diff --git a/IdentityProvider/proxmox.md b/IdentityProvider/proxmox.md
new file mode 100644
index 0000000..31f7af1
--- /dev/null
+++ b/IdentityProvider/proxmox.md
@@ -0,0 +1,74 @@
+# Proxmox
+
+## Base URLs:
+IDP: `fac.mydomain.com`  
+SP: `pve01.mydomain.local`
+
+## FAC
+
+**#1 Authentication > OAuth Service > Portals**
+1) Create New
+2) Name: `Proxmox`
+3) leave everything else default
+4) Save
+![IDP](images/proxmox_idp_01.png)
+
+**#2 Authentication > OAuth Service > Policies**
+1) Create New
+2) Policy type: Name: `Proxmox`
+3) Identity sources: `Realm: select your realm and Groups in den Filter that should have access`
+4) Authentication factors: Change settings to your needs, f.e. `Application name for FTM push notification: Proxmox`
+![IDP](images/proxmox_idp_02.png)
+
+**#3 Authentication > OAuth Service > Scopes**
+1) Create New (if not already there)
+2) Name: `profile`
+3) Name: `email`
+![IDP](images/extra_scopes.png)
+
+**#4 Authentication > OAuth Service > Relying Party**
+1) Name: `Proxmox`
+2) Client type: `Confidential`
+3) Authorization grant types: `Authorization code`
+4) Client ID: `note this ID`
+5) Client secret: `note this secret`
+6) Policy: `choose Proxmox from Step 2`
+7) Access token expiry: `change to your needs or leave default (36000 seconds)`
+8) Refresh token expiry: `change to your needs or leave default (1 day)`
+9) Redirect URIs: `https://pve01.mydomain.com:8006` (if you have multiple hosts just enter them same way with space in between)
+10) Add 3 Scopes with `+ Add Relying Party Scope`
+11) Set the scopes to this:
+| Scope      | Default |
+| :---        |    :----:   |
+| openid      | x       |
+| email      | x       |
+| profile      | x       |
+12) Save
+13) Add 1 Claim with `+ Add Claim`
+14) Set the Claims to this:
+| Scope      | Name | User Attribute |
+| :---        |    :----:   |    :----:   |
+| openid      | preferred_username | Email |
+15) Save
+![IDP](images/proxmox_idp_03.png)
+
+## Proxmox VE
+
+**#1 Datacenter > Permissions > Realms**
+1) Click on `Add` and choose `OpenID Connect Server` from dropdownlist
+2) Issuer URL: `https://fac.mydomain.com/api/vl/oauth`
+3) Realm: `FortiAuthenticator` (choose name whatever you want)
+4) Client ID: `ID from FAC step #4-4`
+5) Client Key: `secret from FAC step #4-5`
+6) Default: Check this if you want FAC to be your default IDP to login
+7) Autocreate Users: Check this if you want autocreation of users.
+8) Username Claim: `username`
+9) Scopes: `Default (email profile)`
+10) Prompt: `Auth-Provider Default`
+11) Add
+![SP](images/proxmox_sp_01.png)
+
+**#2 Datacenter > Permissions**
+1) Click on `Add` to create a new Group Permission
+![SP](images/proxmox_sp_02.png)
+2) Now you can change to Group on autocreated users to the groups you have just created to give new users permissions.
\ No newline at end of file