From fe1160c93a10a2eb4b9fc90769378491cfa62df1 Mon Sep 17 00:00:00 2001
From: lijianguo <lijianguo@zhumengyuan.com>
Date: Tue, 16 Mar 2021 16:28:56 +0800
Subject: [PATCH] chore(docs): add OAuth 2.0 settings

---
 src/managing-workflow/tuning-component-settings.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/managing-workflow/tuning-component-settings.md b/src/managing-workflow/tuning-component-settings.md
index 5cefcedf1..7d1544fa4 100644
--- a/src/managing-workflow/tuning-component-settings.md
+++ b/src/managing-workflow/tuning-component-settings.md
@@ -89,6 +89,20 @@ LDAP_USER_FILTER   | The name of the login field in the users search base (defau
 LDAP_GROUP_BASEDN  | The distinguished name of the search base for user's groups names (default: "")
 LDAP_GROUP_FILTER  | The filter for user's groups (default: "", example: ```objectClass=person```)
 
+### OAuth 2.0 Password Grant settings
+
+The following environment variables are available for enabling OAuth 2.0 Password Grant.
+If you have configured both of LDAP authentication and OAuth 2.0, LDAP authentication first.
+authentication of user accounts in the [Controller][] component:
+
+Setting                  | Description
+-------------------------| ---------------------------------
+OAUTH_ACCESS_TOKEN_URL  | The URI of the OAuth 2.0 get token server. (default: ""). If not specified, OAuth 2.0 authentication is not enabled(default: "", example: ```http://hostname```).
+OAUTH_ACCESS_API_URL    | The URI of the OAuth 2.0 get resources server. (default: "")
+OAUTH_CLIENT_ID         | The client id.
+OAUTH_CLIENT_SECRET     | The client secret.
+OAUTH_CACHE_USER_TIME   | Cache user object, prevent too frequent request to the OAuth 2.0 authentication server.
+
 ### Global and per application settings
 
 Setting                                         | Description