diff --git a/README.md b/README.md
index 0d7656cba8..a6faccdb2d 100644
--- a/README.md
+++ b/README.md
@@ -227,9 +227,15 @@ echo "Installing oauth2-proxy..."
 kustomize build common/oauth2-proxy/overlays/m2m-self-signed/ | kubectl apply -f -
 kubectl wait --for=condition=ready pod -l 'app.kubernetes.io/name=oauth2-proxy' --timeout=180s -n oauth2-proxy
 ```
-
 It supports user sessions as well as proper token-based machine to machine atuhhentication.
 
+:warning: Using default [example.yaml](https://github.com/kubeflow/manifests/blob/master/example/kustomization.yaml) in clusters that don't have support `/.well-known/openid-configuration` endpoints will cause issues for users trying to communicate to Kubeflow pipelines via Notebooks.
+
+You can overwrite the M2M token issuer [here](https://github.com/kubeflow/manifests/blob/afc358d6d473a24029149f2a0ca21671af4aca6d/common/oauth2-proxy/overlays/m2m/component-overwrite-m2m-token-issuer/kustomization.yaml#L8).
+
+For EKS clusters, please check [here](https://github.com/kubeflow/manifests/blob/master/common/oauth2-proxy/overlays/m2m/README.md).
+
+
 #### Dex
 
 Dex is an OpenID Connect Identity (OIDC) with multiple authentication backends. In this default installation, it includes a static user with email `user@example.com`. By default, the user's password is `12341234`. For any production Kubeflow deployment, you should change the default password by following [the relevant section](#change-default-user-password).