edits

Author: stayseesong

src/api/public-api/index.md

@@ -40,6 +40,10 @@ Within seconds, GitHub scans each commit in public repositories for Public API t
 Learn more about [GitHub's secret scanning program](https://docs.github.com/en/developers/overview/secret-scanning-partner-program){:target="_blank"}.
 
 ## OAuth 2.0
+
+> info ""
+> This feature is currently in pilot and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}. 
+
 You can authenticate and authorize the Public API using [OAuth 2.0](/docs/connections/oauth/#supported-sources).
 
 ### Frequently Asked Questions

src/connections/functions/source-functions.md

@@ -386,6 +386,10 @@ Once configured, find the webhook URL - either on the **Overview** or **Settings
 Copy and paste this URL into the upstream tool or service to send data to this source.
 
 ## OAuth 2.0
+
+> info ""
+> OAuth 2.0 is currently in pilot and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}. 
+
 You can authenticate source functins with [OAuth 2.0](/docs/connections/oauth/#supported-sources).
 
 ## Source function FAQs

src/connections/oauth.md

@@ -1,11 +1,12 @@
 ---
 title: OAuth 2.0
+hidden: true
 ---
 
-OAuth 2.0 is an online authorization tool that uses tokens to grant access to API resources like Segment’s tracking API. You can use OAuth 2.0 as a security requirement for connections to third-party tools. 
+OAuth 2.0 is an online authorization standard that uses tokens to grant access to API resources like Segment’s tracking API. You can use OAuth 2.0 as a security requirement for connections to third-party tools. 
 
 > info ""
-> This feature is currently in pilot. For pilot, Segment doesn’t support OAuth for Web and Mobile sources where an end-user is involved. OAuth 2.0 only supports server to Segment communication, a machine-to-machine workflow. 
+> This feature is currently in pilot and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}.  OAuth 2.0 only supports server to Segment communication, a machine-to-machine workflow. Take a look at the [supported sources](#supported-sources) to see what sources are currently supported.
 
 ## Permissions 
 Depending on your workspace permissions, your access to OAuth apps is limited. 
@@ -26,39 +27,32 @@ Function Read-only | You can only view OAuth apps.
 
 To create a new OAuth application:
 
-1. Create a private and public key by running the script:
-
-    ```
-    openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:2048
-    openssl rsa -in private.pem -pubout -outform PEM -out public.pem
-    ```
-
-2. Navigate to **Settings > Workspace** settings and select the Access Management tab. 
-3. Select the **OAuth application** tab within the **Access Management** page. 
-4. Click **Create OAuth app**.
-5. Enter the configuration settings:
+1. Navigate to **Settings > Workspace** settings and select the Access Management tab. 
+2. Select the **OAuth application** tab within the **Access Management** page. 
+3. Click **Create OAuth app**.
+4. Enter the configuration settings:
 
     Settings | Details
     -------- | -------
     Application name | The name of the OAuth app.
-    Public key | Upload a public key in PEM format to authenticate through the OAuth application. You can upload a second public key after you create the OAuth application. 
+    Public key | Upload a public key in PEM format to authenticate through the OAuth application. You can upload a second public key after you create the OAuth application. You can create a public key by running the script: `openssl rsa -in private.pem -pubout -outform PEM -out public.pem`
     Public key name | Enter a name for your public key. 
     Token expiration period | You can choose between: 1 day, 2 days, 3 days, 1 week, 2 weeks, 3 weeks, 30 days.
     Scope | This specifies what type of access is needed for each API. See the list of [supported scopes](#supported-scopes).
-6. Click **Create**. 
+5. Click **Create**. 
 
 Once you create your OAuth app, you can now connect a source to your OAuth app. 
 
 ## Connect a source to OAuth
 > info ""
-> OAuth only supports server-side sources and does not support. Currently for beta, only http API and node.js and public api and source functions are other api points that are covered 
+> OAuth only supports server-side sources. See the list of [supported sources](#supported-sources).
 
 To connect a source to OAuth: 
 
 1. Navigate to **Connections > Sources**.
 2. Select the source you want to enable OAuth for. 
 3. Go to the **Settings** tab of the source page and select **OAuth app**. 
-4. Click **Create OAuth app**. 
+4. Click **Connect OAuth app**. 
 5. Select the OAuth app you want to connect the source to. 
 6. Click **Connect**. 
 7. Select the toggle to **Enable OAuth** for the source. 
@@ -104,8 +98,9 @@ To delete an OAuth app:
 5. Enter the name of the OAuth app you want to delete. 
 6. Click **Delete OAuth app**. 
 
-## Remove a token
-To remove a token: 
+## Revoke a token
+
+When security incidents expose access tokens, you can revoke your access token. To revoke a token: 
 1. Navigate to **Settings > Workspace settings** and select the **Access Management** tab. 
 2. Select the *OAuth application tab within the **Access Management** page. 
 3. Select the **App name** with the token you want to delete. 
@@ -116,6 +111,7 @@ To remove a token:
 OAuth 2.0 currently supports these sources:
 * [HTTP Tracking API](/docs/connections/sources/catalog/libraries/server/http-api/)
 * [Node.js](/docs/connections/sources/catalog/libraries/server/node/)
+* [Public API](/docs/api/public-api/)
 * [Python](/docs/connections/sources/catalog/libraries/server/python/)
 * [Source Functions](/docs/connections/functions/source-functions/)