From 7f81a515735bb90c7f0e479d5666263a050d3ff3 Mon Sep 17 00:00:00 2001
From: John Andersen <johnandersenpdx@gmail.com>
Date: Tue, 12 Sep 2023 15:02:17 +0000
Subject: [PATCH] Document OIDC authentication middleware usage with GitHub
 Actions

Signed-off-by: John Andersen <johnandersenpdx@gmail.com>
---
 docs/oidc.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 docs/oidc.md

diff --git a/docs/oidc.md b/docs/oidc.md
new file mode 100644
index 00000000..70924f1d
--- /dev/null
+++ b/docs/oidc.md
@@ -0,0 +1,21 @@
+# OIDC Support
+
+- References
+  - [5.1.1.1.1.](https://github.com/ietf-wg-scitt/draft-ietf-scitt-architecture/blob/main/draft-ietf-scitt-architecture.md#comment-on-oidc)
+
+## Dependencies
+
+Install the SCITT API Emulator with the `oidc` extra.
+
+```console
+$ pip install -e .[oidc]
+```
+
+## Usage example with GitHub Actions
+
+See [`notarize.yml`](../.github/workflows/notarize.yml)
+
+References:
+
+- https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/using-openid-connect-with-reusable-workflows
+- https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect