edits [netlify-build]

stayseesong · stayseesong · commit ae39a671a019 · 2023-09-26T14:58:52.000-07:00
diff --git a/src/api/public-api/index.md b/src/api/public-api/index.md
@@ -39,6 +39,9 @@ Within seconds, GitHub scans each commit in public repositories for Public API t
 
 Learn more about [GitHub's secret scanning program](https://docs.github.com/en/developers/overview/secret-scanning-partner-program){:target="_blank"}.
 
+## OAuth 2.0
+You can authenticate and authorize the Public API using [OAuth 2.0](/docs/connections/oauth/#supported-sources).
+
 ### Frequently Asked Questions
 #### What should I do if I see a notification that my token was exposed?
 In most cases, identifying and revoking an exposed token takes seconds. Segment recommends you check the [audit trail](/docs/segment-app/iam/audit-trail/) to ensure no unauthorized actions were taken with the token.
diff --git a/src/connections/functions/source-functions.md b/src/connections/functions/source-functions.md
@@ -385,6 +385,9 @@ Once configured, find the webhook URL - either on the **Overview** or **Settings
 
 Copy and paste this URL into the upstream tool or service to send data to this source.
 
+## OAuth 2.0
+You can authenticate source functins with [OAuth 2.0](/docs/connections/oauth/#supported-sources).
+
 ## Source function FAQs
 
 ##### What is the retry policy for a webhook payload?
diff --git a/src/connections/oauth.md b/src/connections/oauth.md
@@ -12,12 +12,12 @@ Depending on your workspace permissions, your access to OAuth apps is limited.
 
 Segment Role | Permission
 ------------ | -----------
-Workspace Owner | You can view/create/edit **Workspace Settings>Access Management>OAuth application**.
-Workspace Member | You cannot view/create/edit **Workspace Settings > Access Management > OAuth app**.
-Source Admin | You can view/edit **Source> Settings > OAuth app**. <br> You can connect/disconnect OAuth application. <br> You can enable/disable OAuth enforcement.
-Source Read-only | You can only view **Source > Settings > OAuth app**.
-Function Admin | You can view/edit **Source Function Instance > Settings > OAuth app**. <br>You can connect/disconnect OAuth application. <br>You can enable/disable OAuth enforcement.
-Function Read-only | You can only view **Source Function Instance > Settings > OAuth application**.
+Workspace Owner | You can view, create, and edit OAuth apps.
+Workspace Member | You cannot view, create, or edit OAuth apps.
+Source Admin | You can view and edit OAuth apps. <br> You can connect and disconnect OAuth apps. <br> You can enable or disable OAuth enforcement.
+Source Read-only | You can only view OAuth apps.
+Function Admin | You can view and edit OAuth apps. <br>You can connect and disconnect OAuth apps. <br>You can enable and disable OAuth enforcement.
+Function Read-only | You can only view OAuth apps.
 
 ## Create an OAuth app
 
@@ -44,9 +44,11 @@ To create a new OAuth application:
     Public key | Upload a public key in PEM format to authenticate through the OAuth application. You can upload a second public key after you create the OAuth application. 
     Public key name | Enter a name for your public key. 
     Token expiration period | You can choose between: 1 day, 2 days, 3 days, 1 week, 2 weeks, 3 weeks, 30 days.
-    Scope | This specifies what type of access is needed for each API. For pilot, Segment offers these 2 scopes: <br><li>Tracking API <br><li><li> `tracking_api:write` <br><li>Public API <br><li><li>`public_api:read_write`
+    Scope | This specifies what type of access is needed for each API. See the list of [supported scopes](#supported-scopes).
 6. Click **Create**. 
 
+Once you create your OAuth app, you can now connect a source to your OAuth app. 
+
 ## Connect a source to OAuth
 > info ""
 > OAuth only supports server-side sources and does not support. Currently for beta, only http API and node.js and public api and source functions are other api points that are covered 
@@ -108,4 +110,23 @@ To remove a token:
 2. Select the *OAuth application tab within the **Access Management** page. 
 3. Select the **App name** with the token you want to delete. 
 4. Enter the complete token
-5. Click **Revoke token**.
+5. Click **Revoke token**.
+
+## Supported sources
+OAuth 2.0 currently supports these sources:
+* [HTTP Tracking API](/docs/connections/sources/catalog/libraries/server/http-api/)
+* [Node.js](/docs/connections/sources/catalog/libraries/server/node/)
+* [Python](/docs/connections/sources/catalog/libraries/server/python/)
+* [Source Functions](/docs/connections/functions/source-functions/)
+
+## Supported scopes 
+OAuth 2.0 currently supports these scopes:
+
+**Tracking API scopes**
+   * `tracking_api:write`
+
+**Source Functions scopes**
+   * `functions:write`
+
+**Public API scopes**
+   * `public_api:read_write`
