From 4ca0189524bbd8742f6a20464fc0020ef5efe041 Mon Sep 17 00:00:00 2001
From: Cuong Manh Le <cuong.manhle.vn@gmail.com>
Date: Wed, 24 Jun 2020 00:05:21 +0700
Subject: [PATCH] docs/docs/identity-providers: document gitlab default scopes
 changed (#980)

Fixes #938
---
 docs/docs/identity-providers/gitlab.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/docs/docs/identity-providers/gitlab.md b/docs/docs/identity-providers/gitlab.md
index 45bdb794d..67a67eede 100644
--- a/docs/docs/identity-providers/gitlab.md
+++ b/docs/docs/identity-providers/gitlab.md
@@ -25,9 +25,9 @@ Field        | Description
 ------------ | --------------------------------------------
 Name         | The name of your web app
 Redirect URI | `https://${authenticate_service_url}/oauth2/callback`
-Scopes       | **Must** select **openid**, **read_user** and **read_api**
+Scopes       | **Must** select the same as **[identity scopes]** option
 
-If no scopes are set, we will use the following scopes: `openid`, `read_api`, `read_user`, `profile`, `email`.
+If no scopes are set, you **must** select **openid**, **api**, **profile** and **email**.
 
 Your `Client ID` and `Client Secret` will be displayed like below:
 
@@ -67,3 +67,5 @@ When a user first uses pomerium to login, they will be presented with an authori
 ![gitlab access authorization screen](./img/gitlab/gitlab-verify-access.png)
 
 Please be aware that [Group ID](https://docs.gitlab.com/ee/api/groups.html#details-of-a-group) will be used to affirm group(s) a user belongs to.
+
+[identity scopes]: ../../configuration/readme.md#identity-provider-scopes