From 8b5d9ab6dd467967ec5322ad1cd38eb1992b8ed4 Mon Sep 17 00:00:00 2001
From: "David J. Allen" <davidallendj@gmail.com>
Date: Sun, 10 Mar 2024 20:14:38 -0600
Subject: [PATCH] Updated README.md

---
 README.md | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index e3a95a1..34952fb 100644
--- a/README.md
+++ b/README.md
@@ -23,9 +23,17 @@ To start the authentication flow, run the following commands:
 ./opaal login  --flow authorization_code --config config.yaml
 ```
 
-These commands will create a default config, then start the login process. Maybe sure to change the config file to match your setup!
+These commands will create a default config, then start the login process. Maybe sure to change the config file to match your setup! The tool has been tested and confirmed to work with the following identity providers so far:
+
+- [Gitlab](https://about.gitlab.com/)
+- [Forgejo](https://forgejo.org/) (fork of Gitea)
+
+### Authorization Code Flow
+
+`opaal` has the ability to completely execute the authorization code and return an access token from an authorization server using social sign-in. The process works as follows:
 
 1. Click the authorization link or navigate to the hosted endpoint in your browser (127.0.0.1:3333 by default)
+	- Alternatively, you can use a link produced 
 2. Login using identity provider credentials
 3. Authorize application registered with IdP
 4. IdP redirects to specified redirect URI
@@ -37,6 +45,11 @@ These commands will create a default config, then start the login process. Maybe
 
 *After receiving the ID token, the rest of the flow requires the appropriate URLs to be set to continue.
 
+### Client Credentials Flow
+
+`opaal` also has
+
+
 ## Configuration
 
 Here is an example configuration file:
@@ -105,4 +118,6 @@ options:
 - Add details about configuration parameters
 - Implement client credentials flow to easily fetch tokens
 - Fix how OAuth clients are managed with the authorization server
-- Fix how the trusted issuer is added to the authorization server
\ No newline at end of file
+- Fix how the trusted issuer is added to the authorization server
+- Allow signing JWTs by supplying key pair
+- Separate `jwt_bearer` grant type from the authorization code flow
\ No newline at end of file