From 24edb5c2851ce5ec2d28d76f35ae0ae981afb405 Mon Sep 17 00:00:00 2001
From: "nelson.parente" <nelson_parente@live.com.pt>
Date: Fri, 25 Jul 2025 17:33:17 +0100
Subject: [PATCH] doc: oauth middleware pathFilter

Signed-off-by: nelson.parente <nelson_parente@live.com.pt>
---
 .../supported-middleware/middleware-oauth2.md                  | 3 +++
 .../supported-middleware/middleware-oauth2clientcredentials.md | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2.md b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2.md
index 3ce811359..6a62fbcae 100644
--- a/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2.md
+++ b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2.md
@@ -36,6 +36,8 @@ spec:
     value: "authorization"
   - name: forceHTTPS
     value: "false"
+  - name: pathFilter
+    value: ".*/users/.*"
 ```
 
 {{% alert title="Warning" color="warning" %}}
@@ -54,6 +56,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 | redirectURL | The URL of your web application that the authorization server should redirect to once the user has authenticated | `"https://myapp.com"`
 | authHeaderName | The authorization header name to forward to your application | `"authorization"`
 | forceHTTPS | If true, enforces the use of TLS/SSL | `"true"`,`"false"`                                           |
+| pathFilter | Applies the middleware only to requests matching the given path pattern | `".*/users/.*"`
 
 ## Dapr configuration
 
diff --git a/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2clientcredentials.md b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2clientcredentials.md
index 1ea9d1246..10f52e983 100644
--- a/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2clientcredentials.md
+++ b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-oauth2clientcredentials.md
@@ -30,6 +30,8 @@ spec:
     value: "https://accounts.google.com/o/oauth2/token"
   - name: headerName
     value: "authorization"
+  - name: pathFilter
+    value: ".*/users/.*"
 ```
 
 {{% alert title="Warning" color="warning" %}}
@@ -47,6 +49,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
 | headerName | The authorization header name to forward to your application | `"authorization"`
 | endpointParamsQuery | Specifies additional parameters for requests to the token endpoint | `true`
 | authStyle | Optionally specifies how the endpoint wants the client ID & client secret sent. See the table of possible values below | `0`
+| pathFilter | Applies the middleware only to requests matching the given path pattern | `".*/users/.*"`
 
 ### Possible values for `authStyle`