From ec778e3d9fc1e5ccf504c8e7c46299e69b9f7e1f Mon Sep 17 00:00:00 2001
From: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Date: Fri, 10 Jun 2022 16:29:49 -0700
Subject: [PATCH] docs/oidc: adds missing steps for Google Workspace
 configuration (#15943)

---
 website/content/docs/auth/jwt/oidc_providers.mdx | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/website/content/docs/auth/jwt/oidc_providers.mdx b/website/content/docs/auth/jwt/oidc_providers.mdx
index 5ac770701..e4c22a09d 100644
--- a/website/content/docs/auth/jwt/oidc_providers.mdx
+++ b/website/content/docs/auth/jwt/oidc_providers.mdx
@@ -214,6 +214,8 @@ To set up the Google-specific handling, you'll need:
 - A Google Workspace account with the [super admin role](https://support.google.com/a/answer/2405986?hl=en)
   for granting domain-wide delegation API client access.
 - The ability to create a service account in [Google Cloud Platform](https://console.developers.google.com/iam-admin/serviceaccounts).
+- To enable the [Admin SDK API](https://console.developers.google.com/apis/api/admin.googleapis.com/overview).
+- An OAuth 2.0 application with an [external user type](https://support.google.com/cloud/answer/10311615#user-type).
 
 The Google-specific handling that's used to fetch Google Workspace groups and user information in Vault uses
 [Google Workspace Domain-Wide Delegation of Authority](https://developers.google.com/admin-sdk/directory/v1/guides/delegation)