From 98d8d8886db8816c86de3be0dcb2cc81d8709a82 Mon Sep 17 00:00:00 2001
From: jianglai <jianglai@google.com>
Date: Tue, 12 Jun 2018 12:23:36 -0700
Subject: [PATCH] Add documentation for AUTH_PUBLIC_OR_INTERNAL

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=200259762
---
 docs/authentication-framework.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/authentication-framework.md b/docs/authentication-framework.md
index 5011363d3..8e56e8e36 100644
--- a/docs/authentication-framework.md
+++ b/docs/authentication-framework.md
@@ -122,6 +122,11 @@ make sense. A master enumeration lists all the valid triplets. They are:
     authenticated user. The method is `INTERNAL`, the minimum level is `APP`,
     and the user policy is `IGNORED`.
 
+*  `AUTH_PUBLIC_OR_INTERNAL`: Allows anyone access, as long as they use OAuth to
+    authenticate. Also allows access from App Engine task-queue. Note that OAuth
+    client ID still needs to be whitelisted in the config file for OAuth-based
+    authentication to succeed. This is mainly used by the proxy.
+
 ### Action setting golden files
 
 To make sure that the authentication and authorization settings are correct for