id`` and ``authcode-client-secret``.
+
+
 TODO: how to configure
 
 Screen Tokens