Auth guidance #405
Description
The AIP's are quiet on auth, but OpenAPI has support for some things https://swagger.io/docs/specification/v3_0/authentication/
I don't think the AEPs should get too prescriptive on this, but I would like a way to document required oauth2 scopes (or other industry-recognized schemes) in the protobufs and have them end up in the generated docs.