Update index doc

docs/index.md

@@ -8,9 +8,36 @@ description: |-
 
 # PingOne Advanced Identity Cloud Provider
 
-The PingOne Advanced Identity Cloud provider is used to manage Advanced Identity Cloud tenants.
+The PingOne Advanced Identity Cloud provider is used to manage Advanced Identity Cloud tenants. For more information on Advanced Identity Cloud, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/home.html).
 
-For information on obtaining an access token to use with this provider, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/developer-docs/authenticate-to-rest-api-with-access-token.html).
+## Authentication
+
+This provider supports two forms of authentication.
+
+### Service Account
+
+You can provide a service account ID and private key for use with the provider. These will be used to retrieve the access token necessary for interacting with the API. The service account must have the following scopes: `fr:idc:certificate:*`, `fr:idc:content-security-policy:*`, `fr:idc:cookie-domain:*`, `fr:idc:custom-domain:*`, `fr:idc:esv:*`, `fr:idc:promotion:*`, `fr:idc:sso-cookie:*`. For information on configuring this service account, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/developer-docs/authenticate-to-rest-api-with-access-token.html) - you will only need to complete the step of creating the service account, setting its scopes, and downloading the private key.
+
+These values can be provided in the provider configuration with `service_account_id` and `service_account_private_key`, or via the corresponding environment variables.
+
+```hcl
+provider "identitycloud" {
+  tenant_environment_fqdn     = var.my_aic_tenant_environment_fqdn
+  service_account_id          = var.my_aic_service_account_id
+  service_account_private_key = file("private-key.jwk")
+}
+```
+
+### Access Token
+
+If you would prefer to provide an access token directly, you can do so with the `access_token` attribute, or the corresponding environment variable. For information on obtaining an access token to use with this provider, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/developer-docs/authenticate-to-rest-api-with-access-token.html).
+
+```hcl
+provider "identitycloud" {
+  tenant_environment_fqdn = var.my_aic_tenant_environment_fqdn
+  access_token            = var.my_aic_access_token
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

templates/index.md.tmpl

@@ -8,9 +8,36 @@ description: |-
 
 # PingOne Advanced Identity Cloud Provider
 
-The PingOne Advanced Identity Cloud provider is used to manage Advanced Identity Cloud tenants.
+The PingOne Advanced Identity Cloud provider is used to manage Advanced Identity Cloud tenants. For more information on Advanced Identity Cloud, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/home.html).
 
-For information on obtaining an access token to use with this provider, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/developer-docs/authenticate-to-rest-api-with-access-token.html).
+## Authentication
+
+This provider supports two forms of authentication.
+
+### Service Account
+
+You can provide a service account ID and private key for use with the provider. These will be used to retrieve the access token necessary for interacting with the API. The service account must have the following scopes: `fr:idc:certificate:*`, `fr:idc:content-security-policy:*`, `fr:idc:cookie-domain:*`, `fr:idc:custom-domain:*`, `fr:idc:esv:*`, `fr:idc:promotion:*`, `fr:idc:sso-cookie:*`. For information on configuring this service account, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/developer-docs/authenticate-to-rest-api-with-access-token.html) - you will only need to complete the step of creating the service account, setting its scopes, and downloading the private key.
+
+These values can be provided in the provider configuration with `service_account_id` and `service_account_private_key`, or via the corresponding environment variables.
+
+```hcl
+provider "identitycloud" {
+  tenant_environment_fqdn     = var.my_aic_tenant_environment_fqdn
+  service_account_id          = var.my_aic_service_account_id
+  service_account_private_key = file("private-key.jwk")
+}
+```
+
+### Access Token
+
+If you would prefer to provide an access token directly, you can do so with the `access_token` attribute, or the corresponding environment variable. For information on obtaining an access token to use with this provider, see the [documentation](https://backstage.forgerock.com/docs/idcloud/latest/developer-docs/authenticate-to-rest-api-with-access-token.html).
+
+```hcl
+provider "identitycloud" {
+  tenant_environment_fqdn = var.my_aic_tenant_environment_fqdn
+  access_token            = var.my_aic_access_token
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema