diff --git a/README.MD b/README.MD index 824dfce0..fde0e0d7 100644 --- a/README.MD +++ b/README.MD @@ -57,6 +57,15 @@ oidc-gen will also add the generated configuration to the agent. So you don't have to run oidc-add afterwards. However, if you want to load an existing configuration oidc-add is your friend. +Most likely you do not have already a client registered and don't want to do it through a web +interface. If the provider supports dynamic registration (iam does), you can let the agent +register a new client for you. You can run ```oidc-gen -r``` to start this flow. Using iam +password grant type is not supported using dynamic registration. The client is registered +and you have to contact the provider to update the client config manually. After that is +done, you can specify the saved client config file to oidc-gen using ```oidc-gen -f ``` +and finish the provider configuration. Afterwards the config should be added to oidc-agent +and can be used by oidc-add normally to add and remove the provider from the agent. + ### oidc-add oidc-add will add an existing configuration to the oidc-agent, making it useable. You have to provide the short name of the provider configuration via command line