diff --git a/AGENTS.md b/AGENTS.md
index b177ea2..3542f93 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -60,6 +60,7 @@ Default superuser (change in production):
 
 ### Authentication Flow
 - **JWT-based**: Access tokens (15 min) + refresh tokens (7 days)
+- **OAuth/Social Login**: Google and GitHub with PKCE support
 - **Session tracking**: Database-backed with device info, IP, user agent
 - **Token refresh**: Validates JTI in database, not just JWT signature
 - **Authorization**: FastAPI dependencies in `api/dependencies/auth.py`
@@ -236,7 +237,7 @@ docker-compose exec backend python -c "from app.init_db import init_db; import a
 ## Current Status (Nov 2025)
 
 ### Completed Features ✅
-- Authentication system (JWT with refresh tokens)
+- Authentication system (JWT with refresh tokens, OAuth/social login)
 - Session management (device tracking, revocation)
 - User management (CRUD, password change)
 - Organization system (multi-tenant with RBAC)
@@ -257,7 +258,7 @@ docker-compose exec backend python -c "from app.init_db import init_db; import a
 ### Planned 🔮
 - GitHub Actions CI/CD
 - Additional languages (Spanish, French, German, etc.)
-- Additional authentication methods (OAuth, SSO)
+- SSO/SAML authentication
 - Real-time notifications (WebSockets)
 - Webhook system
 - Background job processing
diff --git a/README.md b/README.md
index f9d4b72..2143960 100644
--- a/README.md
+++ b/README.md
@@ -52,6 +52,7 @@ Whether you're building a SaaS, an internal tool, or a side project, PragmaStack
 
 ### 🔐 **Authentication & Security**
 - JWT-based authentication with access + refresh tokens
+- **OAuth/Social Login** (Google, GitHub) with PKCE support
 - Session management with device tracking and revocation
 - Password reset flow (email integration ready)
 - Secure password hashing (bcrypt)
@@ -511,7 +512,7 @@ docker-compose down
 ## 🛣️ Roadmap & Status
 
 ### ✅ Completed
-- [x] Authentication system (JWT, refresh tokens, session management)
+- [x] Authentication system (JWT, refresh tokens, session management, OAuth)
 - [x] User management (CRUD, profile, password change)
 - [x] Organization system with RBAC (Owner, Admin, Member)
 - [x] Admin panel (users, organizations, sessions, statistics)
@@ -539,7 +540,7 @@ docker-compose down
 - [ ] Dynamic test coverage badges from CI
 - [ ] E2E test coverage reporting
 - [ ] Additional languages (Spanish, French, German, etc.)
-- [ ] Additional authentication methods (OAuth, SSO)
+- [ ] SSO/SAML authentication
 - [ ] Real-time notifications with WebSockets
 - [ ] Webhook system
 - [ ] File upload/storage (S3-compatible)