From 5db5c5ff8a1bbfbc0ea1e02d63144a9585a34adf Mon Sep 17 00:00:00 2001
From: danbf <dan.meruelo@buzzfeed.com>
Date: Fri, 8 Feb 2019 10:41:50 -0500
Subject: [PATCH] sso: add attribution to our readme

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index 3362ea75..1a3d4606 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,8 @@ Group membership can be required on a per-upstream basis.
 The main idea behind **sso** is a "double OAuth2" flow, where `sso-auth` is the
 OAuth2 provider for `sso-proxy` and Google is the OAuth2 provider for `sso-auth`.
 
+[sso](https://github.com/buzzfeed/sso) is built on top of Bitly’s open source [oauth2_proxy](https://github.com/bitly/oauth2_proxy)
+
 In a nutshell:
 
 - If a user visits an `sso-proxy`-protected service (`foo.sso.example.com`) and does not have a session cookie, they are redirected to `sso-auth` (`sso-auth.example.com`).
@@ -69,5 +71,9 @@ If you come across any security vulnerabilities with the **sso** repo or softwar
 
 **sso** is actively maintained by the BuzzFeed Infrastructure teams.
 
+## Notable forks
+
+ - [pomerium](https://github.com/pomerium/pomerium) an identity-access proxy, inspired by BeyondCorp.
+
 [docker_hub]: https://hub.docker.com/r/buzzfeed/sso/
 [sso_survey]: https://docs.google.com/forms/d/e/1FAIpQLSeRjf66ZSpMkSASMbYebx6QvECYRj9nUevOhUF2huw53sE6_g/viewform