diff --git a/docs/data-sources/external_auth.md b/docs/data-sources/external_auth.md
index b875b874..af4df43b 100644
--- a/docs/data-sources/external_auth.md
+++ b/docs/data-sources/external_auth.md
@@ -19,6 +19,10 @@ Use this data source to require users to authenticate with an external service p
 
 - `id` (String) The ID of a configured external auth provider set up in your Coder deployment.
 
+### Optional
+
+- `optional` (Boolean) Authenticating with the external auth provider is not required, and can be skipped by users when creating or updating workspaces
+
 ### Read-Only
 
 - `access_token` (String) The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.
diff --git a/provider/externalauth.go b/provider/externalauth.go
index 89ab5ecc..31dadd66 100644
--- a/provider/externalauth.go
+++ b/provider/externalauth.go
@@ -32,8 +32,13 @@ func externalAuthDataSource() *schema.Resource {
 			},
 			"access_token": {
 				Type:        schema.TypeString,
-				Computed:    true,
 				Description: "The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.",
+				Computed:    true,
+			},
+			"optional": {
+				Type:        schema.TypeBool,
+				Description: "Authenticating with the external auth provider is not required, and can be skipped by users when creating or updating workspaces",
+				Optional:    true,
 			},
 		},
 	}
diff --git a/provider/externalauth_test.go b/provider/externalauth_test.go
index a320684b..826f0a91 100644
--- a/provider/externalauth_test.go
+++ b/provider/externalauth_test.go
@@ -36,6 +36,40 @@ func TestExternalAuth(t *testing.T) {
 
 				attribs := resource.Primary.Attributes
 				require.Equal(t, "github", attribs["id"])
+				require.Equal(t, "", attribs["optional"])
+
+				return nil
+			},
+		}},
+	})
+}
+
+func TestOptionalExternalAuth(t *testing.T) {
+	t.Parallel()
+
+	resource.Test(t, resource.TestCase{
+		Providers: map[string]*schema.Provider{
+			"coder": provider.New(),
+		},
+		IsUnitTest: true,
+		Steps: []resource.TestStep{{
+			Config: `
+			provider "coder" {
+			}
+			data "coder_external_auth" "github" {
+				id = "github"
+				optional = true
+			}
+			`,
+			Check: func(state *terraform.State) error {
+				require.Len(t, state.Modules, 1)
+				require.Len(t, state.Modules[0].Resources, 1)
+				resource := state.Modules[0].Resources["data.coder_external_auth.github"]
+				require.NotNil(t, resource)
+
+				attribs := resource.Primary.Attributes
+				require.Equal(t, "github", attribs["id"])
+				require.Equal(t, "true", attribs["optional"])
 
 				return nil
 			},